CPCU 500 Final Set
Who is found liable first? The GC or subcontractor?
GC and/or property owner
Scenario Analysis (3.10)
Identifies risks and predicts the potential consequences of those specific risk - Identifies a range of potential consequences and prioritize risks - Done by a cross-functional team to gain a multidimensional view of a risk's potential consequences
Which one of the following types of personnel losses usually develops more slowly as the result of some organic or inorganic agent being absorbed, ingested, inhaled, or injected that impairs a function of the body?
Illness
4 types of noninsurance transfers for risk control (4.24)
1. Leasing 2. Contracting for services (subcontracting) 3. Waiver of exculpatory clause 4. Disclaimer of warranties
3 types of Hold-Harmless Agreements (4.26)
1. Limited form 2. Intermediate form 3. Broad form
Why classify risks? (2.7)
1. Many risks in the same class have similar attributes 2. It helps with managing risk because many risks can be managed with similar techniques 3. Helps with the administrative function
Technological advancements have affected these two types of risk treatment the most: (4.9)
1. Modification 2. Transfer
3 basic causes of loss (3.21)
1. Physical 2. Human 3. Organizational
Which one of the following statements is true regarding a generic model of a securitization?
The organization sells income-producing assets to an SPV in exchange for cash.
Which one of the following statements is correct with respect to empirical probability distributions?
They provide a mutually exclusive, collectively exhaustive list of outcomes.
Why is the distinction between injury and illness relevant in workplace settings?
This distinction is relevant because the types of risk controls often applied to reducing the frequency or severity of particular disabilities depend on whether those disabilities arise from sudden external events (injuries) or from prolonged exposure to harmful conditions or a sudden harmful condition that does not immediately manifest itself (illnesses).
Juan is the property manager of multiple shopping centers. He wants to invest in smart operations to save costs and labor in the long term. What are some smart products Juan could invest in?
Juan could invest in drones for surveillance and monitoring of damage and security risks at his different locations. He could also automate the leasing process through the use of robots to process documents and payments and answer property-related questions.
Generally, a long-term asset's book value is ________ that its market value (5.13)
LOWER ** because inflation will increase the market value while depreciation will decrease the book value
To reduce downside risks, organizations can use _________ _______ (2.15)
Threshold limits
Which one of the following is a major responsibility of corporate directors?
To perpetuate a competent board through regular elections
Buildings constructed of reinforced concrete have been successful withstanding this disaster, but building all structures in this manner is neither practical nor economical. This statement pertains to which one of the following disasters?
Tornado
An analysis that identifies mathematical patterns in past losses and then projects these patterns into the future is
Trend analysis
Murray Trucking is interested in evaluating which risk factors are most likely to lead to the most costly accidents. They are evaluating risk factors such as speed, weather conditions, driver experience, distance traveled, and gross vehicle weight. Which one of the following statistical measurements would be useful for the risk manager when calculating the probability of the different risk factors causing severe accidents?
Variance
Predictive Modeling (3.5)
Vastly more and better data, coupled with newer, sophisticated software tools that analyze, extrapolate, and predict outcomes
Which one of the following statements is correct regarding the challenges of delivering messages to internal and external stakeholders?
When addressing individuals of different status levels, it is best to ask for ideas from lower-level persons before turning to those of higher standing
The key aspect of collaboration is that it requires an active commitment from every group member to achieve a single goal shared by the entire group
When problems arise, the group should address them together
How is the combined risk affected when gains or losses from two risks are correlated?
When two risks are correlated, the greater their correlation, the greater the combined risk
Billy owns a beach front cottage which has become his primary residence. Billy's primary concern is that his home will be hit by a hurricane and badly damaged or even destroyed. For Billy, this hurricane risk is a
A hurricane is a subjective risk
Risk Financing (4.9)
A risk management technique that includes steps to pay for or transfer the cost of losses - the more risk an org retains to pursue business, the more funds it must allocate to finance those risks - insurance is an example of this
Which one of the following types of risk analysis uses historical data to assign specific values to consequences and their probabilities to reach a numeric indication of the level of risk?
Quantitative analysis
How to mathematically determine the end probability (9.23)
End Probability = multiply together the probability of each event in the pathway that occurs after the initial accidental event (used w tree analysis menthods)
Leverage ratios...
measure the degree to which a company has borrowed money
What are the four types of risk in the risk quadrant approach to categorizing risks?
hazard, operational, financial, and strategic risks.
Text Mining
Obtaining info through language recognition
The strategic management process is _______ (8.12)
Cyclical
Acid-Test Ratio =
(Cash + Marketable Securities + A/R) / Current Liabilities ** more conservative measure of liquidity
ERM
(enterprise risk management) The comprehensive process of evaluating, measuring, and mitigating the many risks that pervade an organization.
Credit Risk (aka Counterparty Risk) (7.5)
The risk that the other party to an agreement will default
When working with subject-matter experts: (11.25)
1. Ask the right questions of the right people 2. Understand the answers
What are some common data analysis techniques?
exploratory data analysis, classification trees, regression analysis, and cluster analysis.
Classes of occupancy (5.11)
5.11
Pure risk (2.8)
A chance of loss or no loss, but no chance of gain
Strategy implementation is more difficult and takes more time than the strategy formulation stage (8.11)
All parts of an org play a part in implementation
Net worth =
Assets - Liabilities
What are two types of regression analysis?
linear regression and a generalized linear model.
5 accident factors that form the Sequence of Events (Domino Theory) (3.17)
1. Ancestry and social environment 2. Fault of person 3. An unsafe act and/or mechanical or physical hazard 4. The accident itself 5. The resulting injury
4 quadrants of the Risk Quadrant (2.12)
1. Hazard Risks (subject of insurance) 2. Operational Risks 3. Financial Risks 4. Strategic Risks ** Many risks fall into more than 1 risk quadrant
2 most commons problems that create confusion and communication breakdowns (11.23)
1. Hidden agendas 2. Status differences
3 types of Market Risk (7.3)
1. Interest rate risk 2. Exchange rate risk 3. Liquidity risk
4 steps of text mining (10.12)
1. Retrieve text data 2. Categorize unstructured data (unstructured data needs to be converted to structured) 3. Create a data mining model 4. Evaluate model's effectiveness Text-based data includes: email, letters, reports, PowerPoints, books, social media posts, medical records, etc
Natural Disasters (5.5-5.8)
5.5-5.8
Exculpatory clause (exculpatory agreement) (4.25)
A contractual provision purporting to excuse a party from liability resulting from negligence or an otherwise wrongful act.
Mission Statement (8.8)
A broad expression of an entity's goals ** process that will achieve the vision statement
Speculative risk (2.8)
A chance of loss, no loss, or gain.
Robotic Process Automation (RPA) (6.15)
A program that automates repetitive organizational processes. Most often used for administrative tasks, such as data entry. ** Reduces inconsistencies among data sources ** RPA can be a useful part of a business process mgmt plan ** Focused on creating a process to complete one task
Likelihood (2.19)
A qualitative estimate of the certainty with which the outcome of a specific event can be predicted.
A risk manager for a grocery store wants to see if there is a correlation between the frequency of customer slip and fall accidents, and the time of day. Which one of the following is a relatively simple data analysis technique that the risk manager could use to determine this correlation?
Bubble plot
In an effort to grow its personal lines book, an insurer decides to offer discounts on homeowners and personal auto insurance to the employees of its largest business lines account. Which one of the following risk measures is most likely to increase as a result of this marketing decision?
Correlation
Which one of the following is an example of exploratory data analysis
Correlation matrix
Working Capital =
CA - CL
Widget Manufacturing board of directors recently adopted a zero-risk tolerance for work place accidents. Initially the chief risk officer thought this was a great idea, however, he has found it very hard to implement. One reason that a zero-risk tolerance policy is hard to implement is because zero-risk tolerance
Will typically result in risk-based decisions that are too rigid and counter-productive.
Describe the SWOT approach to risk identification.
an acronym for strengths, weaknesses, opportunities, and threats—is a type of team approach that is useful in analyzing a new project or product. The strengths and weaknesses are internal factors to be considered. The opportunities and threats are external factors.
