Week 1 - Introduction to ERM Flashcards
What is risk?
Risk is uncertainty that matters. A risk is the effect of uncertainty (favorable or unfavorable outcomes) on certain objectives. Objectives are what matters. Without objectives, there are no risks (that matter)
What are the four types of risks?
- Black Swan
- Grey Rhino
- White Elephant
- Black Jellyfish
Type of Risk: Black Swan
BLACK SWAN
- Highly improbable
- Massive impact
- With hindsight - should have predicted
Unpredictable by nature, impossible to foresee based on historical data
Type of Risk: Grey Rhino
GREY RHINO
- Highly probable
- High impact
- Neglected threat
Not random surprise, but occur after a series of warnings and visible evidence. Risk is evident and event is foreseeable
Type of Risk: White Elephant
WHITE ELEPHANT
- is an investment where cost of upkeep is not in line with its usefulness or value
Expensive project or asset that is not delivering anticipated returns
Type of Risk: Black Jellyfish
BLACK JELLYFISH
- Predictable
- High impact
- Ignored
Are ignored because they are feared or uncomfortable to confront
What is the impact of agility on risk
Agility is important to business success. The more time lost making decisions, adjusting strategy, implementing a mitigating action, or implementing a regulatory change to ensure compliance, the more a business is exposed to risk. Since risks don’t impact only one area of the business (ex., IT failures) it is important to identify and understand the impacts of risks to ensure they are effectively managed.
A short-sighted view of strategy is dangerous and can threaten a business’ sustainability
A properly informed strategic approach built on solid foundations will contribute to long-term success
Why is risk management important?
- Traditionally, risk management has been viewed through the lens of minimizing or avoiding risk, with resources focused on protecting value.
- Over time, businesses have realized that risk management is fundamental to enhancing performance, driving value creation and ensuring sustainability.
- A culture of informed risk-taking from top down helps to develop the agility and resilience needed to thrive in times of increased complexity, ambiguity and uncertainty.
- Executives are managing risks on a daily basis - ERM provides a
common language and a framework to make their management of risks visible.
Why is strategic risk unique?
Strategic risks speak to the survivability of your organization - you miss them, you’re gone.
Strategic risks are long-term risk that relate to strategic decisions or objectives set by the Board; while operational risks are short-term risks that relate to systems, processes and products.
Examples of strategic risks include - changes in senior leadership; market or industry changes; problems with suppliers or other stakeholders; company reputational damage; financial challenges.
