Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

249 Cards in this Set

  • Front
  • Back
Ch1; traditional risk

possibility of loss or injury, peril. accidental loss, insurable losses
Ch1; evolution of risk to...

become more of a choice, betting on an outcome from a decision we have made. Uncertainty about outcomes that can be either pos or neg

ISO definition of risk

coordinated activities to direct and control and organization with regard to risk

recent risk management theory

holistic approach, need to manage all risk not just easy ones to understand or quantify
4 High Level categories of risk


Hazard (pure)




VOCAB: Hazard Risk

risk from accidental loss, including the possibility of loss or no loss

VOCAB: Risk Profile

a set of characteristics common to all risks in a portfolio
Evlution of RM occurred in part from

failures of large organizations like Enron and other businesses at the turn of the millennia
Evolving Risk Management: 2002 Sarbanes-Oxley Act
Spurred by Enron failure, requires companies and auditors to disclose risk management and financial statements
Other evolutions in Risk Management

S&P now requires implementations and monitoring of RM,

US Securities and Exchange commission has new rules disclosing information

International RM reform

2004 Asian Insolvency Reform, EU working to adopt Solvency II and Basel II Standards for RM

What has changed the RM landscape

trends in technology, globalization, finance. recognizing variety, number, and interaction of risks facing an organization
high level categories of risk





VOCAB: Hazard Risk

Risks from accidental loss, including the possibility of loss or no loss
VOCAB: Risk Profile

a set of characteristic common to all risks in a portfolio


VOCAB: Systemic Risk

the potential for a major disruption in the function of an entire market or financial system
VOCAB: Cost of Risk

The total cost incurred by an organization because of the possibility of accidental loss
Cost of Risk equals

*cost not reimbursed by insurance or other outside sources

*insurance premiums/noninsurance ideminity
*risk control techniques

*administrating RM activities

Risk Management's aim

reduce risk cost long term without interfering with goals/activities. supports safety minimize financial effects of safety measures
fear of possible future losses

make senior management not go into risky things, but also miss out on benefits
Risk Management
mitigates uncertainty
uncertainty reduction benefits (3)

alleviates management fears and possibility to do stuff

*increases profit potential by greater participation from others invested

*makes organization safer environment, and more attractive to investors

senior management and investors both

seek assurance. RM provides this
downside risk reduction

use stop-loss limits, cant eliminate but can reduced. hedging is one way of doing this
intelligent risk taking

make decisions based on company'ss risk appetite. RM provides framework to analyze and manage risk

Maximize profitability
RM provides an organization information to evaluate the potential risk-adjusted return on its activities and to manage risks associated with activities
Legal and Regulatory Reqs
RM lets companies comply with recent regulations on risk

gives full view of everything that can harm or helpcompany
economic benefits

Reduced wasted Resources

Improved Allocation of Productive Resources

Reduced Systemic Risk

Overview: Benefits of Risk Management

1. Organization Benefits

a. Reduce Cost of Hazard Risk

b. Reduce Deterrence Effects of Hazard Risk

c. Reduce Downside Risk

d. Manage the downside of Risk

e. Intelligent Risk Taking

f. Maximize Profitability

g. Holistic Risk Management

h. Legal and Regulatory Requirements

2. Economic Benefits

a. Reduce waste of resources

b. Improved allocation of productive resources

c. Reduced Systemic Risk

Basic Risk Measures

1. Exposure

2. Volatility

3. Likelihood

4. Consequences

5. Time Horizon

6. Correlation

VOCAB: Exposure

any condition that presents a possibility of gain or loss, whether or not an actual loss occurs

VOCAB: Volatility
Frequent fluctuations, such as in the price of an asset
VOCAB: Law of large numbers

a mathematical principle that states that as the number of similar but independent exposure unites increase, the relative accuracy of predictions about future outcomes (loses) also increases. this is why we use likelihood

organizations must determine to the extent possible likelihood of an event and then determine the potential consequences if the even occurs

measure of the degree to which an occurrence could positively or negatively affect an organization.
low likelihood/minor consequences

maybe no risk management is needed
high likelihood/minor consequences

can handle through normal business procedures
major consequences

low likelihood- still managed

high likelihood - significant, well managed

VOCAB: Time horizon

Estimate duration.

the longer the time horizon, the more risky.