How can an organization estimate risk probabilities in the absence of historical data?
an organization may base probability estimations on predictions or expert opinions. Several structured processes have been developed to incorporate expert opinions into probability estimations involving risk. Predictive techniques, such as decision tree analysis and event tree analysis, assign numerical values to various components related to a risk and combine them to produce a probability estimate
Describe the change analysis approach to accident causation.
asks a series of "what if" questions regarding a possible change in process that has yet to occur. It then projects the consequences for the changes and for all feasible combinations of changes to reveal the risks that could arise because of the changes that went into effect.
6 basic risk measures (2.19)
1. Exposure 2. Volatility 3. Likelihood 4. Consequence 5. Time horizon 6. Correlation
Key Performance Indicator (KPI) (8.15)
A measurement that defines how successfully an organization is progressing toward its long-term goals.
Once a course of action is decided upon during the risk treatment stage of the risk management process, what action should a risk manager take next?
After deciding which course of action to take, the risk manager should communicate the decision up the organization's chain of command. The analysis that led to the decision should be summarized as clearly and concisely as possible. The executive-level decision makers should be given the ability to explain to others why the decision was made without being weighed down by minutiae
Why should a risk professional who has gained answers from a subject-matter expert continue to communicate and collaborate with that expert?
After having questions answered by the subject-matter expert, the risk professional will need to lay out all the potential risks, identify those that are most likely to affect the organization, assess their potential severity, and make treatment recommendations. Continued communication with subject matter experts will ensure ongoing cooperation in effectively treating the identified risks.
Risk Appetite (2.14)
Amount of risk an organization is willing to take on in order to achieve an anticipated result or return - to ensure that whatever might happen will be within the bounds of what was anticipated and can be effectively addressed
Job Safety Analysis (JSA) (3.20)
An analysis that dissects a repetitive task, whether performed by a person or machine, to determine potential hazards if each action is not performed ** Most universally applicable and versatile techniques for analyzing the cause of accidents ** ** Applies best to repetitive human tasks performed in an environment sufficiently stable to allow most hazards to be foreseen **
Identify the five accident factors contained in the domino theory.
Ancestry and social environment • Fault of person • An unsafe act and/or a mechanical or physical hazard • The accident itself • The resulting injury
Coefficient of Variation (9.10)
Another way to measure the spread of results - measures variation from a mean by dividing the SD by the mean - used to compare results from 2 diff sets of data Coefficient of Variation = SD / Mean
Exposure (2.19)
Any condition that presents a possibility of gain or loss, whether or not an actual loss occurs.
A financial institution is looking to implement an emerging technology that can identify a trader who is committing the institution to excessive financial risk and respond with built-in financial circuit breakers to limit the risk. Which emerging technology would the financial institution want to implement?
Artificial intelligence (AI) would be the emerging technology to implement for this purpose. AI refers to the ability of machines to simulate human intelligence, and it trains machines on the nuances of sources and the causes of various risks, then establishes automatic responses based on a set of rules.
Machine Learning (4.11)
Artificial intelligence in which computers continually teach themselves to make better decisions based on previous results and new data
What is the best way to break the Sequence of Events (Domino Theory)? (3.17)
Avoid step #3 "An unsafe act and/or mechanical or physical hazard"
Every probability distribution includes the probability of
Every possible outcome
Systems Risk (6.5)
Concerns the function of tech, it's intentional or accidental failure, and security
Mining
Consensus process that confirms and verifies - removed intermediary validation and establishes trust without a centralized authority
Which one of the following statements is true regarding the basic measures that apply to risk management?
Consequences measure the degree to which an occurrence could positively or negatively affect an organization.
In today's business environment, holistic risk management needs to be a collaborative effort. Which one of the following types of risk is the best example of why collaboration is needed?
Cyber risk
One type of noninsurance risk control transfer, a disclaimer of warranties, is used to
Deny any express warranties made in conjunction with the sale of property
Noise level, temperature extremes, and poor air quality are worksite sources of
Disabling illnesses
Which one of the following statements is true regarding event tree analysis?
Event tree analysis typically provides only 2 options, success or failure
Which one of the following provides a measure of the maximum potential damage associated with an occurrence?
Exposure
The use of risk quadrants to identify and categorize risk provides a framework for
Holistic risk identification
The original cost of a property is known as the
Historical cost
____________ organizations can use both VaR and EaR to assess financial risks (9.13)
Nonfinancial orgs
Which one of the following risk management objectives is critical for a manufacturer seeking new capital from investors, stockholders, and creditors?
Reduce the deterrent effects of hazard risks
Risk Assurance (6.12)
Refers to the level of confidence in the effectiveness of an org's risk mgmt culture, practices, and procedures ** Internal and external resources both have a role to play as an org builds risk assurance
If an insurer wants to determine the numerical value for a known target variable, it is most likely to use
Regression
________ ________ and ________ ________ are the forefront of the acceleration of retaining payment (4.13)
Smart contracts & Blockchain technologies ** Smart insurance contracts are self-executing contracts that will initiate a loss payment as soon as the parameters for the contract have been reached ** Blockchain technologies can be the infrastructure upon which smart contracts are built and implemented
Liquidity Risk (2.11)
The risk that an asset cannot be sold on short notice without incurring a loss
Objective Risk (2.9)
The measurable variation in uncertain outcomes based on facts and data.
Which one of the following statements about risk management monitoring and reporting is true?
The most important characteristic of a risk report format is that it is useful to the user
During the past year, International Toys has undertaken four capital projects. The company has renovated and refurbished one of its aging warehouse buildings. It has purchased the most recent version of its current order processing computer software. It has added two trucks to its fleet of delivery vehicles. Lastly, it has purchased a new production machine that will allow it to launch a new product line. Which one of the following company projects is the most speculative risk?
The new production machine project is the company's most speculative risk because the new product line could be a success or failure leading to a profit or loss.
Which one of the following concerns should an organization consider when using a Special Purpose Vehicle (SPV) to generate cash from income-producing assets
The organization must maintain a high level of disclosure regarding the SPV's assets
The premise of holistic risk management is that all business decisions and operations... (3.4)
carry some risk ** Taking risks is fundamentally necessary for growth
An organization's risk radar can ... (2.17)
detect risk indicators from one area of the org that affect one or more additional areas
Name the three basic categories of accident causes
e poor management, safety policy, and personal or environmental factors.
Effective risk mgmt processes include ... (2.7)
ongoing monitoring with periodic review of results
Identify the operational risk classes for generic risk indicators
people, processes, and systems
Because each of the earlier links of the domino theory leads directly to the next ... (3.17)
removing any of the four factors that occur before the injury should prevent the resulting injury from occurring
With SIRs....
the insured is responsible for adjusting and paying its own losses up to the SIR amount
With large deductibles....
the insurer adjusts and pays the entire loss and then bills the insured for the deductible amount ** Large deductibles are commonly used for WC, auto liability, and GL
The closer an individual's or organization's subjective interpretation of risk is to the objective risk ... (2.9)
the more effective its risk management plan is
Through what means can managers report on compliance?
through risk response plans, financial reports, and incident reports
What will fuel the future of holistic risk management?
will be fueled by the capture, storage, and analysis of data.
HAZOP (3.11)
"Hazard and Operability Study" A comprehensive review of a process or system - A team of subject matter experts and stakeholders identifies the risks associated with a given process and recommends a solution - Used to design complex, scientific systems - Can be adapted to analyze certain organizational strategies and initiatives - Process is comprehensive and involves experts **Ideal for projects and systems where virtually all risks must be eliminated**
Volatility (9.8)
** The reason for volatility is internal and external factors that affect the biz 4 metrics of volatility: 1. Expected value (mean) 2. Standard deviation 3. Coefficient of variation 4. Normal distribution
Facilitated Workshops (3.9)
- A neutral party (the facilitator) administers the risk workshop - Try to include representatives from diverse groups - Can be used for project or process, as well as to identify those risks that affect overall org objectives
Identify the four basic characteristics of root causes.
- A root cause is expressed as a specific underlying cause, not a generalization. - A root cause can be reasonably identified. - A root cause must be expressed as something that can be modified. - A root cause is something that can be prevented through effective recommendations.
