Unit 1

Question 0

Define risk profile

Answer 0

overall risk exposure currently faced by the organisation

Question 1

Define ERM

Answer 1

• no 1 definition
• RM conducted throughout the organisation
• In a structured & consistent way
• considers all risks faced & their interactions
• integrates risk measures into business reporting
• allowing to influence strategic decisions
• CRF lead by CRO

Question 2

Define risk appetite

Answer 2

Desired level of risk the organisation wishes to take on, on an on-going basis.

Question 3

What is the risk profiling process

Answer 3

1. Identify risks
2. assess likelihood and impact
3. Decide how to deal with risks

Question 4

Describe the 5 ERM concepts

Answer 4

1. Holistic approach
   Consider enterprise as a whole
2. Upside and downside risks
   Not just consider downside, seize opportunities
3. Quantify risks
   Use to determine whether a risk is acceptable or not
4. Unquantifiable risks
   Class into subjective categories
   Nature of risk makes it difficult to assess
5. Respond to risks
   When ID & measured, need to determine a response

Question 5

What are the Benefits of ERM?

Answer 5

- better Risk reporting
increase business efficiency 
- Improve business performance
-- loss reduction
-- uncertainty management
-- performance optimisation

Question 6

Board’s responsibility in ERM?

Answer 6

• define risk profile
• skill themselves to be able to successfully implement ERM strategies
• guiding decision as to the most appropriate approach to ERM for the organisation
• set direction, structure and culture
• approve suitable internal controls
• actively monitor risk reporting

Question 7

What’s the line managers responsibility in ERM?

Answer 7

• implement board decisions
• set up processes for ERM
• integrate risk reporting into business reporting
• understand risks they are taking
• and extent of risk taking power
• supported with thorough documentation

Question 8

Describe stakeholder management

Answer 8

Communicate effectively with stakeholders
Internal Comms to board and relevant committees
– they are fully aware of risks
– consistent “risk language” to ensure no risk is left out or doubled up
External Comms with regulator/ supervisory body

Question 9

what are the 5 steps in RM Process?

Answer 9

ID risks faced
Risk analysis to quantify risks
Evaluating info-risks compared to limits
How to manage risks and implement actions
Monitoring processes - risks and management actions continually reviewed

Question 10

What organisational structures help to set a good risk culture?

Answer 10

Set from the top
Codes of honesty and fair dealing
Clear organisational responsibility for the ID And management of risks
Every employee sees it as their job to ID new risks/ increases in risks

Question 11

What are the main ideas to setting a good risk culture?

Answer 11

Consultative leadership 
Participation in decision-making
Openness
Accountability rather than blame
Organisational learning 
Knowledge sharing
Good internal communications

Question 12

List the 5 aims of internal controls

Answer 12

Accurate and adequate record keeping
Prevent fraud and safeguard the company assets
Guarantee accuracy of financial statements
Respond to risks
Ensure compliance with law and legislation

Question 13

Key to excellence in corporate governance

Answer 13

Communication with stakeholders
Independence of board
Board performance
Board compensation arrangements
*fairness
*social responsibility

Question 14

6 points that should be covered when a risk committee is set up

Answer 14

1 purpose
2 responsibility 
3 membership
4 performance assessment 
5 frequency of meetings
6 resources available

Question 15

Outline an audit committees role?

Answer 15

Monitor integrity of financial statements
Monitor and review internal functions
- financial control
- risk management
- internal audit
Recommend, monitor and review external auditors

Question 17

Responsibility of an internal audit function.

Answer 17

Check financial transaction information
Review risk management function
Monitor compliance with law and regulations
Check for system errors
Non-observance of internal governance
Examine key spreadsheets for errors
Examine procedures for paying insurance premiums on time and observance of insurance conditions

Question 18

Responsibilities of an external Audit function

Answer 18

validation of the risk management function by a separate entity

• Maybe required by regulator
• Potentially provides an additional source of learning

Question 19

List the types of bias

Answer 19

Intentional - deliberately underestimates a risk to achieve a specific personal goal
Unintentional - error due to lack of experience or time

Question 20

how can bias be introduced into a project?

Answer 20

• insufficient care/time
• Key risk left out, intentionally or accidentally
• incorrect assumption about risk’s independence
• likelihood of disaster underestimated
• cash flows deliberately biased towards optimistic
• calculations / spreadsheets containing errors potentially leading to incorrect evaluations

Question 21

What types of bodies can exercise supervision and control?

Answer 21

• Industry bodies
• Industry regulator
• Professional bodies
• Professional Regulator
• Government authority

Question 22

What are the two different types of regulators?

Answer 22

Functional - different authorities oversee different actions

Unified - single regulator covers a range of actions

Question 23

What considerations should be given to managing a relationship with a regulator?

Answer 23

• Their aims and objectives
• Insurers reputation
• Proactive and Engaging as early as possible
• transparency of communications
• accountability for relationship mangement

Question 24

Define Market Risk

Answer 24

Risk arising from changes in investment market values or other features correlated with investment markets, such as inflation or interest rates

Question 25

Define Operational Risk

Answer 25

All risk of loss associated with failure of people processes and systems (Basel - includes legal excludes reputational and strategic)

Question 26

What are the tests for internal models?

Answer 26

• the use test
• statistically qualitative standards
• calibrate standard - output to calculate the SCR
• profit and loss attribution
• validation standards
• documentation standards

Question 27

Minimum capital requirement for Solvency II?

Answer 27

E 3m + margin (premium/reserve)

- achievable over 1 year with a 80-90% confidence interval

Question 28

Key features of Sarbane-Oxley?

Answer 28

• Public accountability oversight board to inspect published accounts of quoted firms
• Increased accountability for CFOs and CEOs of public accounts
• published reports must contain an internal control report
• require external auditors to report in the assessment made by the management
• illegal for management to interfere with audit process
• illegal to destroy records or documents with intent to influence investigation

Question 29

What is the role of credit rating agencies in evaluating risk management?

Answer 29

to provide credit rating as an indication of credit worthiness

Question 30

What is the risk management grading criteria?

Answer 30

1. Risk management culture
2. risk control
3. extreme event management
4. risk models and economic capital models
5. strategic risk management