Week 4

Question 1

what is risk mitigation

Answer 1

implementing measures to reduce
the likelihood and impact of
identified risks

Question 2

Importance of Risk mitigation

Answer 2

• Protects from losses.
• business continuity.
• operational resilience.
• regulatory compliance.
• stakeholder confidence.

Question 3

4 risk mitigation strategies

Answer 3

Avoidance - eliminate chance
Reduction - reduce likelihood
Sharing - with other parties
Acceptance - no controls added

Question 4

4 types of risk controls

Answer 4

Preventative - reduce likelihood
detective - detect during or just after occurrence
directive -
corrective - mitigate the after impacts

Question 5

What is the most rigorous test in control testing

Answer 5

Reperformance - replicating control processes on sample transactions, high risk environments

Question 6

what is four-eyes check

Answer 6

> 1 person reviewing the same information

Question 7

solution to slips

Answer 7

improving workspaces, reducing noise, and clarifying responsibilities

Question 7

what are Slips

Answer 7

errors due to distraction, inattention, or poor work environments

Question 7

how can mistakes be categorized

Answer 7

Rule based - Flawed/conflicting rules
Knowledge based - Lack of training

Question 8

solution to knowledge based mistakes

Answer 8

training, escalation procedures, and
job guidance.

Question 8

what are Violations

Answer 8

Deliberate disregard for rules

Question 9

mitigation for violations

Answer 9

supervision and strong organizational culture

Question 9

What are active errors

Answer 9

Direct operator actions (e.g., pressing the wrong button)

Question 10

What is Risk transfer

Answer 10

Mitigating risk by transferring it, (insurance or outsourcing)

Question 10

what are latent errors

Answer 10

Flawed processes that manifest later (e.g., poor incentive leading to internal fraud)

Question 11

solutions to human error

Answer 11

Checklists,
Communication protocols,
Standardization,
Improved work environments.

Question 12

how is human error seen in engineering

Answer 12

as a process failure, not a
personal failure.

Question 13

what does Insurance cover/ not cover

Answer 13

covers operational losses not reputational

Question 14

benefit of outsourcing

Answer 14

reduce costs or outsource non-core
activities to specialists.

Question 15

why is outsourcing not considered risk transfer

Answer 15

reputational risk remains

Question 16

How can human error be reduced

Answer 16

Process Redesign: Improve reliability

Checklists

Strong Communication Protocols

Standardization: reduce procedure variability.

Better Work Environments: Enhance operational efficiency.

Question 17

when is Self-insurance used

Answer 17

small losses, external insurance used for larger ones

Question 18

Definition of risk transfer

Answer 18

Moving the consequence or causes of a risk to another party

Question 19

considerations of risk transfer

Answer 19

• Cost vs. risk reduction.
• Reputation risk cannot be outsourced.

Question 20

two methods of risk transfer

Answer 20

insurance and outsourcing

Question 20

components of risk mitigation plans

Answer 20

Risk Description Mitigation Measures Responsibilities Resources Timeline

Question 21

what is Root Cause Analysis (RCA)

Answer 21

systematic process used to identify the underlying causes of problems or incidents

Question 22

Effective Monitoring and Review Practices for mitigation measures

Answer 22

continuous monitoring regular reviews feedback loops adjustments and updates

Question 23

Steps in the Root Cause Analysis Process

Answer 23

Define problem Collect data Identify causes Analyse Develop solutions Implement and monitor

Question 23

Best Practices for Implementation of risk mitigation

Answer 23

Prioritization Resource Allocation Training Documentation

Question 24

where is RCA essential

Answer 24

significant operational risk events and near misses

Question 24

Purpose of RCA

Answer 24

pinpoints why an issue occurred and prevents its recurrence

Question 25

what is Systematic root cause analysis

Answer 25

drawing links across incidents to implement organization-wide solutions

Question 25

Second Line of Defense involvement in RCA

Answer 25

Monitors, tracks, escalates

Question 25

First Line of Defense involvement in RCA

Answer 25

Leads root cause analysis and creates action items - Uses a standardized template

Question 25

how is a bow-tie tool laid out

Answer 25

risk event in centre Preventive controls on left Detective and corrective controls on right

Question 26

3 steps to RCA

Answer 26

1, Decompose problem 2. Create timeline 3. Check logic and facts

Question 26

What is conduct

Answer 26

behavior of individuals within the organization and how they adhere to policies

Question 26

Bow-tie analysis

Answer 26

an effective tool for root cause analysis

Question 26

Importance of Root Cause Analysis

Answer 26

True cause identification Long Term solutions Recurrence reduction operational efficiency

Question 27

Tools and Techniques for RCA

Answer 27

* 5 Whys * Fishbone Diagram (Ishikawa) * Pareto Analysis * Failure Mode and Effects Analysis (FMEA)

Question 27

what are the 5 whys in RCA

Answer 27

asking why repeatedly to drill to root cause

Question 27

What does the imbalance of preventive and corrective controls in a bow -tie tool lead to