Risk Appetite (8.17)
- Can be defined both quantitatively and qualitatively - Shouldn't be static; it should shift over time as internal and external factors change
Difference between collaboration, cooperation, and coordination (11.13)
- Collaboration is the act of working together to achieve a shared objective - Cooperation is the act of working together to achieve individual objectives instead of a shared objective - Coordination is the act of improving efficiency and reducing redundancy by some combo of arranging, assigning, organizing, or scheduling activities
Guaranteed Cost Insurance (4.22)
- Effective in paying for losses, maintaining liquidity, managing uncertainty, and complying with legal and regulatory requirements - Less effective than retention
How to reduce ERPL risk: (5.20)
- Employee handbook - Formal policy on sexual harassment - Annual performance reviews - Documented termination procedure - Exit interviews - Investigate all allegations of discrimination and harassment
Outcome of breach of fiduciary duty (5.21)
- If the breach causes a loss to a benefit plan, the fiduciary is personally liability for the full amount of the loss - Employer may be held vicariously liable for breaches of fiduciary duty committed by its employees or agents
Scanning the environment cannot be completed without seeking input from experts within and outside the risk professional's org (11.9)
- Internal communication can help define the org's risk appetite, which in turn determines how to handle risks - External sources can help reveal potential risks an org might not otherwise be aware of
Risk Assurance Cont. (6.12)
- Internally, the establishment and use of policies and procedures, safety manuals, disaster recovery plans, and ee training help manage operational risk - Risk assurance can be fostered through internal auditing procedures, internal controls, and the preparation and review of financial reports - Externally, third party audits confirm that financial statements are true (ex. positive press reports, supplier and lender confidence, reports and rankings from legal and regulatory authorities, and customer surveys
Sequence of Events (Domino Theory) (3.17)
- Limited applicability to accidents caused by natural disasters - Well-suited to accidents caused by human carelessness
Noninsurance transfer for risk CONTROL (4.23)
- Shifts loss exposures to the transferee to reduce the frequency and/or severity ** In a noninsurance transfer for risk control, a bankrupt or uncooperative transferee may continue to be responsible for losses arising
Strategic Risk Factors (8.4)
- Strategic risks are often associated w external factors that are beyond a single org's control - Strategic risks can arise from internal factors - Strategic risks can be created or affected by factors associated w the other risk quadrants
Risk Reporting (6.14)
- To be effective, a risk reporting system must provide a flow of info both up and down authorities - Risk reports should focus on key risk indicators that show whether the org is meeting goals and objectives; should also include trends, performance measures, and compliance w standards - A risk mgmt monitoring and reporting system should use both quantitative and qualitative data
Noninsurance transfer for risk FINANCING (4.23)
- Transfers only the financial consequences ** In a noninsurance transfer for risk financing, an insolvent transferee provides no protection to the transferor
Delphi Technique (3.9)
- Uses the opinions of a select group of experts to identify risks - Typically its done through a survey or inquiry - Question and response cycle continues until a consensus is reached
How are operational risk and strategic risk different? (8.3)
- With operational risk, the focus is only making sure that things are done right - With strategic risk, the focus is on doing the risk things and making the right decisions to ensure that the org achieves its strategic goals
What are the benefits of probability analysis? (9.3)
- prioritize loss exposures (by likelihood or potential severity) - predict and estimate both the positive and negative consequences of a risk - evaluate and prioritize risk mgmt decisions
Sum of probabilities in a probability distribution
1 NOT 100
What are some strategies that can be used to mitigate operational risk associated with people?
1 2
What's the purpose of a data governance program?
1 2
What two aspects always need to be considered when interpreting linear regression lines?
1. A line tends to become less accurate the farther away it gets from the actual data values used. 2. For any past year, the dependent variable's value calculated by the linear regression line isn't likely to exactly equal the historical value for that past year.
Data analysis is typically used to determine one of these 4 types of outcomes: (10.8)
1. A nonnumerical category to which data belongs 2. A numerical answer 3. A probability score 4. A prediction for future results
4 basis characteristics of RCA (3.21)
1. A root cause is expressed as a specific underlying cause, not a generalization 2. A root cause can be reasonably identified 3. A root cause must be expressed as something that can be modified 4. A root cause is something that can be prevented through effective recommendations
6 human characteristics that impact susceptibility to injury or death (5.9)
1. Age 2. Mobility 3. Awareness 4. Knowledge of surroundings Affect groups - 5. Density 6. Crowd control
4 categories of loss likelihood under the Prouty Approach (4.7)
1. Almost nil 2. Slight 3. Moderate 4. Definite
5 basic principles of risk control per TOR (3.19)
1. An unsafe act, condition, and/or accident are all symptoms of something wrong in the mgmt system 2. Certain circumstances, unless ID'd and controlled, may produce severe industries 3. Safety should be managed like any other org function 4. Mgmt must specify procedures for accountability 5. The function of safety is to locate and define the operational errors that all accidents
3 elements of active listening (11.6)
1. Attention 2. Suspension of judgement 3. Response
5 ways to treat risks (2.6)
1. Avoid the risk 2. Modify the likelihood and/or impact of the risk 3. Transfer the risk 4. Retain the risk 5. Exploit the risk
4 ways to treat human resource risk (5.25)
1. Avoidance - reduces the possibility of an activity's future loss to zero 2. Loss Prevention - used when avoidance is impossible/undesirable 3. Loss Reduction 4. Separation & Duplication - arranging and org's activities so no single event can cause simultaneous losses to all of them
5 categories of risk treatment techniques (4.5)
1. Avoidance 2. Modification 3. Transfer 4. Retention 5. Exploitation
4 ways to value property (5.13)
1. Book value 2. Replacement cost 3. Market value 4. Economic value
6 examples of Risk Criteria (2.5)
1. Causes of risk 2. Effects of risk 3. Metrics used to measure effects of risk 4. Timeframe of potential effects 5. Methods to determine level of risk 6. Approach to combos of risk
4 steps of the RCA (3.22)
1. Collect data 2. Chart casual factors 3. Identify the root cause 4. Determine and implement recommendations
4 costs of risk (2.18)
1. Cost of accidental losses 2. Insurance premiums 3. Costs of risk control techniques 4. Cost of administering risk mgmt activities
2 common measures of financial leverage (7.10)
1. Debt-to-Equity Ratio = Long term debt / SE - used to access the relative extent of an org's debt financing compared w other orgs in the same industry 2. Debt-to-Assets Ratio = Total Liabs / Total Assets - shows the extent a company's assets are financed by debt - if > 0.5, most of the company's assets are financed through debt
5 steps of Data-Driven Decision (10.16)
1. Defining the risk mgmt program 2. Gathering quality data 3. Analyzing and modeling the problem 4. Determining insights by IDing trends, relationships, behavior, and events 5. Making decisions
3 Centrality Measures (10.15)
1. Degree - measure of the connections each node has 2. Closeness - measure of the avg distance, or path length, between a particular node and the other nodes in a network 3. Betweenness - measure of how many times a particular node is part of the shortest path between 3 other nodes in a network
The Strategic Management Process includes 5 interdependent states (8.8)
1. Developing short and long term goals 2. Analyzing internal and external environments 3. Formulating strategies 4. Implementing strategies 5. Evaluating strategies
4 types of ERPL risk (5.19)
1. Discrimination 2. Wrongful termination 3. Sexual harassment 4. Retaliation ** These classifications are not mutually exclusive **
2 ways an org can deal with strategic risks (8.13)
1. Downstream - after consequences have occurred 2. Upstream - before consequences have occurred ** may be too late if downstream - best to tackle strategic risk upsteam (proactive)
3 metrics used to quantify strategic risk (8.6)
1. Economic Capital - amount of capital required to maintain solver and cover the risk retained by an org 2. Risk-Adjusted Return on Capital (RAROC) - measure of the return on investment after accounting for risk 3. Shareholder Value Added - measure of profitability after funding costs are considered
The risktech ecosystem includes what 4 things?