VOCAB: correlation

a relationship between variables. the higher the correlation, the greater the risk


*classifying helps understand and manage risks.

*categories go by objectives and RM goals.

* helps with administrative function

Risk classifications

Pure and speculative risk

subjective and objective risk

diversifiable andnondiersifiable

quadrants of risk (hazard, operational, financial, and strategic)

VOCAB: pure risk
a chance of loss or no loss, but no chance of gain
VOCAB: speculative risk

a chance of loss, no loss, or gain

price risk, credit risk

VOCAB: Credit risk

the risk that customers or other creditors will fail to make promised payments as they come due
distinguishing between pure and spec

they are managed differently. pure can be insured while the spec managed
subjective vs objective
subjective risk can be where objective risk isnt
VOCAB: subjective risk

the perceived amount of risk based on an individual's or organizations opinion
VOCAB: objective Risk

the measureable variation in uncertain outcomes based on facts and data
reason for differences between objective and subjective

familiarity and control - people don't like whatthey have no control over even though its unlikely

consequence over likelihood "cant happen to me" or lightning striking twice.

risk awareness - not being aware means you don't think itll happen

VOCAB: diversifiable risk

a risk that affects only some individuals, businesses, or small groups
VOCAB: non-diversifiable risk

a risk that affects a large segment of society at the same time

systemtic risks

Quadrants of risk





Hazard Risk

arise from property,liability, or personnel loss exposures and are generally subject of insurance

operational risk

fall outside hazard and arise from ppl or a failure in process,systems, or controls, including IT
financial risk

arise from the effect of market forces on financial assets or liabilities and include market risk, liquidity risk, and price risk
strategic risk

arise from trends in ecnonomy and society. changes ine cnonomics, political, competitive environments, and demographic shirts

VOCAB: market risk
uncertainty about an investment's future value because of potential changes in the market for that type of environment
liquidity risk

the risk that an asset cannot be sold on short notice without incurring a loss
quadrants: pure or speculative

pure: hazard,operational

speculative: financial and strategic

focus of quadrants

focus on the risk source and who manages it

other classifications focus on some aspect of risk itself


around since 90s

adopted since 2008 financial crises

traditional is hazard risks, pure risk

ERM is looking at all risk

RM and ERM are inter change able

ERM definition

ISO: coordinated activities to direct and control an organization with regard to risk

RISK: the effect of uncertainty on objectives

all definitions speak on managing all risks to help meet objectives

Theoretical pillars of ERM



portfolio theory

traditional RM silos, look for dependence and interdependance


increases, uncorrelated can hedge

portfolio theory

combination of risks, both individual and their interactions

organizational relationships

Traditional model: RM manager, dept to handle hazard risk. deal with insurance, large companies may deal with claim management

in ERM, all of an organizations al all levels responsible for RM.

Dodd Frank Act

2010 bull requires that certain types of financial companies appoint a broad risk committee (full board, audit committee, or a dedicated risk committee).


chief risk officer


strength weakness opportunities and threats.

CRO establishes RM goals and strategies in accordance with SWOT

CRO responsibility

includes helping firm create a risk culture in which managers of the organizations divisions and unites, employees become risk owners. fully integrated ERM, RM is in every job description and project
Implementing ERM

essential for leadership to be committed to implement

access to data from all areas

must have authority to make and implement changes

effective communication needed

impediments to ERM

technological deficiency, people need relevant info

single largest obstacle is the traditional organizational culture with established silos. needs to be integrated throughout company

