Show Menu

Risk Management Foundation Cheat Sheet by




Risk management framework is the basic structure of integr­ating the risk management process throughout the organi­zation.
All companies face risk; Without risk, there is no reward. The flip side of this is that too much risk can lead to business failure. Risk management allows a balance to be struck between taking risks and reducing them.
Effective risk management can add value to any organi­zation.
Well-run companies will have a compre­hensive risk management framework in place to identify existing and potential risks and assess how to deal with them if they arise.
Effective Framework consists of: Risk Identi­fic­ation, Measur­ement, Mitiga­tion, Reporting & Monito­ring, and Governance

Risk Management Approach

Scan the Enviro­nment - Evaluates how each risk management process aligns w/ Org's overall objective.
Performs review of internal & external enviro­nment
Identify Risks - Orgs. perform risk assessment to discover risks.
Its not possible to identify all risks, but the Org. must identify key & emerging risks that may prevent the Org. from meeting its objectives
Analyze Risks - Loss exposures are analyzed by estimating the signif­icance of the possible losses previously identi­fied.
Applies the risk criteria to determine the source, cause, liklihood, and potential conseq­uences of the risk
Treat Risks - Risk treatment options used to reduce the level of risk or exploit positive risks.
Compares the level of risk from the risk criteria analysis
Monitor & Review - Ensure it's achieving expected results and revise to accomodate changes in loss exposures.
Data produced during this step helps risk managers show the importance of managing risk at every level of the Org.


Tolerable Uncert­ainty: Provides awareness of potential losses & assurance of their effective management.
Keeping the worry of accidental loss at a tolerable level.
Reduces Downside Risk: Every type of business or specul­ative risk involves downside risk (incl. losses & failures)
Threshold limits reduce downside risks.
Earning Stability: Some Orgs. seek to maintain level earnings from year to year.
Requires exact foreca­sting of fluctu­ations in asset values, liability values, and risk management costs.
Anticipate & Recognize Emerging Risks: Risks with the biggest upside or downside are those the Org. doesn't antici­pate.
Must monitor for emerging intern­al/­ext­ernal risks.
Business Continuity: Major goal for private entiti­es/­Ess­ential goal for public entities.
To avoid interr­upting operations for an unacce­ptable amount of time, Risk Managers should:
- Identify those specific activities for which continuity is essential.
- Determine the risks that could interrupt those activities and manage those risks approp­ria­tely.
Profit­ability & Growth: Orgs. seek to maintain at least a min. profit level & maintain a predet­ermined growth pattern.
Organi­zations meet these goals through:
- Strategic risk taking
- Identi­fic­ation & management of cross-­ent­erprise risks
- Improved capital allocation
Legal & Regulatory Compliance: Satisfy legal obliga­tions based on - the standard of care owed to others; Contracts; and Laws & regula­tions
Social Respon­sib­ility: Minimize the effected loss on society through risk management programs.
For moral reasons & for good public relations
Reduced Cost of Risk: Org. maintains its normal activities but with fewer and less severe accidental losses.
Reduce Deterrence Effects: Fear of future losses makes management less willing to take on activities they consider risky and deprives the Org. of the potential benefits from those activi­ties.


Cost of Risk - The total cost incurred by an organi­zation b/c of the possib­ility of accidental loss.
Cost of Losses:
Direct: inflicted by the peril itself.
Indirect: suffered as a conseq­uence of the direct loss.
Cost of Loss Control: People; Processes; Equipment
Cost of Loss Financing: Ins premiums or expenses incurred for non-in­surance indemnity
Cost of Risk Mgmt Admini­str­ation:
Small Company - Risk Mgr
Larger Company - RM Staff, or also broker­/agent
Financial Conseq­uences of Risk:
1. Expected Cost of Losses or Gains - Normally incl. direct loss costs w/ indirect costs; entire effect of losses is signif­icantly greater than the direct losses themselves
2. Expend­itures on risk mgmt
3. Cost of residual uncert­ainty - The degree of risk that is still after indivi­duals or orgs implement their RM programs
- For indivs, cost of residual uncert­ainty may incl things like lost salary or forgone investment opport­uni­ties.
- For Orgs, cost of residual uncert­ainty incl the effect that uncert­ainty on consumers, investors, and suppliers.

Costs that affect Expected Loss Costs:

Hidden costs that affect an org's Expected Loss Costs calcul­ation:
Costs Related to Time:
- Time lost by the injured employee
- Time lost by other employees who stop work
- Time lost by foremen, superv­isors, or other execs
- Time spent by first-aid attendants & hospital staff (when not paid by the insurer)
Costs Related to Damage:
- Dmg to machine, tools, or other property or the spoilage of material
Financial Costs:
- Interf­erence w/ produc­tion, failure to fill orders on time, loss of bonuses, payment of forfeits, & other similar causes of loss
- Contin­uation of injured EE's wages after the employee returns to work even if the employee's svcs may tempor­arily be worth less than normal value
- Loss of profit on injured employee's produc­tivity & idle machines
- Lost produc­tivity b/c of EE's excitement or weakened morale resulting from the accident
- Overhead per injured employee


Pure Risk
Specul­ative Risk
Subjective Risk
Objective Risk
Divers­ifiable Risk
Nondiv­ers­ifiable Risk
(4) Quadrants of Risk:
Hazard, Operat­ional, Financial, Strategic
Insurable Risks:
Pure risks, Objective risks, and Divers­ifiable risks.