Answer 27

Leads the firm to “fire-fight” and remediate, while feeling overwhelmed by workload

Question 28

Challenges of action plans

Answer 28

Disconnect between appetite and action plan can waste/misallocated resources

Question 28

what is a fishbone diagram in rca

Answer 28

Visual tool that categorizes potential causes of problems

Question 28

what is the Failure Mode and Effects Analysis (FMEA) in RCA

Answer 28

evaluating processes to identify where and how they might fail

Question 29

what is the Pareto Analysis in RCA

Answer 29

identifying the most significant causes using the 80/20 rule

Question 30

Action Plan Purpose

Answer 30

reduce risk levels, typically following incidents /near misses that exceed risk appetite

Question 31

Second Line of Defense Role in action plans

Answer 31

design action plans and support follow-up, ensuring business lines don't underplay risks

Question 31

Key elements of action plans

Answer 31

*Clear ownership and accountability * Deadlines *Consistency with risk appetite

Question 32

Best Practices for Implementing Action Plans

Answer 32

Communication Resource Training Monitoring Documentation

Question 32

components of an effective action plan

Answer 32

Problem Statement Objectives Actions/Responsibilities Resources timeline evaluation

Question 33

Effective Monitoring and Review Practices for action plans

Answer 33

Check-Ins KPIs Feedback Improvement

Question 33

Benefits of Root Cause Analysis and Action Plans

Answer 33

Long-Term Solutions Enhanced Problem-Solving Efficiency Better Decision Operational Excellence

Question 34

Future of RCA and Action Plans

Answer 34

advanced analytics and machine learning refinement of RCA - new tech adapt RCA processes to changing risk Bow-Tie Analysis for better RCA

Question 34

What is culture

Answer 34

shared values, beliefs, and norms that influence how employees think

Question 35

Importance of culture and conduct

Answer 35

critical for establishing a strong risk management framework

Question 36

what are conduct and culture critical for

Answer 36

establishing a strong risk management framework

Question 37

what influences a firms Risk Culture

Answer 37

history, ethos, vision, and leadership.

Question 37

Elements of a Strong Risk Culture

Answer 37

Leadership committed Clear Values Training Communication Accountability

Question 38

Why are Conduct and Culture Important

Answer 38

Integrity and Ethics Risk Awareness Stakeholder Trust Sustainable Success

Question 38

How to Achieve Change

Answer 38

Willingness and Ability Training Clarifying Basics

Question 39

what is the Risk Function's Aspiration

Answer 39

trust and respect with the first line

Question 40

Desirable risk behaviours

Answer 40

Encouraging staff to speak up about risks Overcoming "blame culture"

Question 40

How to Achieve Change through incentive levels

Answer 40

Personal Motivation Social Motivation Structural Motivation Effective Change

Question 40

what is effective change

Answer 40

combining all three levels of motivation

Question 41

How to Achieve Change through personal values

Answer 41

Promoting Positive Change Consultation

Question 42

who should be involved before implementing changes.

Answer 42

opinion leaders/ influencers - their agreement helps promotion of ideas

Question 43

what builds an influencing environment

Answer 43

Propinquity Occupational Propinquity Consistency

Question 43

who are Influencers

Answer 43

Respected for their competence and empathy, not always SM but helps

Question 44

drawback of Virtual propinquity

Answer 44

less effective than physical proximity

Question 45

Rules of an Influencing Environment

Answer 45

Incentive Structures Positive Reinforcement Risk-Based Performance Measures Negative Reinforcement

Question 46

How to Assess Progress of an Influencing Environment

Answer 46

Define Success Measurable Behaviors Track Regularly

Question 47

what is Conduct Risk

Answer 47

risk of inappropriate, unethical, or unlawful behavior by employees

Question 48

Examples of Conduct Risk

Answer 48

Fraud, insider trading, bribery, harassment, discrimination

Question 49

Impact of Conduct Risk

Answer 49

legal penalties, reputational damage, financial losses, erosion of stakeholder trust

Question 50

Methods for Assessing Conduct Risk

Answer 50

Employee Surveys and Questionnaires Incident Reporting Systems Audits and Reviews Behavioral Analytics

Question 51

Strategies for Promoting Ethical Conduct

Answer 51

Code of Conduct Leadership by Example Reward and Recognition Whistleblower Protection Training

Question 51

whats the Role of Leadership in Shaping Culture

Answer 51

Vision and Values Behavioral Expectations Engagement and Inclusion Consistent Actions Feedback and Improvement

Question 51

5 Tools for Measuring Culture and Conduct

Answer 51

Surveys Focus Groups Metrics Exit Interviews 360-Degree Feedback

Question 52

what are the Benefits of a Strong Conduct and Culture Framework

Answer 52

Enhanced Reputation Employee Engagement Risk Mitigation Regulatory Compliance Organizational Performance

Question 53

what are the Future Trends in Conduct and Culture

Answer 53

Behavioral Regulation Integration with Risk Management Continuous Improvement