ARM54

- Hazard (or pure) risk

- Operational risks

- Financial risks

- Strategic risks

The evolution of risk management has occured in Part because of high-profile failures of large organisations during the late twentieth and early twenty-first century, followed by the global financial crisis.

In large parts because of trends in technology, globalization, and finance, the risk landscape has chenged dramatically. Organizations opeerate in a global enviroment where they face hazard risks such as earthquakes and floods, political risks such as terrorism, economic risks such as a recession, and financial risk such as currency exchange rates. Interconnection of these risks adds to their complexity and potential effect on organizations.

Operational risk

Hazard risk

Strategic risk

Financial risk

Hazard risk

Financial risk

The potetial for a major disruption in the function of an entire market or financial system.

The total cost incurred by an organization because ot the possibiliy of accidental loss.

An organization's  cost of risk associated  with an asset or activity is the total of these:
-  Costs of accidental losses not reimbursed  by insurance  or other outside  sources
-  Insurance  premiums  or expenses  incurred for noninsurance  indemnity
-  Costs of risk control techniques  to prevent or reduce the size of accidental losses
-  Costs of administering  risk management  activities

Risk management  reduces  the deterrence  effects of uncertainty  about potential future accidental
losses by making these losses less frequent, less severe,  or more foreseeable.  The resulting reduction
in uncertainty  benefrts an organization in these ways:
-  Alleviates or reduces management's  fears about  potential losses, thereby increasing  the feasibility of ventures  that
   once appeared  too risky
-  Increases  proflt potential by greater participation  in investment  or production activities
-  Makes the organization a safer investment  and, therefore, more attractive to suppliers of investment capital  through 
   which the organizarion can expand

A benefit of risk management  includes  providing the organization with a framework ro analyze
the risks associated  with an opportunity and then to manage  those risks. Risk management  can
help the organization decide  if the potential rewards are greater than the downside  risks,  thereby
increasing  intelligent  risk taking.

Risk management  can help an organization maximize its profitability  by providing it with informa-
tion to evaluate  the potential risk-adjusted  return on its activities and to manage  the risks  associ-
ated  with those activities.  Although  the same amount of capital  may be required  for each  acriv-
ity being considered,  the risk-adjusted  retum will not be the same. Risk managers  can help the
organization evaluate  the risks and potential retums of its activities and how these activities  will
affect  the organization's  efforts  to meet its objectives.

Tradítional  risk management  was  conducted in silos within an organization. This fragmented
approach  can miss critical risks to the organization and fails to provide senior management  with
a picture  of the organization's  risk portfolio  and proflle. An integrated, holistic approach  that man-
ages risk across  all levels and functions  within an organization presents a more complete picture  of
an organization's  risk portfolio and profile. This picture  allows for better decisions by and im-
proved  outcomes for senior management.

Risk management  beneflts the entire economy  by reducing  waste  of resources,  improving  alloca-
tion of productive  resources,  and reducing  systemic risk.

The total cost of risk is calculated in this way:
$1.2 million +
$10 million  +
$2 million +
$0.5 million  = $13.7 million

A threshold value such that the probability of loss on the portfolio over the given time horizon exceeds this value, assuming normal markets and no trading in the portfolio.

- Tolerable uncertainty
- Legal an regulatory compliance
- Survival
- Business continuity
- Earings stability
- Profitability and growth
- Social responsibility
- Economy of risk management operations

Each organization should align its risk management  objectives with its overall objectives.  These
objectives should  reflect the organization's  risk appetite and the organization's  internal and exter-
nal context.

A typical  risk management  goal is tolerable uncertaint¡ which means  aligning  risks  with the or-
ganization's  risk appetite. Managers want to be assured that whatever might happen  will be within
the bounds of what was anticipated  and will be effectively  addressed by the risk management
program.  Risk management  programs should  use measurements that align with the organization's
overall objectives and take into account the risk appetite of senior  management.

An important goal for risk management  programs is to ensure  that the organization's  legal obligations are satisfred.  Such legal obligations  are typically based on these items:
- Standard  of care that is owed to others
- Contracts  entered into by the organization
- Federal, state, provincial, territorial,  and local laws and regulations

 Survival  of an organization depends  on identifiiing  as many risks as possible that could threaten
the organization's  ability to survive and managing  those risks  appropriately. It also depends on
anticipating and recognizing  emerging  risks.

- ldentify activities  whose interruptions  cannot be tolerated
- Identify  the types of accidents  that could interrupt such activities
- Determine  the standby resources  that must be immediately  available to counter the effects of those accidents

 To achieve  that minimum amount, risk management  professionals must identifi/ the risks that
could prevent this goal from being reached, as well as the risks that could help achieve  this goal
within the context  of the organization's  overall  objectives.

The risk management  program  goal of economy  of operations  conflicts with other risk manage-
ment goals in these ways:
a.  Tolerable  uncertainty  might conflict with the goal of economy  of operations  because of the cost of risk management  efforts.
b.  Legality might conflict with the goal of economy  of operations  because implementing  safetystandards could be an added  expense.
c.  Social responsibility  might conflict with the goal of economy  of operations  because  obligationssuch as charitable contributions could raise costs.

Exposure provides  a measure  of the maximum  potential damage  associated  with an occurrence.
Generally, the risk increases as the exposure increases,  assuming  the risk is nondiversifiable.

Yolatility provides  a basic  measure  that can be applied  to risk. Generally, risk increases as volatil-
ity increases.

Consequences are the measure  of the degree  to which an occurrence  could positively  or negatively
affect  an organization. The greater the consequences,  the greater the risk.

 The relationship  between  likelihood  and consequences  is critical for risk management  in assessing
risk and deciding whether and how to manage it. Therefore, organizations  must determine to the
extent  possible the likelihood of an event and then determine the potential consequences  if the
event occurs. In assessing the level of risk, the risk management  professional  must understand  to
the extent  possible  both the likelihood  and the consequences.

Longer time horizons  are generally  riskier than shorter  ones.

Correlation is a measure  that should  be applied to the management  of an organization's  overall
risk portfolio. If two or more risks  are similar, they are usually highly correlated. The greater the
correlation,  the greater the risk.

The organization has risk from exposure, consequences,  and correlation  related to these suppli-
ers. The consequences  to the organization of disruption  to the supply chain were lost sales of $200
million. The maximum exposure and consequences  are unknown and depend on the length  of any
future disruption.  The organization's  risk management  professionals should  quantify  to the extent
possible the probable  range of exposure and consequences.  There is correlation  because the three
suppliers are in the same  area. Although  the likelihood of another earthquake  and tsunami is not
high, the potential consequences,  were they to occur, are high. Therefore,  this risk should  be man-
aged.