General
What is the globally accepted standard in terms of Risk Management?
ISO 31000
What is risk?
The effect of uncertainty on objectives.
Name the main steps of the risk management process
- risk identification
- risk analysis
- risk evaluation
- risk treatment
- risk communication
Name a risk!
Correct.
Why is establishing the context so important?
Defines the scope for the risk management process and sets the criteria against which the risks will be assessed.
What is risk management?
Coordinated activities to direct and control an organization with regard to risk.
What is risk identification?
The process to find, recognize and describe risks.
What is one way to visualize risk analysis?
Via a risk matrix.
Why is the perspective so important?
Because risk management is subjective and depends on the entity that conducts risk management (100.000 EUR loss has a different impact on a small software start-up than on a multimillion EUR Big Tech).
Name the risk formula
Likelihood of an event x consequences of an event
What is risk analysis?
The analysis of the likelihood and the consquences of an event that was identified as a potential risk.
Who are they real experts in performing risk management?
Those that are deemed experts by the entitiy conducting risk management.
What assets to be protected are there?
Human assets, direct monetary damage, damage to the environment, political-social consequences, any other assets you deem important
What is residual risk?
Risk that remains after risk treament measures are implemented. Residual risk also comprises unidentified risks or intentionally accepted risks.
What is risk evaluation?
Risk evaluation involves comparing the results of the risk analysis with the established risk criteria to determine where additional action is required.
What is the name of the approach with regard to risk identification that is general applied and comprises the identification of all potential risks?
All-hazards approach
What is the goal of risk management?
Exactly!
What is risk communication?
The purpose of risk communication is to assist relevant stakeholders in understanding risk, the basis on which decisions are made and the reasons why particular actions are required. Communication seeks to promote awareness and understanding of risk.
Risk communication with appropriate external and internal stakeholders should take place within and throughout all steps of the risk management process.
What is risk treament?
The purpose of risk treatment is to select and implement options for addressing risk.
Includes measures such as accepting risk, avoiding risk, decreasing the likelihood, decreasing the consequences, sharing the risk (e.g. via insurances).
When creating scenarios for risk management what type of scenarios is typically aimed for?
Credible worst-case scenarios.