‼️ [Workplace] Risk Management Flashcards
A high-level characterization of the amount of uncertainty (acceptable risk) an organization is willing to pursue or to accept to attain its risk management goals.
Risk Appetite
Situation in which a person or organization may benefit from undue influence due to involvement in outside activities, relationships, or investments that conflict with or have an impact on the employment relationship or its outcomes.
Conflict of Interest
Situation in which one party engages in risky behavior knowing that it is protected against the risk because another party will incur any resulting loss.
Moral Hazard
Uncertainty that has an effect on an objective, where outcomes may include opportunities, losses, and threats.
Risk
Situation in which an agent (for example, an employee) makes decisions for a principal (for example, an employer) potentially on the basis of personal incentives that may not be aligned with the principal’s incentives.
principal-agent problem
Action taken to manage a risk.
Risk Control
Tool used to gather individual assessments of various characteristics of risk (for example, frequency of occurrence; degree of impact, loss, or gain for the organization; degree of efficacy of current controls).
Risk scorecard
Metrics that provide an early signal of increasing risk exposures for an enterprise.
Key Risk Indicators (KRI)
Principle that organizations should take all steps that are reasonably possible to ensure the health, safety, and well-being of employees and protect them from foreseeable injury.
Duty of care
Protocol that an organization implements when an identified risk event occurs.
Contingency plan
Expected monetary loss for an asset due to a risk over a one-year period; calculated by multiplying single loss expectancy by annualized rate of occurrence.
Annualized Loss Expectancy (ALE)
Organization’s desired gain or acceptable loss in value.
Risk position
System for identifying, evaluating, and controlling actual and potential risks to an organization.
Risk management
A characterization of the amount of uncertainty (acceptable risk) an organization is willing to pursue or to accept to attain its risk management goals, defined in a range above and below a target.
Risk tolerance
Reporting of an organization’s violations of policies and processes by employees.
Whistleblowing