Pure Risks
- Chance of loss or no loss; no chance of gain
- Insurable
Specul­ative Risks
- Chance of loss, no loss, or gain
- Investment Risks: Inflation, Market, Financial, Interest Rate, and Liquidity Risks
- Business Risks: Price risk & Credit risk
Insurance deals mainly with risks of loss, not risks of gain; so Pure risks as opposed to Specul­ative risks.


Objective Risks
- Measurable variations of uncertain outcomes based on facts & data.
- Insurable
Subjective Risks
- Based on indivi­dual's or Org's opinions
- differs from Objective risks b/c of: Famili­arity & Control; Severity over Frequency; and Risk Awareness
Assessment of risks differ due to:
1. Famili­arity & Control: people tend to undere­stimate familiar risks and overes­timate dramatic, unfamiliar risk.
2. Severity over Frequency: people tend to assign a probab­ility of 0 to low frequency events such as natural disasters, murder, accidents. But tend to overes­timate low frequency events if they have personally been exposed to previously or the events gets increased media cov.
3. Risk Awareness: people who are not aware of risks will undere­stimate the likelihood of loss, an org's risk mgmt efforts become more effective as the entity's subjective interp­ret­ation of risk becomes closer to its objective risks.


Divers­ifiable Risks
- Affects only some indivi­duals, busine­sses, or small groups.
- Nonsys­tematic risks or Specific risks
- Can be managed by spreading the risk (diver­sif­ica­tion)
- Not highly correlated - occurs randomly; Can be managed thru divers­ifi­cation or spread of risk.
ex) Building fire, Care theft, Auto accident
Nondiv­ers­ifiable Risks
- Affects large segments of society at the same time.
- Systematic risks and Fundam­ental risks
- Generally not privately insurable
- Correlated
ex) inflation, unempl­oyment, EQ, Flood, hurricanes
Private Insurers tends to concen­trate on Divers­ifiable risks; Gov't Insurers is suitable for Nondiv­ers­ifiable risks


Hazard Risk
Pure risks arising from property, liability, or personnel loss exposures. Tradit­ionally addressed by Insurance
ex) Fire, Flood, Theft, Auto Accidents, Employee Accidents
Operat­ional Risks
Pure risks associated w/ an Org's processes, systems, &/or controls.
ex) Risks arising from compliance issues, legal issues, and software tools.
Financial Risks
Speculative risks associated with an Org's financial activities.
*Market Risk, Credit Risk, Liquidity Risk, Price Risk
ex) Managing foreign exchange transa­ctions; Investing in Assets
Strategic Risks
Speculative risks arising from an Org's long term goals and management decisions.
ex) Creating new products for a new market.

Specul­ative Risks in Invest­ments

Inflation Risk: Associated with the loss of purchasing power b/c of an overall increase in the economy's price level.
Market Risk: Associated w/ fluctu­ations in prices of financial securi­ties, such as stocks & bonds.
Intere­st-Rate Risk: Associated w/ a security's future value due to changes in interest rates.
Liquidity Risk: Associated w/ not being able to liquidate an investment easily and at a reasonable price.
Financial Risk: Associated w/ the ownership of securities in a company having large amt of debt on its balance sheet. *If the company defaults on its debt obliga­tions, its creditors might force it into bankru­ptcy.
Business Risk: Associated w/ the fluctu­ation in company's earnings & its ability to pay dividends & interest.


Exposure - Any condition that presents a possib­ility of gain or loss, whether or not an actual loss occurs.
Provides a measure of the max potential dmg associated with an occurr­ence.
if risk is nondiv­ers­ifi­able, the risk increases as exposure increases.
Volatility - Indicates how much and how quickly the value of an invest­ment, market, or market sector changes.
refers to the frequent fluctu­ations, such as fluctu­ations in the price of an asset.
Likelihood - A quanti­tative estimate of the certainty with which the outcome of a specific event can be predicted.
refers to the chance that a given outcome will occur
Conseq­uences - Measures the degree to which an occurrence could positively or negatively affect the organi­zation.
Time Horizon - Refers to the estimated duration of the risk.
The longer the time horizon, the greater the risk.
Correl­ation - Relati­onship btwn variables.
Similar risks are usually highly correl­ated.
Higher the correl­ation, the higher the risk.
Should be applied to the Org's overall risk portfolio


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Breaking Down Risk Modeling Cheat Sheet
          Nursing Study Guide - Sickle Cell Anemia Cheat Sheet

          More Cheat Sheets by djjang2

          Breaking Down Risk Modeling Cheat Sheet
          Financial Risk Cheat Sheet
          Diving into Data Cheat Sheet