Chapter 2; Risk Management Standard and Guidelines

Characteristics of RM standards guidelines

ISO 31000 framework & process

Committee of Sponsoring standard

Solvency II & Basel II&III standard to insurance & banking

Intro to RM standards guidelines

align with mission, goals, structure

crafted with recognized standard to implement

professionals should understand various standards

Regulation vs standards

developed by recognized authorities, voluntary for organizations

mandatory requirement by gov't of standards make it a regulation

VOCAB: Risk Management Stndard

a document published by a recognized authority that includes principles, criteria, and best practices for RM
VOCAB: framework

a structure, including elements such as concepts, methods, procedures, and metrics that supports the RM process

common elements of RM standards

they all help organizations manage and asses risk

ISO 13000 and COSO definitions of risk
COSO is traditional, pure risk. ISO has approach with positive and negative results possible
similarities between standards and frameworks

1. adoption of an enterprise approach

2. structured & processed steps

3. understand & accountable for defining risk appetite

4. formal documentation of risk in risk assessment

5. Goals and activities establish and communicated

6. monitored treatment plans

standard to choose

could be one for everything, could vary by function
Successful implementation criteria for a standard chosen

1. alignment with organizational objectives

2. adherence to controls

3. compliance to regulatory reqs

4. risk governance

VOCAB: Risk Governance

integration of the management principles governing the organization with the RM process

major standards/guidelines

1. shows best practices being taken, comply with today's standards

2. periodic self assessments with objective and consistent measuring tools (Risk Maturity Model RMM)

Risk Maturity Model framework's attributes

1. ERM approach

2. ERM process management

3. Risk appetite management

4. Root cause discipline

5. Uncovering risks

6. performance management

7. business resiliency and sustainability

RMM scoring

each are analyzed and measured from 0 to 5. this shows the maturity at all 7 steps

ISO 31000

international standard to manage operational, financial, strategic, and hazard risk

ISO 31000 background

developed by ISO, non-gov, in 163 countries, published this report. developed from Australian and NZ standard. contains princibles & framework for anyone .
ISO 310000 scope

applied to all operations and most activities and to any type of risk, pos or neg.

not intended for uniformity

ISO 31000 principles

11 principles or RM

used to make RM effective

protect value, informed decisions, uncertainty dealings.

qualities include structure, timeliness, transparency, inclusiveness, dynamism, response to change.

should apply to all processes on best available info. considers human/culture factors

ISO 31000 framework
includes a generic framework. must have management support
VOCAB: RM framework

a foundation for applying the RM process throughout an organization

tailoring the framework

begins with evaluation of risk contexts, inside and outside of company,

after understanding context, establish RM policy with appropriate resources.

finally communication & reporting inside and outside

ISO 31000 process

assessing risk, treating risks, monitoring and reviewing the process
VOCAB: Risk Criteria

reference standards, measures, or expectation used in judging the significance of a given risk in context with strategic goals
Risk assessment

definition includes risk identification, analysis & evaluation

risk treatment

deciding on how to modify the risk and the leftover amount. avoid, retain transfer,

big difference is they do not address root cause analysis. origin in financial risk

positive or negative result

COSO RM framework - 4 categories objectives

strategic - high level

operations - resource use

reporting reliability

compliance with laws

COSO interrelated items

1. internal environment

2. objective setting

3. event id

4. risk assessment

5. risk response

6. control activities

7. info & communication

8. monitoring

VOCAB: inherent risk

risk to an entity apart from any action to alter either the likelihood or impact of the risk

VOCAB: residual risk

risk remaining after actions to alter the risks likelihood or impact

RM serial process?

no, it is multidirectional. anything can affect anything
Control activities
Sarbanes Oxley Act makes you publish information on annual reports regarding the scope and adequacy ofreporting. assess the effectiveness, and attest to and report on the assessment of the effectiveness

they made their controls from the context of the SOA, so control activities are a key feature of this standard compared to other standards
most important function of a control

the role in achieving its objective
control activities parts

part 1: what should be done

part 2: procedure to accomplish it

types of monitoring

type 1: ongoing regular monitoring by an organizations management

type 2: periodic evaluation, often by internal auditors

Solvency II and Base II & III

regulatory standards many countries adopted

Solvency II is EU RM

Base III is banking trying to prevent systemic risk

Solvency II

Solvency 1 in the 70s for capital adequacy amd did not include any standard for RM or governance
Solvency II

all EU, should make it easier for firms to do work across EU, consistent standards

Consistency for Europe across

1. Market Consistent balance sheets

2. risk based capital

3. Own risk and solvency assessment ORSA

3. senior management accountability

4. Supervisory assessment

Supporting pillars of Solvency 2

1. finaincail reqs, firms adequately capititalized with risk basedcapital

2. higher standards of RM and governance within an organizations and gives superviros greater power to challenge firm

3. greater levels of transparency for sups and public

Solvency 2

Required have effectiveRM

change in insurer's risk culture, storng link between descisions and risk measurement

US will be affected by subsidiaries in EU. long term the NIAC will have to better harmonize.