1. Emerging tech 2. Smart products 3. Smart operations 4. Big data analytics
3 steps of strategy evaluation (strategic control) (8.12)
1. Establish performance standards and measurements 2. Compare actual results with established standards 3. ID and implement corrective actions
6 things an effective risk management plan needs (4.8)
1. Explanation of treatment technique 2. Proposed actions 3. Resource requirement 4. Roles and responsibilities 5. Timeline 6. Monitoring requirements
Strategic risks can be created and affected by ________ ________ or ________ _______ (8.3)
1. External Factors - economic condition, gov regulations, consumer demand 2. Internal Factors - org/s structure, culture, processes
5 effective team approaches to identify risks (3.8)
1. Facilitated Workshops 2. Delphi Technique 3. Scenario Analysis 4. HAZOP (hazard and operability) 5. SWOT ** Taking a team-oriented approach to identifying risks can provide diverse perspectives on risks
Effective techniques for motivating supervisors, ees, customers, and other 3rd parties to collaborate to achieve a shared goal (11.15-11.16)
1. Get to know as much as possible about the other stakeholders 2. Seek stakeholder input when making decisions 3. Examine how collaborators want to be rewarded 4. Seek feedback on yourself from peers, managers, and subordinates 5. When revising job duties, try to enrich individuals' work rather than just expanding it 6. Request (and/or fight for) equipment, staff, and other resources needed to support stakeholders 7. Help team members see the big picture 8. Explain how collaboration will affect them individually
5 responsibilities of managers to implement strategy (8.12)
1. ID and document the specific processes 2. Communicate info 3. Assign specific responsibilities 4. Allocate adequate requirements 5. Make necessary adjustments
Insurers are willing to insure exposures that share these 6 characteristics: (4.20)
1. It's associated with pure risk 2. It's accidental from the insured's standpoint 3. It's definite and measurable 4. It's one of a large # of similar exposure units 5. It's not a catastrophe 6. It's economically feasible to insure
In a risk classification framework, operational risks can be divided in these 4 categories: (6.3)
1. People 2. Process 3. Systems 4. External events
3 basic categories of accident causes (3.16)
1. Poor management 2. Safety policy 3. Personal or environmental factors
2 factors that highly affect speculative risk (2.9)
1. Price risk 2. Credit risk
5 pieces of the connected ecosystem
1. Property 2. Supply chain 3. Transportation 4. Catastrophe 5. Workplace
4 most common classifications of risk (2.7)
1. Pure and speculative risk 2. Subjective and objective risk 3. Diversifiable and non-diversifiable risk 4. Quadrants of risk (hazard, operational, financial, and strategic)
3 benefits that VaR provides as a risk measure
1. Quantifies the potential loss associated with an investment decision 2. Articulates complex positions (typically involving multiple investments) as a single figure 3. Expresses loss in easy-to-understand monetary terms
2 metrics used to assess strategic risk (8.6)
1. Risk Appetite 2. Risk Threshold - the range or amount of risk that is acceptable
5 stages of the Process for Managing Risk (2.4)
1. Scan Environment 2. Identify risks 3. Analyze Risks 4. Treat Risks 5. Monitor and Review
5 theories / approaches to understanding accident causation (3.16)
1. Sequence of events (domino theory) 2. Energy transfer theory 3. Technique of operations review (TOR) approach 4. Change analysis 5. Job safety analysis
Steps of a productive communication process (11.4)
1. Set a clear communication objective 2. Analyze your audience 3. Decide when and where to talk 4. Pay attention to your body language 5. Ask for feedback
Blockchain uses (6.16-6.17)
1. Similar to smart contracts 2. Can alleviate operational risks caused by the inaccuracy and inefficiency of current record-keeping practices 3. Help in medical field with patient info and prescriptions 4. Help reduce redundant record keeping in the financial world
3 categories of loss impact (4.7)
1. Slight 2. Significant 3. Severe
Legal obligations are based on these 3 items: (2.17)
1. Standard of care owed for others 2. Contracts entered into by the org 3. Federal, state, provincial, territorial, and local laws and regulations
3 quadrants of risk (3.4)
1. Strategic risk 2. Operational risk 3. Financial risk
4 examples of data-driven decision making
1. Telematics 2. Discovering new relationships in data 3. Text mining 4. Developing new products
The law of large numbers can be used to more accurately forecast future events only when the events meet what three criteria?
1. They occurred in the past under substantially identical conditions and resulted from unchanging forces. 2. They can be expected to occur in the future under the same unchanging conditions. 3. They have been and will continue to be both independent of one another and sufficiently numerous.
5 characteristics of big data (10.3)
1. Volume 2. Variety 3. Velocity 4. Veracity 5. Value
3 common smart products
1. Wearables 2. Drones 3. Robots
3 prevalent human resource risks (5.22)
1. Work-related injury and illness - machinery and equipment use - materials handling - vehicle fleet operations - physical condition of premises 2. Retirement and resignation 3. Work-related violence - both physical and mental
If 95.44% of all outcomes are within two standard deviations above and below the mean and 2.15% of all outcomes are between two and three standard deviations above and 2.15% of all outcomes are between two and three standard below the mean, the percentage of all outcomes that lie beyond three standard deviations from (above and below) the mean is
100% - 95.44% - 2.15% - 2.15% = 0.26%
In a normal distribution 34.13% of all outcomes are within one standard deviation above the mean. The portion between one and two standard deviations above the mean contains 13.59% of all outcomes. What percentage of the total outcomes is between two standard deviations below the mean and two standard deviations above?
34.13 + 13.59 (times 2 since distribution is symmetrical) = 95.44
Exploratory Data Analysis (EDA) (10.4)
A category of graphical and statistical techniques used to explore the structure of a dataset and ID data deviations
Risk Control (3.15)
A conscious act or decision not to act that reduces the frequency and/or severity of losses or makes losses more predictable.
How can a continuous distribution be designed to calculate the probability that an outcome will fall within a certain range?
A continuous distribution can be divided into a finite number of bins to calculate the probability of an outcome falling within a certain range.
Hold-harmless agreement (or indemnity agreement) (4.25)
A contractual provision that obligates one of the parties to assume the legal liability of another party - Indemnitee: party that uses a hold-harmless agreement to transfer the financial consequences of a loss to a 2nd party - Indemnitor: agrees to indemnify the indemnitee
Transducer
A device that converts one form of energy into another
Sensor
A device that detects and measures stimuli in its environment - an IoT object that collects and transmits data - they assess risk by detecting and measuring objects or conditions on a continuous basis, which provides early warnings
Accelerometer
A device that measures acceleration, motion, and tilt.
Blockchain
A distributed digital ledger that facilitates secure transactions without the need for a third party - aka. system of verification and confirmation - maintains a continuously growing list of records (blocks) in chronological order; a new block is created each time a transaction occurs
After an organization develops and implements its strategic plan, it needs to determine how risk taking will be controlled. Which one of the following statements is correct with respect to risk taking?
A factor in strategic decision making is whether an organization has an advantage in controlling risk with a given activity
Derivative (4.17)
A financial instrument whose value is derived from the value of an underlying asset, which can be an index, an asset, yield on an asset, weather conditions, inflation, loans, bonds, and insurance risk, or other items
Hedging (4.17)
A financial transaction in which one asset is held to offset the risk associated with another asset.
An excess liability insurance policy that covers a claim in excess of the underlying limits only if the loss is covered by the underlying policy is called
A following-form excess policy
Neural Networks (10.14)
A form of artificial intelligence in which a computer is programmed to mimic the way human brains process information ** 3 layers: input, hidden, output (input collects the data, hidden is where all the work takes place, output offers the results of the analysis) Drawbacks 1. They can be overtrained 2. The processes undertaken by the network during the hidden phase may be too incomprehensible to be evaluated thoroughly enough
Linear Regression Analysis (9.16)
A form of regression analysis that assumes that the change in the dependent variable is constant for each unit of change in the independent variable
Risk Management Framework (2.3)
A foundation for applying the risk management process throughout the organization.
PESTLE Analysis - Political, Economic, Sociological, Technological, Legal, Environmental (8.9)
A framework used in strategic management for the purpose of assessing the external political, economic, sociological, technical, legal, and environmental arenas in which an organization operates. ** SWOT can be used to take a deeper dive into each of the 6 catergories
Actuator
A mechanical device that turns energy into motion or otherwise effectuates a change in position or rotation using a signal and an energy source.
