Professional Documents
Culture Documents
Risk – ambiguous and has different meaning, we use the term “loss exposure” to identify
potential losses.
A loss exposure is any situation or circumstance in which a loss is possible regardless of whether
a loss occur.
Risk ≠ Uncertainty
The term risk is used where the probability of possible outcomes can be estimated with some
accuracy while uncertainty is used where probabilities cannot be estimated.
Uncertainty Metrics:
1. A subjective probability
2. The pair (Q, K) where Q is a measure of uncertainty and K the background knowledge
that supports Q
Risk Metrics
- Combination of probability and magnitude/severity of consequences.
- The triplet (𝒔𝒊 , 𝒑𝒊 , 𝒄𝒊) where 𝒔𝒊 is the ith scenario, 𝒑𝒊 is the probability of that scenario,
and 𝒄𝒊 is the consequence of the ith scenario, I = 1..N.
- The triplet 𝑪′, 𝑸, 𝑲 where C′ is some specified consequences, Q (a probability) a
measure of uncertainty associated with C’, and K the background knowledge that
supports C’ and Q (which includes a judgment of the strength of this knowledge.
- Expected consequences (damage, loss). Example: Fatal Accident Rate, Vulnerability
Metric...
The more important consideration for risk managers is not the magnitude of the event, but the
impact or consequences.
Probability of density function – continuous variable between two ranges (ex: P(a ≤ X ≤ b))
Risk management is part of an organization program, the tradeoffs between risk and return.
There are 3 tools of risk management :
- Reserve
* with greater reserves against adverse outcome, the risk is control
* but greater reserves imply lower returns
- Diversification
* it has benefits.
* but sometimes we might want to concentrate and make money on additional
idiosyncratic risk.
* it is not possible to diversify away all risks.
- Insurance
* car insurance : the value of the car is knowable over the year; the amount of the
insurance is easy to ascertain.
* we might not know how much insurance is necessary and when it might need the
insurance.
Risk Tolerance:
Organization is readiness to bear the risk after risk treatments in order to achieve its objectives.
Risk Appetite:
Amount and type of risk that an organization is prepared to seek, accept and tolerate
Risk Management:
Identification, assessment, and prioritization of risks (positive and negative) followed by
coordinated and economical application of resources to minimize, monitor, and control the
probability and/or impact of unfortunate events or to maximize the realization of opportunities.
1. Compliance risks:
It is the threat posed to an organization’s financial organizational, or reputational standing
resulting from violations of laws, regulation, codes of conduct, or organizational standards of
practice.
Environmental risks, Workplace health and Safety, SR, Quality, and Process risk
2. Hazard or pure risks:
There are certain risk events that can only result in negative outcomes. Operational or
insurable risks. In general, organizations will have a tolerance of hazard risks and these need
to be managed whitin the levels of tolerance of the organization.
3. Control or uncertainty risks:
There are certain risks that give rise to uncertainty about the outcome of a situation.
Organizations will have an aversion to control risks. Uncertainties can be associated with the
benefits that the project produces, as well as uncertainty about the delivery of the project on
time, within budget and to specification.
4. Opportunity or speculative risks:
Organizations deliberately take risks, especially marketplace or commercial risks, in order to
achieve a positive return. These can be considered as opportunity or speculative risks, and an
organization will have a specific appetite for investment in such risks.
The role of a risk manager is not just defensive. Firms need to generate and apply information
about balancing risk and reward if they are to compete effectively in the long term.
Implementing the appropriate policies, methodologies, and infrastructure to risk – adjust
numbers and improve forward-looking business decisions is an increasingly important element
of the modern risk manager’s job.
The risk and the profitability analyses aren’t always accepted or welcomed in the wider firm
when they deliver bad news. There should be extensive interaction, but not dominance. There
should be understanding, but not collusion.
No one has found a best practice way to measure certain types of risk such as reputation of
franchise risk The difficulty is technical
It’s hard to jump over a cliff on a business idea if all your competitors are doing that too (herding
behavior) The difficulty is systemic.
Opportunity Management
It is the approach that seeks to maximize the benefits of taking entrepreneurial risks.
Organization will have an appetite for investing in opportunity risks.
Risk management assists project managers in setting priorities, allocating resources, and
implementing actions and processes that reduce the risk of the project not achieving its
objectives.