Basel II and III

committee formulates stnadrads that member and other nations may adopt as regulation.

Capital Adequacy framework pillars

min capital reqs - credit risk evaluation help and weights for bondsand mortages

supervisory - review of an institutions internal assessment


basel III

address both the risk f individual organizations and systemic risk.

goals of Basel III

imorve ability to absorb shock

improve RM and governance

strengethn transparency

11 basel II princibles
stuff on executive leadership
Chapter 3: Hazard Risk

main type insurance deals with. purerisk
definition of hazard risk

no universal definition, just only a negative outcome is possible

actuarial definition of hazard risks

1. fire and other property damage

2. windstorm and other natural perils

3. Theft, crime, personal injury

4. business interruption

5. disease and disability

6. liability claims

hazard risk is

generally insurable

Basel committee definition of operational risk

the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events

operation risk and hazard risk

some RM theories include hazard in operational risk category. this follows the Basel model

hazard risk categorized

1. personnel risk - hurt, dead, unexpected departure

2. property risk

3. liability risk - financial responsibility from someone else getting hurt

net income losses

organizations face net income losses with property and liability exposures. results from property losses that hinder or stops op from oping or reduces capacity to op. may not be independant
time period

no definite time period for liability, unlike property

measuring and managing hazard risk

must id and classify to manage and measure

two measures used

frequency and severity

VOCAB: frequency

number of losses

VOCAB: severity

the size of a loss

measure freq and sev by...

line of insurance, on aggregate basis, for 3 to 5 years. extent of exposure determines approach used in managing risk.

techniques used to reduce freq/sev

1. avoidance

2. seperation

3. duplication

4. diversification

6. prevention

7. reduction

VOCAB: avoidance
a technique that involves ceasing or never undertaking an activity so that the possibility of future gains or losses occurring from that activity is eliminated
VOCAB: separation
a risk control technique that isolates loss exposures from one another to minimize the adverse effect of a single loss
VOCAB: duplication

a risk control technique that uses backups, spares, or copies of critical property, information, or capabilities and keeps them in reserve
VOCAB: diversification

a risk control technique that spreads loss exposures over numerous projects, products, markets, or regions

VOCAB: insurance

a risk management technique that transfers the potential financial consequences of certain specified loss exposures from the insured to the insurer
most often used rm techniques
prevention and reduction

insurance insures generally

high severity and low frequency

high/high avoided

low/low retained

low/high some are retained

what percentage of operational risk is covered by insurance
20-30. RM should include all coverage gaps and see if special insurance is warrented
VOCAB: loss exposure

any condition or situation that presents a possibility of loss, whether or not an actual loss occurs
3 elements to a loss exposure

1. an asset exposed to a loss

2. cause of loss (peril)

3. financial consequences of that loss

4 basic types of loss exposures

1. property

2. liability

3. personnel

4. net income

asset exposed to loss

anything from a person to property. anything of value

cause of loss

fire, windstorm, explosion, theft, etc
VOCAB: Hazard

a condition that increases the frequency or severity of a loss

4 types of hazards

moral hazard

morale hazard

physical hazard

legal hazard

effect of a hazard

they can compound and grow off one another
VOCAB: Moral Hazard

a condition that increased the likelihood that a person will intentionally cause of exaggerate a loss
Vocab: Morale Hazard

a condition of carelessness or indifference that increases the frequency or severity of a loss
Vocab: physical hazard
a tangible characteristic of property, persons, or operations that tends to increase the frequency or severity of a loss
vocab" legal hazard

