Unit 1 Flashcards
Definitions of risk -IRM
The combination of the probability of an event and it’s consequences
Definition of risk -ISO Guide 73
Effect of uncertainty on objectives
Risk definition-IIA
Uncertainty of an event occurring that could have an impact on the achievement of objectives. Measured in terms of consequences and likelihood
Risk definition-Hopkins
An event with the ability to impact (inhibit, enhance or cause doubt about) the effectiveness and efficiency of the core processes of an organisation
Types of risk
Compliance (or mandatory)
Hazard (or pure)
Control (or uncertainty)
Opportunity (or speculative)
Definition of risk management-ISO
Co-ordinated activities to direct and control an organisation with regard to risk
Definition of risk management-Hopkin
Management activities to deliver the most favourable outcome and reduce the volatility or variability of that outcome
Definition of credit risk
The risk of loss if another party fails to perform its obligations or fails to perform them in a timely manner
Definition of market risk
The risk that arises from fluctuations in values of, or income from, assets or interest or exchange rates
Definition of liquidity risk
Risk that sufficient financial resources are not maintained to meet liabilities as they fall due
Definition of operational risk
The risk of loss resulting from inadequate or failed internal processes, people or systems or from external events eg cyber attack
Principles of risk management
PACED. Proportionate; Aligned; Comprehensive; Embedded; Dynamic
Aims of risk management
MADE2. Mandatory; Assurance; Decision Making; Effective and Efficient core processes
Definition-key dependencies
Key things that the organisation needs to be successful; they might be internal or external things but in short, they are what the business depends on for its future success
Definition-core processes
Fundamental to org success because they are the means of delivery of strategy and continuity of operations. A core process can be defined as ‘the collection of activities that deliver a specific stakeholder expectation’
Definition-stakeholder expectations
Stakeholders are the parties who have a stake in the business, or are affected by what the org does- investors, suppliers, customers, wider society, govt
4 Reg risk categories
Credit, market, liquidity, operational
Hopkin 4 types of risk
Compliance, Hazard; control; opportunity
4 FIRM risk categories
Financial (credit, market, insurance, liquidity)
Operational
Reputational
Strategic
Components of market risk
Interest rate risk, equity risk, FX risk, commodity risk
Categories of operational risk
Hardest to measure, manage and monitor. Excludes strategic and reputational.
Internal process risk
People risk
Systems risk
External risk
Legal risk
Orange book-RM Principles
Governance and leadership; integral part of all org activities; collaborative and informed by best available information; processes should be structured (risk id, assessment, appetite etc); RM continually improved
Orange book -RM framework
Supports consistent and robust identification and management of opportunities and risks within desired levels across an org, supporting openness, challenge, innovation and excellence in the achievement of objectives
8 R/s and 4 Ts
Recognition
Rating
Ranking
Responding ( tolerate, treat, transfer, terminate)
Resourcing controls
Reaction planning
Reporting on risks
Reviewing and monitoring
Hopkin stages?
Unaware of obligations- Inform- compliance mgt
Awareness of non-compliance-Reform- Hazard management
Actions to ensure compliance-Conform- control management
Achieve business opportunities- Perform- opportunity management
Inactivity caused by obsession- Deform