Porter's Five Forces Analysis (8.9 and 8.10)
A method of evaluating five forces that affect an organization's competitive environment, including the threat of new entrants to the market, the threat of substitute products or services, the bargaining power of customers, the bargaining power of suppliers, and competition among existing firms.
Exposure Indicator (6.9)
A metric used to identify risk inherent to an organization's operations * referred to as inherent indicators
Cluster Analysis (10.8 and 10.11)
A model that determines previously unknown groupings of data - there are diff methods that segment data according to similarities in various attributes - collection of algorithms that put data into groups or clusters according to well-defined similarity rules - used when a risk mgmt professional has a general problem to solve but does not know the variables a predictive model must analyze to do so
Northern Consolidated is evaluating the financial risk associated with its investment portfolio. The risk manager knows that as interest rates increase, bond values decrease. This relationship is known as
A negative covariance
Internet of Things (IoT)
A network of objects that transmit data to and from each other without human interaction
Probability Distribution (9.3)
A presentation (table, chart, or graph) of probability estimates of a particular set of circumstances and of the probability of each possible outcome.
Empirical Probability (a posteriori probability) (9.4)
A probability measure that is based on actual experience through historical data or from the observation of facts. - associated w historical data - estimated by studies - they are only estimates - often used for risk mgmt applications
Correlation (2.19)
A relationship between variables
Avoidance (4.5)
A risk control technique that involves ceasing or never undertaking an activity so that the possibility of a future loss occurring from that activity is eliminated.
Loss Prevention (4.5)
A risk control technique that reduces the frequency of a particular loss.
Loss Reduction (4.5)
A risk control technique that reduces the severity of a particular loss.
Retention (4.5)
A risk financing technique that involves assumption of risk in which gains and losses are retained within the organization - often used only after other treatment techniques have been considered - often used in conjunction with other techniques - used when the potential negative consequences associated with it are low
Insurance (4.19)
A risk management technique that transfers the potential financial consequences of certain specified loss exposures from the insured to the insurer.
Diversifiable Risk (2.10)
A risk that affects only some individuals, businesses, or small groups - occur randomly and can be isolated
Which one of the following statements about root cause analysis (RCA) is true?
A root cause must produce effective recommendations for prevention of future accidents
Social Network Analysis (10.15)
A social network is a group of individuals who share relationships and the flow of info - ex. humans, websites, computers, animals, orgs, countries, etc (all referred to as nodes) ** A function of this is to determine trends and make predictions
Regression Analysis (9.16)
A statistical technique that is used to estimate relationships between variables. - it can increase the accuracy of forecasting by examining relationships between the variables that affect trends
Why is it important to be able to accurately determine volatility?
A subject that has higher volatility is riskier and more likely to need to be monitored or managed.
Classification Tree (aka decision tree) (10.8 - 10.10)
A supervised learning technique that uses a structure similar to a tree to segment data according to known attributes to determine the value of a categorical target variable - graphically depict what you're thinking - making a decision tree requires a systematic documented thought process
Internal Control (11.10)
A system or process that an organization uses to achieve its operational goals, internal and external financial reporting goals, or legal and regulatory compliance goals.
Probability Analysis (9.3)
A technique for forecasting events, such as accidental and business losses, on the assumption that they are governed by an unchanging probability distribution.
Earnings at Risk (EaR) (9.13)
A technique to assess earnings volatility by measuring the likelihood that earnings will be below a specific dollar amount over a specific period of time (measures financial risk) - typically used to determine the probability of loss on an investment portfolio over a certain (usually short) time period - mainly used by financial institutions to determine the amount by which the NI of an investment may shift as a result of changes in market conditions
Value at Risk (VaR) (2.14)
A technique to quantify financial risk by measuring the likelihood of losing more than a specific dollar amount over a specific period of time.
Conditional Value at Risk (CVaR) (9.13)
A technique to quantify the likelihood of losing a specific dollar amount that exceeds the VaR threshold - helps to analyze the extremely large losses that may occur
Key Risk Indicator (KRI) (6.7)
A tool used by an organization to measure the uncertainty of meeting a strategic business objective. ** Provide leading info regarding issues that risk mgmt professionals should manage before the issues lead to incidents and loses ** Categorized by exposure and control indicators
The predictive approach to data-driven decision making would be most appropriate for which one of the following situations?
A transportation company is looking for a way to optimize routes and improve fuel efficiency ** A transportation company is looking for a way to optimize routes and improve fuel efficiency. A predictive data-driven approach would be appropriate in the transportation situation, because it is a business strategy decision that will likely be used repeatedly. The descriptive approach would be more appropriate for the restaurant because the problem relates specifically to its seafood supplier.
Name some smart products being used in risk management today
A variety of smart products are being used in various industries to assess and control risk. Some of the most common include wearables, drones, robots, and smartphones.
Strategy Map (8.14)
A visual diagram showing the plans an org develops to meet its strategic objectives ** IDs key objectives that will result in obtaining a strategic goal ** Visual guide of everything that must be accomplished to achieve a strategic goal
Scenario Analysis (8.14)
An analysis that involves brainstorming the worst conceivable set of events that could befall a system, projecting the consequences of those events, and suggesting ways in which those events could be prevented. ** prepares for different scenarios, it doesn't predict them
Change Analysis (3.19)
An analysis that projects the effects a given system change is likely to have on an existing system - asks a series of "what if" questions regarding a possible change in process that has yet to occur
Energy Transfer Theory (3.17)
An approach to accident causation that views accidents as energy that is released and that affects objects, including living things, in amounts or at rates that the objects cannot tolerate - basic cause of accidents is energy out of control - focus of controlling released energy and/or reducing the harm caused by that energy
Technique of Operations Review (TOR) (3.18)
An approach to accident causation that views the cause of accidents to be a result of management's shortcomings - focuses on preventing accidents cause by ineffective management
Business Process Management (BPM) (6.18)
An enterprise-wide approach that looks to optimize business processes, making use of automatization when appropriate.
Deep Learning
An extension of AI that attempts to understand and mimic neural networks in the brain through software that simulates image and speech recognition
Data Science (10.17)
An interdisciplinary field involving the design and use of techniques to process very large amounts of data from a variety of sources and to provide knowledge based on the data. Descriptive Approach v. Predictive Approach - Descriptive: one-time solution that a risk manager uses to solve a specific problem - Predictive: can be used repeatedly to provide info for data-driven decision making by humans, computers, or both; can ID the likelihood of future outcomes based on historical data
Decision Tree Analysis (9.20)
An org might use this to select the best course of action - can provide both qualitative and quantitative analysis
How should an organization approach the process of reporting data?
An organization should be aware of the advantages and disadvantages of the different data to be collected and the different methods used to report that data. A risk management monitoring and reporting system should use both quantitative and qualitative data.
Risk management professionals must collaborate with data analysts during which two steps of the risk management process?
Analyze risks and monitor risk treatments
Event Tree Analysis (9.21)
Analyze the consequences of accidental events - can provide both qualitative and quantitative analysis - often used to determine the need for and to examine the effectiveness of risk treatment methods
Prouty Approach (4.7 & 4.8)
Analyzes a risk's loss likelihood and impact to determine a proper treatment - losses that have a slight chance of occurring and are low impact are retained - losses with a high likelihood and intolerable impact are avoided - risks in the middle call for modification
Which one of the following is a major benefit that blockchain technology provides to holistic risk management?
Because of their security, blockchains can eliminate the need to verify the accuracy of risk management data
Why are SPVs scrutinized?
Because they have been used to manipulate org's income statements and balance sheets
Identify several of the risk indicators for the operational risk class of systems.
Benchmarks against industry standards • Internal and external review • Analysis to determine stress points and weaknesses • Identification of areas of highest risk • Testing • Monitoring
In addition to metal detectors, many airports have installed a second type of scanning technology for checked baggage and cargo. The checked bags and cargo pass through a portal with scanners programmed to detect and test for explosive trace fumes. These scanners, which detect explosives based on air samples, are an example of what type of sensor used for risk assessment and control?