a condition of the legal environment that increases the loss severity or frequency
financial consequences of loss
these can be easy or difficult to determine

types of loss exposures




net income

exposure, cause, and financial consequence apply to each of these

VOCAB: property loss exposure

a condition that presents the possibility that a person or an organization will sustain a loss resulting from damage(including destruction, taking, or loss of use) to property in which that person or organization has a financial interest.
vocab: tangible property

has physical form
vocab: real property

tangible property consisting of land, all structures permanently attached to the land, and whatever is growing on the land
vocab: personal property

all tangible and intangible property that is not real property

intangible property

property that has no physical form
VOCAB: liability loss exposure

any condition or situation that presents the possibility of a claiming legal responsibility of a person or business for injury or damage suffered by another party
VOCAB: personnel loss exposure

a condition that presents the possibility of loss caused by a person's death, disability, retirement, or resignation that deprives an organization of the person's special skill or knowledge that the organization cannot readily replace
VOCAB: personal loss exposure

any condition or situation that presents the possibility of a financial loss to an individual or a family by such causes of death, sickness, injury, or unemployment
net income loss exposure

a condition that presentsthe possibility of loss caused by a reduction in netincome
net income: direct or indirect

indirect. an indirect is a loss that results from a peril, but not directly caused by that peril.
T?F insurance treats net income as a property loss
true. liability net income losses and personnel net income losses have been up to traditional RM.
loss of good will

income loss exposure. non-profit your good will is the same as reputation. companies will pay of things they are not liable for to preserve good will
failure to preform

net income loss from product not working or contractornot finishing ajob

miss opportunities

from not adapting to the market to being passive to abstaining
Commercial insurance policies

good for RM to know what to insure and how. insurance developed through regulation, common use, and standardization
VOCAB: property casualty insurance
one of the two main sectors of the insurance industry, encompassing numerous types of insurance, most of which cover the financial consequences of damage to ones own property or legal liability to others
VOCAB: property

the real estate, buildings, objects, intangible assets, or rights with exchangeable value of which someone may claim legal ownership
VOCAB: liability

a legal responsibility for the consequences of an act or omission
VOCAB: line of business

a general classification of insurance, such as commercial property, commercial general liability, commercial crime, or commercial auto.
VOCAB: commercial property insurance

insurance that covers commercial buildings and their contents against various types of property loss

VOCAB: monoline policy
policy that covers only one line of buisiness

VOCAB: package policy

policy covering two or more lines of business

VOCAB: Named peril

a specific cause of loss listed and described in an insurance policy. also used to describe policies containing named perils
VOCAB: direct physical loss

a loss that is physical (not just financial) and results immediately from the occurrence
VOCAB: all risk policy

an insurance policy that covers any risk of physical loss unless the policy specifically excludes it

VOCAB: Bailee's customers policy

a policy that covers damages to customers gods while in the possession of the insured, regardless of whether the insured is legally liable for the damage
VOCAB: replacement cost

the cost to repair or replace property using new materials of like kind and quality with no deduction for depreciation

VOCAB: actual cash value

a method of valuing property which is calculated as the cost to replace or repair property minus depreciation, the fair market value, or a valuation determined by the broad evidence rule

VOCAB: insurance-to-value provision
a provision in property insurance policies that encourages insured to purchase an amount of insurance that is equal to, or close to the value of the covered property
VOCAB: coinsurance clause

a clause that requires the insured to carry insurance equal to at least a specified percentage of the insured property's value
VOCAB: business income insurance
insurance that covers the reduction in an organizations income when operations are interrupted by damage to property caused by a covered peril

VOCAB: dependent property exposure

the possibility of insuring business income loss b/c of a physical loss occurring on the premises of an organization that the insured depends on for materials, products, or sales
VOCAB: principle

the party to a surety bond whose obligation or performance the surety guarantees
VOCAB: principle
the party to a surety bond whose obligation or performance the surety guarantees

VOCAB: surety

the party (usually an insurer) to a surety bond that guarantees to the oblige that the principal will fulfill an obligation or perform as required by the underlying contract, permit, or law

