Professional Documents
Culture Documents
1) Strategic risks
2) Operational risks
3) Financial risks
4) Hazard risks
1) Risk identification
2) Risk assessment
3) Risk prioritization
4) Response planning
5) Risk monitoring
1) Expected loss
2) Unexpected loss
3) Maximum probable loss
4) Maximum possible loss (also called extreme or
catastrophic loss)
1) Strategic
2) Operations
3) Reporting
4) Compliance
SMA: ERMF defines residual risk as: “The level of risk that
remains after management has taken action to mitigate the
risk.”
Inherent risk
− Activities of management to mitigate/address the risk
= Residual risk
1) Event inventories
2) Internal analysis
3) Escalation or threshold triggers
4) Facilitated workshops or interviews
5) Process flow analysis
6) Leading event indicators
7) Loss event data methodologies