A. LECTURE 1: Introduction
• Nature of risk:
- Risk: ‘the condition in which there exists a quantifiable dispersion in the
possible outcomes from any activity’
ie a ‘threat’ based on experience or likelihood
Results/ Outcomes will differ to those expected
- Risk perspectives:
Downside risk: something goes wrong – effect is damaging
Upside risk: outcome is better than expected
- A company’s appetite for risk drives its activities – opening new ventures,
new products, etc
- Uncertainty: ‘inability to predict the outcome from an activity due to a lack of
information about the input/ output relationship or about the environment
within which the activity takes place’
- Organisational risks are inevitable:
Management must consider:
what level of risk is acceptable? (risk appetite)
how total risks should be effectively managed? (risk strategy)
- Categorising risks:
• Risk and Return:
- Return on productive assets expected by a company: - depends on the risks
of investments
- Expected returns should be:
higher for investments that are more risky
lower for low-risk investments/ activities
- The same relation exists for investors:
debt capital: creditors’ returns (coupon/ interest) are lower due to assured
payment schedules & collateral
, equity shareholders: bear more risk, expect higher returns in long-term
(capital and dividends)
- Risk:
unavoidable (part of life!)
taking controlled informed risk is sensible
uncontrolled/ uninformed risk is problematic
- In Business:
competitive and dynamic environment
embrace risk (profit = reward for risk-taking!)
BUT: how much risk? Expected returns?
• Risk-based management:
Risk audit/ mapping identifies and evaluates risks then puts in place a robust,
effective and appropriate control system for the management of those risks
There is no definitive system of risk management, though a suitable approach
includes
- 3. Risk assessment:
Once identified, organisations need to consider:
+ nature of risk and implications: type of risk: eg key person risk, natural
disaster, terrorist attack, regulatory restriction (sanctions) etc
+ potentially severity of impact: business critical or just a temporary
annoyance?
+ frequency and/ or probability
- 4. Risk profiling:
+ diagrammatical representation: chart or graph, plot series of risks on map
+ typical risk map: 2 scales: X axis – severity of loss, Y axis – frequency of loss
+ managing risks: depending on the position on the risk map
, Examples: Risk map:
- 5. Risk quantification:
+ process of evaluating and priortising risks – subjective
+ quantify risk:
usually best to do so in monetary terms
different ways of quantifying the impact of risk
. statistical inference, eg expected values of loss (EV)
. financial modelling, eg Value at Risk (VaR)
. decision trees and matrices for conditional probabilities
. computer simulations, eg Monte Carlo simulation
. sensitivity (‘what-if’) analysis
- 6. Risk Management:
+ risk prioritization due to significance
+ policies which may be adopted:
accept it: dependent on materiality, ignore immaterial risks
abandon it: implement an exit strategy from operation
, control it: build in safeguards to operational process
transfer it: in full (or in part) to a third party (eg insurance)
- 7. Review process & feedback:
+ risk based approaches: requires embedded system for continual risk
management
+ elements:
. full support from Board of Directors – allocate responsibility and
accountability for risks
. culture of risk-awareness amongst employees
. continual process of reviewing and reassessing risks
. early warning indicators to detect any shifts in risks since previous
assessment
+ residual risk: ‘exposure to risk (loss) once known risks have been accounted
for’ – eg systematic/ systemic risk (non-diversifiable risk)
• Risk Management Strategies:
- Committee of Sponsoring Organisations of the Treadway Commission (COSO)
– 2004
- Emphasised the need for ERM
- Key characteristics:
+ a process intertwined with existing operations
+ operated by staff at every level of the organization
+ applied in strategy setting
+ applied across the enterprise
+ identify risk events within its risk appetite
+ provides reasonable assurance to management
+ geared to achievement of objectives
• Controlling risks:
- Identifying risks is only half the problem
- Organisations:
Consider appropriate forms of control to manage risks:
+ organizational structure
+ governance
+ management accounting controls
+ audit
+ ethical codes
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller charlottewang98. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.00. You're not tied to anything after your purchase.