VOCAB: obligee

the party to a surety bond that receives the sureties guarantee that the principle will fulfill an obligation or perform as promised.
VOCAB: Breach of contract

the failure without legal excuse to fulfill a contractual promise
VOCAB: tort

a wrongful act or omission other than a crime or break on contract, that invades a legally protected right
VOCAB: insuring agreement

a statement in an insurance policy that the insurer will, under described circumstance, make a loss payment or provide a service
VOCAB: occurance

an accident, including continuous or repeated exposure to substantially the same general harmful conditions

VOCAB: indemnify

to restore a party who has sustained a loss to the same financial position that the party held before the loss occurred
VOCAB: claims-made coverage form

a coverage form that provides coverage for bolidy injury and property damage that is claimed during the policy period

VOCAB: occurance coverage form

a coverage form that covers BI/PD occurring during the policy period

Surety bond parties

three party arrangements
surety bonds most common purpose

construction operations

commercial auto

excludes off road, evornmental liability.

Work comp insurance

regulated by companies to have this

medical wage bennies for ppl hurt on job, so no suit happens

employers liability insurance

for when employees can sue

professional liability or E&O insurance

or malpractice insurance. all interchangeable

not standardized forms, forms written by insurers

claims made instead of occurrence made

management liability insurance


employment practices

fiduciary liability


most common is securities class action law suit. insurers draft policy language
VOCAB: entity coverage

coverage extentsion of D&O liability policies for claims made directly against a corporation the entity for wrongful acts covered by the poolicy

VOCAB: Claims made coverage trgger
the event that triggers coverage under a claims made coverage form, the first make of a claim against any insured during either the policy period or an extended reporting period
CH 4

framework with 4 risk categories




external events

OPerational Risk in General

traditionally organized by managers
OPerational Risk Definitions

Financial defines as any not market or credit risk, including hazard
Othher than financial view operational and hazard as

separate categories
People - organizational risk

employees. can be insured in most circumstances. E&Oinsurance
Process - orgnaizationrisk
risk occurs when practice departs from prcedure
Systems - organizational risk

technology and equipment. data breech. hazard or continued ops

external events

storms, business interruption, loss or a key supplier, utility failure, changes in systems
Operational risk indicators

develop key risk indicators KRI
Introduction to risk indicators

wanna hit before loss occurs. looking at root causes. retroactive might be too later, need proactive

VOCAB: Root Cause

the event or circumstance that directly leads to an occurence
more successful root cause is to

look at near misses. all incidents
develop leading indicators of risk, or KRI

A financial or non-financial metric used to help define and measure potential losses
indicators by operational risk classes

people, classes, systems

VOCAB: Exposure indicators
a metric used to identify risk inherent to an organizations operations. inherent indicators
VOCAB: loss ratio
a ratio that measures losses and loss adjustment expenses against earned premiums and that reflects the percentage of premiums being consumed by losses

VOCAB: Control indicators
a metric used to identify an organization's management of risk


major types

market risk, credit risk, price risk

Financial Risk in general

external risk with potential to affect objectives

can be reduce with contracts such as derivatives

Goal or risk management

risk optimization

VOCAB: Risk Optimization

a state whereby risk and return are balanced so that a maximum return is achieved for the level of risk accepted by an organization

VOCAB: Hedging

a financial transaction in which one asset is held to offset the risk associated with another

Market RIsk
arises from chanes in the value of financial instrument


Market Risk

part systemic, park not.
Categories of market risk

currency price risk

interest rate risk

commodity price risk

equity price isk

liquidity risk

currency price risk

risk in exchange rates
interest rate risk

systemic and affects all organizations

an agreement between two organizations to exchange payments based on changes in the value of an asse, yield, or index over specific period
VOCAB: cash matching

the process of matching an investments maturity value with the amount of expected loss payments
VOCAB: zero-coupon bond
a corporate bond that does not pay periodic interest income
insurers are vulnerable for 2 reasons:

insurers have investments, bonds, with durations linked to claims

income earned from investment returns on reserves before they are needed to pay claims

cash matching limitations

only works with zero coupon bonds that matches exactly

purchase enough to match claim payments