Part 2 Section D.1.2. Risk Management Process リスクマネジメントプロセス

The basic steps in risk management

  1. Risk identification
  2. Risk assessment
  3. Risk prioritization
  4. Response planning
  5. Risk monitoring

Risk Identification

  • Need to identify all risks – internal and external – that face the company as a whole, or only one department

Event Identification Techniques

1) Brainstorming sessions
2) Event inventories and loss event data
3) Interviews and self-assessment
4) Facilitated workshops
5) SWOT analysis
6) Risk questionnaires and risk surveys
7) Scenario analysis
8) Technology

The IMA’s Statement on Management Accounting, Enterprise Risk Management: Tools and Techniques for Effective Implementation

Risk Assessment

  • Risk assessment involves identifying risk and vulnerabilities.
  • Explore to risk is assessed by:
    1. Loss frequency (probability) – is how often the loss occurs on average.
    2. Loss severity – how serious a loss is when it occurs.
  • Qualitative Risk Assessment
    • risk map
    • portfolio view
  • Quantitative Risk Assessment
    • Value at risk (VaR)
    • Cash flow at risk
    • Earnings at risk
    • Earnings distributions
    • Earnings per share distributions
    • Benchmarking
  • Inherent risk
    • the level of risk that resides with an event or process prior to management taking a mitigation action
  • Residual risk
    • the level of risk that remains after management has taken action to mitigate the risk

Risk Prioritization

  • Which risk(s) are most critical to deal with
  • will include quantitative and qualitative assessments
  • the measurement of potential loss
    1. Expected Loss
    2. Unexpected Loss
    3. Maximum Probable Loss
    4. Maximum Possible Loss ( Extreme Loss, Catastrophic Loss)
  • Assessing Risk to Financial Assets
    1. Calculate the firm’s financial average
    2. Look at the firm’s beta
    3. Measure the firm’s durationof a debt security
  • Cost benefit Analysis in Risk Management

Response Planning

  1. Avoiding (terminating) the risk
  2. Reducing (mitigating) the risk
  3. Transferring (sharing) the risk
  4. Accepting (exploiting) a risk

Risk Monitoring

  • Monitor to ensure that each risk has been addressed as intended.
  • Ongoing review as well as make certain everything in still as it was, or that the needed changes have been made.

Risk Appetite and Risk Tolerance

  • Risk appetite
    • the broadly defined level of risk an organization is willing to accept in pursuit of value
  • Risk tolerance
    • more narrowly defined and expresses the accepted level of variation around objectives

Managing Operational Risk

  • Operational risks are those risks that are connected to the day-to-day operations of the business
  • These are the risks that result from inadequate or failed internal processes, people or systems
  • These risks are best managed at the lower level in the organization

Managing Financial Risk

  • Financial risk management creates economic value for a firm by using financial instruments to manage expose to risk, especially credit risk and market risk
    • Using forward contracts
    • Having specific financial instrument policies
    • Using derivative instruments as a hedge process
    • Using swaps to hedge an interest rate or fair value of an asset