Biochemical sensors
Thanks to their security, _____, can eliminate the need to verify the accuracy of risk management data (3.7)
Blockchains ** Allows for time to be spend on forward-looking functions
Businesses are making investments in their big data infrastructures. How are these investments laying the groundwork for the continued evolution of the risk management landscape?
Businesses' investments in big data infrastructure are laying the groundwork for the continued evolution of the risk management landscape in ways that include empowering organizations and their risk management professionals to better access and analyze data and to more efficiently and quickly conceive, develop, and distribute products.
Current Ratio =
CA / CL
Book Value (Net Depreciated Value) (5.13)
Calculated on the accounting assumption that a portion of the asset's useful life has expired **an assets historical cost minus accumulated depreciation
Under a large deductible plan, the amount that the insurer incurs to adjust losses
Can be inside or outside the deductible
Big Data
Capture, storage, and analysis of data
Company G is a manufacturer of high profile golf equipment. The risk management professional for Company G is concerned about loss of business related to product design. Failing to respond to changing customer demand and preferences in the design of golf clubs could cost Company G significant market share. Categorized according to the quadrants of risk, this exposure to loss is classified as
Categorized according to the quadrants of risk, this exposure to loss is classified as a strategic risk. Strategic risks arise from trends in the economy and society.
Describe the reasons why risk control should be a central part of the management of directors and officers (D&O) loss exposures.
Claims against corporate directors and officers can create considerable defense and settlement costs. Key executives must devote significant amounts of their time to defending against claims and the potential loss of reputation for the corporation. Although D&O liability insurance can transfer some of the financial risk of these suits, it cannot restore a corporation's reputation. Loss of a corporation's reputation can damage customer relationships, hinder access to the capital markets, and make it difficult to attract highly qualified executives. Therefore, risk control should be a central part of the management of D&O loss exposures.
Tom, the regional manager at Westfork Mutual, has planned a community service day for all employees. He has asked his two assistant managers, Julian and Leah, to spread the word to other employees and encourage them to attend. Based on centrality measures of the company's email traffic, Tom is confident that Julian will spread the word to more employees more quickly through email than will Leah. Tom's confidence is based on Julian's high score in which one of the following centrality measures?
Closeness
Nancy, the general liability claims manager, is concerned about a significant rise in claim frequency in the state of New Jersey during the past 18 months. She cannot identify the cause of the increase and has asked James, a data analyst, to help. James decides to develop a model to analyze the dataset of New Jersey claims, and see if any previously unknown grouping can be identified for further analysis. Which one of the following data analysis techniques is James using?
Cluster analysis; works well to ID previously unknown groupings of data
The emerging technologies applied to risk assessment and control link the physical domain to the virtual domain. Together, these domains linked by the emerging technologies create a
Connected ecosystem
Identify the type of situation to which the domino theory is most applicable.
Considering its emphasis on human fault, the domino theory is most applicable to situations within human control.
Which of the following risk management program goals is an essential goal for all public entities?
Continuity of operations
Insurance Company monitors key indicators of underwriting effectiveness. Some indicators they monitor include: percentage of business quoted that was written, application processing time, premium volume handled by underwriters, skill level of underwriters, and benchmarking between different underwriting offices. The indicators of underwriting performance Insurance Company uses are called
Control indicators
________ ________ usually provide info about management (6.9)
Control indicators
Technological advancements
Could be an opportunity or a threat
Which balance sheet ratio would best assist Jones, Inc. in determining if Snack Cracker can pay for the grain within 30 days of the sale?
Current ratio
Risk analysis can be straightforward or complex (11.10)
Data analysts often collaborate w risk professionals to help them understand certain complex risks
How does data capture work?
Data capture is enabled primarily by smart products that sense their environment, process data, and communicate with other smart products and smart operations through the Internet of Things (IoT).
Organizations can use ________ ______ _______ and _______ ______ ______ to predict the likelihood and severity of consequences or gains arising from decisions and events (9.20)
Decision Tree Analysis and Event Tree Analysis - Decision Tree examines the consequences - Event Tree examines all possible outcomes from an accidental event
To lead an effective meeting, you must... (11.21)
Define specific objectives
Commercial general liability insurance policies written on an occurrence basis apply to bodily injury and property damage that occurs during the policy period. This provision supports the principle that insurable loss exposures must ideally be
Definite
Examples of Descriptive vs. Predictive
Descriptive Approach - a retailer is concerned about rising theft losses - an automotive retailer is looking for a more reliable supplier for a particular product Predictive Approach - a construction company is looking to lower accident frequency when equipment is being driven to work sites - a bank is considering offering a new small biz loan program
EaR Modeling (9.14)
Determining EaR entails modeling the influence of factors such as changes in interest rates, sales, production costs, the prices of products, etc - helpful in comparing the likely effects of diff risk mgmt strategies on earnings ** Models are developed using the Monte Carlo Simulation
The relationship between the expected value and the standard deviation of a normal distribution can have useful practical application. Which one of the following best describes such a practical application?
Determining a maintenance schedule for equipment that could become dangerous if it were to fail
Which one of the following is a way that insurers and risk managers can use data science to improve their results through data-driven decision making?
Discovering new relationships in data
Maria is a risk management professional trying to analyze workers compensation loss frequency by cause of loss. Which one of the following forms of probability distribution would be most appropriate for her to use?
Discrete
2 forms of probability distribution: Discrete and Continuous (9.6)
Discrete = finite Continuous = infinite
An employer has a personnel policy that requires employees to be at least six feet tall before they can be considered for an office managerial position. This action would be cause for an employee to file a discrimination claim against the employer based on
Disparate impact
Fiduciary liability risks arise mainly out of the possibility that beneficiaries of an ee benefit plan may file a lawsuit against the plan officials for breach of their fiduciary duties (5.20)
Duties of a plan fiduciary: 1. Loyalty 2. Prudence (care, skill, judgement, diligence) 3. Diverisification 4. Adherence (must follow the law)
Which one of the following statements is true if earnings at risk are $200,000 with 90% confidence?
Earnings at risk are projected to be less than $200,000 10% of the time.
Frame Action Design (5.7)
Earthquake-resistant construction that relies on the resilience of steel or specially designed reinforced concrete to absorb energy while undergoing considerable distortion and return to their original shapes.
Box Action Design (5.7)
Earthquake-resistant construction, used in buildings under three stories tall, that integrates roof and floor diaphragms that can flex to transmit and distribute the forces an earthquake exerts on a structure.
Identify some of the risk indicators for the operational risk class of people.
Education • Experience • Staffing levels • Employee surveys • Customer surveys • Compensation and experience benchmarked to industry • Incentives such as bonuses • Authority levels • Management experience
Estimates whose accuracy depends on the size and representative nature of the samples being studied are
Empirical probabilities
Martha Hier, the Human Resource manager for Quick E foods is struggling with the loss of employees at its chain of restaurants. Of particular concern is the recent rash of discrimination cases brought against the company with former employees claiming mistreatment based on gender, age, or race. Hier went to the company's risk manager concerned not only with the immediate and short-term loss of productivity but the longer term potential human resource loss exposure resulting from
Employment liability
Which one of the following best describes the categories of risk included in the enterprise risk management model?
Enterprise risk management encompasses operational, strategic, financial, and hazard risks. Enterprise risk management focuses on an organization as a whole.
The physical stress on joints, bones, muscles, and nerves and the stress created by such factors as lighting, glare, and noise constitute
Ergonomic stress
Take Your Order (TYO) is a company that specializes in taking product orders for vendors. The manufacturer of a product can run a television or internet ad for a product with a toll-free number. Customer calls for the products are routed to TYO, where one hundred operators are available to receive the calls. Each operator is assigned a cubicle with a computer terminal, video display monitor, and a telephone. TYO experienced high workers compensation claims from its operators, claiming neck strain, eye strain, and wrist pain. In an effort to reduce such injuries, TYO evaluated each operator's work area. The height of chairs and video monitors were adjusted, curved computer keyboards and wrist-rests were provided, and the telephones were replaced with audio headsets. Workers compensation costs dropped significantly. The science of designing work spaces based on interaction between people and the equipment in the work space is called
Ergonomics
Time Horizon (2.19)
Estimated duration
3 modes of persuasion: Ethos, Logos, Pathos (11.20)
Ethos: "character", need to establish the speaker's credibility Logos: "reason", need to support a message, claim, or argument w evidence Pathos: "emotion", need to make an emotional appeal to the audience
How is exploratory data analysis important to the construction of a predictive model?
