Add to collection(s) Add to saved
  1. Business
  2. Finance
Uploaded by riretax148

Print

advertisement 
The need to respond to risks according to whether they arise from STOC is summarised by embrace,
manage, mitigate and minimise (EM3) respectively.
Bow-tie:
-Category is the category affected by the risk event (4Ps)
-The event shown in the centre of the bow-tie would be described in terms of the component of the
organisation that is impacted by the event: people, premises, processes and products (4Ps). The 4Ps
can also be considered to be a risk classification system.
Nature of risk classification systems
A risk classification system allows the organisation to:
• identify where similar risks exist within the organisation
• identify who should be responsible for setting strategy for management of related or similar risks
• implement decisions and knowledge about the type of control(s) on a more structured and informed
basis
• provide a structure and framework for risk identification
• better identify the risk appetite, risk capacity and total risk exposure in relation to each risk, group of
similar risks or generic type of risk
FIRM risk scorecard
The FIRM risk scorecard provides such a structure, but there are many systems available. The FIRM
risk scorecard can also be used as a template for the identification of corporate objectives,
stakeholder expectations and, most importantly, key dependencies. It is compiled by analysing the
way in which each risk could impact the key dependencies that support each core process, facilitating
robust risk assessment.
other risk classification systems
Risks can also be grouped according to, as well as the timescale of their impact, the nature of the
risk, the source or the nature of the impact/size or the nature of the consequences. An organisation
will choose the system that is most suited to its size, nature and complexity.
For example, banks and other financial institutions almost universally classify risks as market, credit
and operational risks.
Other commonly used systems that can also be employed to provide structure to risk assessment
workshops are the SWOT and PESTLE analysis.
Another well established classification system is the COSO ERM cube top face (STOC) (most
common is COSO ERM cube and the IRM risk management standard).
Related documents
2MarketingMix
2MarketingMix
IIAA Slide
IIAA Slide
LESSON7-ASSINMENT-22
LESSON7-ASSINMENT-22
Business Strategy & Risk Management - Study Text (2018-2022)
Business Strategy & Risk Management - Study Text (2018-2022)
Download
advertisement