Benchmarking - Answer The process of measuring the performance of an
organization against external standards of reference that frequently come
... [Show More] from
similar organizations doing similar things.
Corporate governance - Answer The system of rules, practices and processes
by which a company is directed and controlled
Enterprise risk management - Answer A strategic discipline that supports the
achievement of an organization's objectives by addressing the full spectrum of
its risk and managing the combined impact of those risks as an interrelated risk
portfolio.
Strategy: Consider all risks and exploit risks as part of strategy
Measurement: Include Upside of Risk (Bugalla and Kugler)
Look at building, expanding, exploiting to add value
Push and Pull risk performance data
This approach is Coordinated & Strategic
Gap analysis - Answer Comparison of an existing process or procedure to
recognized standards in order to identify deficiencies or excesses in the existing
process.
Technique that can be used to determine what steps might need to be taken to
improve the organization's capacity to move from a current state to a desired
future state.
Key performance indicator (KPI) - Answer An activity that signals the
achievement of organizational objectives
Key risk indicator (KRI) - Answer A measurement of how risk and volatility relate
to achieving organizational objectives
Designed to manage the downside of risk
Leading indicators of risk to business performance; giving early warning of
potential risk
early signal of changes in risk exposures in various areas of the enterpriseRisk Metrics - Answer Integrated into the performance objectives of the
organization for monitoring risks
Examples: KPIs and KRIs
Indemnification - Answer Contractual obligation placed on the indemnifier to
return the indemnified to essentially the same financial condition that existed
prior to the loss or claim, to stand in as the source for financing the legal liability
Contractual Risk Transfer - Answer A legally binding agreement between two
parties whereby one agrees to indemnify and hold another party harmless for
specified actions, inactions, injuries or damages
Hold Harmless - Answer wording that requires one party to shield the other party
from the effects of the legal liability assignable to transfer or obligor
Risk Transfer/Sharing - Answer Action taken when 1) costs of retaining risks
exceeds the organization's risk tolerance; 2) risks (or some portion) can be
transferred at a lower cost; 3) risks should be apportioned based on an
agreement, and 4) it is required by regulation
Insurance - Answer Risk-transfer mechanism that ensured full or partial financial
compensation for the loss, damage and legal obligations of a policyholder or
beneficiary
PESTLE analysis - Answer Political, Economic, Social, Technological, Legal and
Environmental and identifies the categories utilized to analyze internal and
external environments.
Risk - Answer The effect of uncertainty on objectives
Chance of Something happening that has an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as
discovered
Risk appetite - Answer The total exposed amount that an organization wishes to
undertake on the basis of risk-return trade-offs for one or more desired and
expected outcomes
how much risk the company will take on
linked to rewards (risk-return trade-offs)express qualitatively or quantitively
Risk attitude - Answer An organization's or individuals' view/perspective of the
perceived qualitative and quantitative value that may be gained in comparison to
the related potential loss or losses.
Risk culture - Answer The beliefs, values, norms and traditions of behavior of
individuals and groups within an organization that determine the way in which
they identify, understand, discuss and act on the risk(s) the organization
confronts and takes.
Risk champion - Answer Any person in an organization who is a leader and
influences peers regarding the value that risk management adds to the
organization.
Risk governance - Answer The architecture within which risk management
operates in a company
Questions to consider when choosing a governance framework:
*Does a Standard/Framework already exist?
*How effective is the current paradigm?
*What are the gaps between the current and ideal state?
*Which Standard/Framework do key Stakeholders prefer?
Risk management - Answer The process of making and implementing decisions
that will minimize the adverse effects of accidental losses on an organization
strategic business discipline that supports the achievement of an organization's
objectives by addressing the full spectrum of its risks and managing the
combined impact of those risks as an interrelated risk portfolio
Risk owner - Answer An individual accountable for the identification,
assessment, treatment, and monitoring of risks in a specific environment
the individual who is ultimately accountable for ensuring that a risk/risks are
managed appropriately, including the implementation of selected responses.
Risk portfolio - Answer A complete collection and range of uncertainties that
affect an organization's future.
Risk tolerance - Answer The amount of uncertainty an organization is prepared [Show Less]