Exploratory data analysis can be used before developing and testing a predictive model to produce a basic understanding of the data on which the model will be based. This is important because a model's predictive ability is only as strong as the data it's built on.
Compare exposure indicators and control indicators.
Exposure indicators are indicators that are integral to an organization's operations. Control indicators usually provide information about an organization's management.
One of the reasons that building occupancies affect life safety is that different occupancies have different
Features that affect safe exit from a building.
_______ and _______ risks are classified as speculative risks (2.11)
Financial and strategic
How should you approach strategic risks? (8.3)
Focus on preventing problems and exploiting opportunities ** The goal of strategic risk assessment is to accurately determine whether a particular biz decision is worth the risk
Volatility (2.19)
Frequent fluctuations, such as in the price of an asset.
When an employee retires or resigns, the most significant loss to the organization is typically the
Future value that the individual would have provided to the organization.
Home Appliance Company has decided to change its production method. Previously, small teams of workers assembled washers, dryers, and dishwashers. Under the new production method, an assembly-line will be used, with some functions performed by robotics. Before making the change, Home Appliance Company has created a team of experts from company personnel to identify all of the risks inherent in the new production method and to recommend measures to address these risks. The team will assemble in a facilitated workshop and follow these steps: Divide the production method into components Review each component to identify risk Identify causes and potential outcomes for each risk Develop a solution for each risk. This team approach is risk identification is called a
HAZOP study (hazard & operability)
________ and ______ risks are classified as pure risks (2.11)
Hazard and operational
One of the levels of risk a business faces is the risk of accidental loss, including the possibility of loss or no loss. This category of risk is
Hazard risk
Risks from accidental loss, including the possibility of loss or no loss defines
Hazard risk
Insurable risks are mainly confined to ______ risk and ______ risk (4.19)
Hazard risk & Operational risk
Carol has worked as a payroll clerk for a small organization for 20 years. Over the years she received only two small salary increases and began to embezzle funds from the company since she felt she was not adequately compensated for her job efforts. In terms of the quadrants of risk, Carol's theft risk can be classified as
Hazard risk & operational risk
Holistic risk management examines all areas of the business, including _____ _____ (3.3)
Hazard risks
Risk treatment techniques apply to _______, ______, _______, and ______ (4.4)
Hazard, Operational, Financial, and Strategic risks
Heather, a risk management professional, is seeking to create a financing plan that involves transfer, but is unsure how her client's asset will fare. What plan should Heather suggest?
Heather should suggest hedging. The benefit of a hedge is that it can reduce an organization's risk of uncertainty over an asset. Typically, it involves investing in a security that is negatively correlated with an organization's asset.
Normal Distribution (9.11)
Helps forecast volatility around a central, or expected, value 68% w/in two SDs 95% w/in four SDs 99% w/in six SDs
Insurance is often the best technique for financing losses with high _________ and low _______ (4.18)
High severity & Low frequency
The book value of a property is based on its __________ _________ (5.13)
Historical Cost = original cost of a property
One example of a noninsurance risk financing transfer is a
Hold-harmless agreement
The 4 most important strategic risk management principles that managers need to know (8.16)
How to apply... 1. Risk Appetite 2. Risk Tolerance 3. Risk Assessment 4. Risk Control
Centrality Measure (10.15)
In a social network context, the quantification of a node's relationship to other nodes in the same network
While assessing his company's risk, Jacob discovered the total level of risk exceeds past levels. In this instance, what risk strategy should Jacob employ?
In this instance, Jacob may decide to employ risk treatment to reduce the level of risk to a range in line with its risk tolerance that would not unduly threaten profit objectives.
Process Risk (6.5)
Includes the procedures and practices orgs use to conduct their biz activities ** Risk often stems from the possibility that a practice will depart from procedure
An organization can use securitization to exchange
Income-producing assets for cash.
Taylor owns Paoli Hardware, a mid-sized hardware store with 25 employees. Paoli Hardware has won best local hardware store 3 years in a row. Taylor would like to expand operations and has undertaken a SWOT analysis.His most dedicated customers are generally over 40 years old and engaged in small house projects, but his biggest revenue generator continues to be the sale of lumber. He would like to obtain more commercial customers and increase lumber sales. One of the major complaints Taylor hears from his customers is the difficulty finding local contractors. So, he is considering hiring a general contractor at the store who would also make house calls to assist customers. This will allow him to bill for labor and increase the sale of his products, but he is concerned it may increase his insurance claims and premiums. One of the younger store employees suggested they create a website to expand sales to on-line purchases and target electronic advertisements to commercial accounts. Taylor is not sure that he has the expertise to maintain a website and run the store. The employee claims to know a company that can maintain a website for Paoli at minimal cost. Taylor believes the website is a good idea and will increase sales of lumber. To protect Paoli from increases in the cost of lumber, Taylor is considering a forward contract with the lumber yard. If Taylor completed a PESTLE analysis instead of a SWOT analysis, the PESTLE analysis would include which one of the following?
Increase in competition
For insurers to utilize pooling most effectively, the insured exposure units need to be
Independent
Examples of Non-Diversifiable Risks (2.10)
Inflation, unemployment, natural disasters
Cloud Computing
Info, technology, and storage services contractually provided from remote locations, through the internet or another network, without a direct server connection
Risk Criteria (2.5)
Information used as a basis for measuring the significance of a risk.
Which one of the following system safety techniques is best suited to analyze repetitive human tasks performed in a sufficiently stable environment where most hazards are foreseen?
Job safety analysis
Key Performance Indicator (KPI) vs. Key Risk Indicator (KRI) (8.15)
KPI = look at past KRI = look at future
To be effective, a key risk indicator should be a ________ _______ (6.7)
Leading indicator
When negotiating noninsurance risk transfer terms, risk management professionals should consider the
Legal enforceability of contract provisions
An organization must meet the standard of care that it owes to others in order to ensure that
Legal obligations are satisfied
Which one of the following statements is correct regarding formulating an organization's long-term strategies?
Long-term strategies to improve performance and/or create a competitive advantage, are based on the organization's goals and analysis of internal and external environments.
Which one of the following is a risk control technique that reduces the frequency of a particular loss?
Loss prevention
What are the most effective risk management strategies for treating natural risks? (5.3)
Loss reduction methods - to control their effects - due to the fact that natural risks can't be controlled
How does RC differ depending on the type of business? (5.14)
Manufacturer = valued at production cost Wholesaler = valued at its purchase price from the manufacturer Retailer = valued at its purchase price from the wholesaler
Value at Risk (VaR) (9.13)
Measures the probability of incurring a loss in value that exceeds a threshold level (measures financial risk) - typically characterized by measuring over a short time period and a low probability - limitation: it doesn't accurately measure the extent to which a loss may exceed the VaR threshold (but CVaR can)
Mia, a risk management professional, is working with a company and wants to collaborate with the organization's internal stakeholders to define its risk criteria. In addition to making sure the criteria align with the organization's objectives, resources, and risk management policy, what factors should Mia make sure they consider?
Mia should make sure the organization considers the following factors: • Causes of risk • Effects of risk • Metrics used to measure effects of risk • Timeframe of potential effects • Methods to determine level of risk • Approach to combinations of risk
If an organization directly securitized its income-producing assets without using a special purpose vehicle (SPV) as an intermediary, investors
Must consider the overall credit risk of the organization.
A properly constructed probability distribution always contains outcomes that are both ________ ________ and _______ _______ (9.5)
Mutual exclusive and collectively exhaustive
In flipping a coin, each of the two possible outcomes, heads or tails, has an equal probability of 50%. Because on a particular flip of a coin, only one outcome is possible, these outcomes are
Mutually exclusive
The traditional definition of risk management reflects the traditional concept of risk as
Negative
Which one of the following is a possible cause of ergonomic stress?
Office lighting
Olivia is planning a meeting to explain a new cyber security procedure. She expects that the meeting will be impeded by hidden agendas. Which one of the following is the best way for Olivia to deal with potential hidden agendas?
