Page 32 - Risk Management Bulletin April -June 2021
P. 32
RMAI BULLETIN APRIL TO JUNE 2021
Glossary
Market Risk and numerical data, along with mathematical analysis
The risk that a company may experience losses due to methods, in order to reduce bias and produce a more
external market drivers such as interest rates or foreign accurate measure of risk. Impact rating may be based
currency rates. If a company has a large portfolio of on the specific losses that would be occurred from a
variable interest rate debt then it has market risk risk event and probability may be derived from past
related to interest rates. In this case a company may incidents or other measurable key risk indicators.
seek to limit its risk by purchasing swaps which would Residual Risk
partially or completely offset any market driven losses.
The rating of risk after the beneficial effects of risk
Operational Risk mitigations have been considered. It represents the
This is the risk driven by exposure to uncertainty net level of risk facing organization after risk controls.
arising from daily tactical business activities. An Because risk mitigations can moderate both the impact
example of an operational risk is the failure to provide and likelihood of a risk event, residual risk is usually
financial statements to the Board for their review. calculated as the product of residual likelihood times
Another operational risk is the risk that the the residual impact of an event.
organization incurs a cybersecurity incident.
Risk
Liquidity Risk There are many different definitions and
Exposure to adverse impacts stemming from the interpretations of the word risk. Most dictionaries
mismatch of cash inflows and outflows. The risk describe risk as some form of exposure to danger,
crystallizes where an organization is at least harm or loss. This concept was carried into early
temporarily unable to meet its payment obligations as enterprise risk management models, which
they come due. characterized risk as something bad that should be
minimized. In contrast, a modern enterprise risk
Likelihood
management programs view risk as "the effect of
The probability of a specific risk event occurring. In an uncertainty on objectives."
ERM context, it is one of the two primary axes of a
heat map and one of the two factors used to generate Risk Appetite
a risk score (along with impact). It is typically assessed A description of the amount and types of risk that an
using a 1 - 5 scale (ranging from "rare" to "almost organization wishes to take in order to achieve its
certain"). Additional quantitative measures, such as
desired objectives. It usually starts with a broadly
percentage of occurrence amounts, may be associated written organizational-wide statement and then
with likelihood levels. provides a series of more refined statements for
Mitigation certain situations (usually done by risk category). It is
In enterprise risk management terms, mitigation expressed in terms of residual risk levels (after
typically refers to the processes put in place by considering the effects of risk mitigations).
management that seek to reduce the likelihood of risk Risk Transfer
events occurring and/or their impact should risk events In enterprise risk terms, risk transfer is a risk treatment
materialize. In ERM terms, risk mitigations are
sometimes also referred to as risk controls. approach that uses legal contracts to shift residual risk
from one party to another. One example is the purchase
Quantitative Risk Assessment of an insurance policy, by which a specified risk of loss
An approach to risk assessment that focuses on factual is passed from the policyholder to the insurer. T
30