Olivia should start the meeting by asking participants to state their concerns or feeling about the procedure.
________ ________ is often the by-product of human actions, whether intentional or accidental (6.15)
Operational risk
Securitization Model (7.12)
Org sells income-producing assets to an SPV in exchange for cash - income-producing assets are no longer owned by the org but by the SPV to sell to investors
Why is it important to adopt a more holistic approach to managing strategic, operational, and financial risk?
Organizations are subject to a myriad of risks beyond traditional insurable hazards like fire, flood, and property damage. So it's important to adopt a more holistic approach to managing strategic, operational, and financial risk.
A specific observable action to discriminate against a person or class of persons is
Overt discrimination
Difference between PESTLE Analysis and SWOT Analysis (8.14)
PESTLE solely focuses on external factors, whereas SWOT focuses on both internal and external
Insurance primarily dealers with ____ risks (2.9)
PURE risks
____________ _________ is a valuable method to help determine the extent of workplace hazards (5.23)
Personal inspection
Southwest Interstate Railroad (SIR) is concerned about the number derailments in recent years. It's not cost effective to use human assets to inspect tracks, bridges, and trestles. Instead, SIR has started to use drones. A drone can fly low over tracks and above/below bridges and trestles. The drones record video that is transmitted to corporate headquarters where it is simultaneously scanned for derailment hazards. In the past six months, the drones detected a track blockage caused by a rock slide and damage to tracks in a remote area cause by an earthquake. SIR dispatched work crews to make the tracks once again passable, and no derailments occurred. SIR's use of drones, video, real-term video scanning, and computer analysis illustrates which one of the following?
Preventative analytics
Which one of the following statements is true with regard to preventive analytics?
Preventive analytics uses smart products and data analytics to identify root loss causes and their implications.
Four Grains Cereal Company signed a contract to deliver 250,000 boxes of cereal to a national supermarket chain at a specified price per box of cereal six months from today. Between now and when the grain to make the cereal is purchased, the cost of the grain may increase. If the cost of this important ingredient increases, the profitability of the transaction will be altered. This financial risk that Four Grains faces is
Price risk
Both qualitative and quantitative approaches may include estimates of ________ to assess risk (3.15)
Probability ** Probabilities are usually based on historical data relating to occurrences
The outcomes in a continuous probability distribution are called ________ ________ _______ (9.7)
Probability density functions
Theoretical Probability (9.4)
Probability that is based on theoretical principles rather than actual experiences - it is unchanging - ex. coin tosses or dice throws
Root Cause Analysis (RCA) (3.20)
Process that enables the risk mgmt professional to dig past the obvious causes of an accident to find other factors that played a role - typically used after an event has occurred, but can also be used to predict future harmful events (Accidents are often a result of a series of events or decisions)
Root cause analysis (RCA) encompasses a variety of tools, philosophies, and processes. There are several broadly defined RCA approaches, according to their basic approach or field of origin. Which one of the following approaches to RCA evolved from quality control procedures for industrial manufacturing?
Production-based RCA
A predictive approach to data analytics involves
Providing a method to be used repeatedly to provide information.
What is the difference between qualitative and quantitative risk assessments?
Qualitative assessment measures a risk by the significance of consequences; it may use such ratings as high, medium, and low. Quantitative analysis assigns specific values to consequences and their probabilities to reach a numeric indication of the level of risk.
Identify some of the risk indicators for the operational risk class of processes.
Quality scorecards • Analysis of errors • Areas of increased activity or volume • Review of outcomes • Internal and external review • Identification of areas of highest risk • Quality of internal audit procedures
Analyzing risks can be _____ or _____ (2.6)
Quantitative or qualitative - or both
Risk appetite is an important component of strategic risk management (SRM). Which one of the following statements is correct with respect to an organization's risk appetite?
Regulatory conditions, political risks, and anti-trust or other legal concerns can reduce an organization's risk appetite.
An amount charged to make up for losses in a state-sponsored plan to insure high-risk exposures, such as an assigned risk plan for auto insurance is known as the
Residual market loading
___________, along with insurance, is a key component of most risk financing plans (4.22)
Retention
Internet of Things (IoT) devices, sensors, wearables, and telematics devices have had the greatest impact on which one of the following risk treatment techniques?
Risk modification IoT devices, sensors, wearables, and telematics devices have had the greatest impact on risk modification. These devices allow organizations to identify patterns of risk, model risk, and predict risk.
Market Risk (7.3)
Risk that the value of an investment will decreased due to changes in the market for that investment
Which one of the following statements is correct with respect to risk tolerance?
Risk tolerance levels can have high-end thresholds, low-end thresholds, or both.
What are the two types of systems risk?
Risks associated with technology and equipment. Technology risks include both the equipment used and the software. Equipment failure may present hazard risk as well as risk for an organization's continuing operations.
Local Petroleum Distributors (LPD) sells gas and diesel fuel to 72 independent gas stations and convenience stores. Receiving accurate data on the fuel needs of its customers is a critical operational concern. LPD installed sensors in the fuel storage tanks owned by each customer. At 11 PM each evening, the sensors send fuel data electronically to LPD. LPD receives the data, and a computer enters each record. The data are analyzed, and the analysis determines which retailers require a fuel shipment in the next three days. The electronic system has increased operational efficiency as shipments can be better coordinated, and retailers are no longer required to measure the fuel level and report manually. LPD's use of a computer to enter the data reported by the sensors is an example of
Robotic process automation
Identify the five broadly defined root cause analysis approaches.
Safety-based • Production-based • Process-based • Failure-based • Systems-based
SE Industries has identified windstorm as a risk. The risk manager has assembled a team to project the potential consequences of windstorm. The team includes individuals from various functions within the organization. Which one of the following team approaches to risk identification is SE Industries using?
Scenario analysis
The process of creating a marketable investment security based on the expected cash flows from a financial transaction is
Securitization
Smart Products
Sense their environment, process data, and communicate with other smart products and smart operations
Abhinav is a supply chain manager for an automotive manufacturer. He is concerned about how the forecasted winter will affect supply. How could smart products address his concerns?
Sensor data could inform Abhinav when weather conditions have interrupted the production of parts, allowing him to quickly make adjustments in shipments and deliveries.
How do sensors assess risk?
Sensors assess risk by detecting and measuring objects or conditions on a continuous basis; this provides early warnings of impending problems or malfunctions and determines whether expected results have occurred.
Steve owns a video game store, where he also houses his inventory. Steve is afraid of a massive loss to this inventory, because such a loss would have a catastrophic impact on his business. What is a treatment option that could help Steve mitigate this risk
Separation is an ideal risk-mitigation option for Steve. By dispersing his inventory over several locations, he would help manage the risk of a massive loss to his store's inventory, more likely accruing smaller losses instead
What is the difference between separation and duplication?
Separation of loss exposures involves arranging an organization's activities and resources so that no single event can cause simultaneous losses to all of them. Duplication involves creating backup facilities or assets to be used only if the primary activity or asset suffers a loss.
After one employee was involved in several workplace accidents, the risk manager and the industrial safety engineer concluded that these resulted from ancestry and social environment of the person. Which one of the following accident causation theories or approaches considers this an accident factor?
Sequence of events theory
Which one of the following statements best describes the shareholders' equity section of the balance sheet?
Shareholders' equity is negative when liabilities exceed assets
Name the types of information that smart products are helping risk managers obtain.
Smart products are increasing the information risk managers have on hand—information about dangerous chemicals in the air, shipping malfunctions, exhausted workers, and almost any other facet of an organization's operations.
Balance Sheet (7.6)
Snapshot at a particular moment in time Assets - Liabilities = SE (Owner's Equity)
Preventive Analytics
Statistical and analytical techniques used to influence or prevent future events or behaviors**Preventive analytics uses smart products and data analytics to identify root loss causes and their implications.
Monte Carlo Simulation (3.8)
Statistical computer model that simulates the effects the various types of uncertainty may have on a process - a computer randomly select values for each variable and generates thousands of possible scenarios, representing possible outcomes
Regression Analysis (10.10)
Statistical technique used to estimate relationships between variables 2 Types: Linear and Generalized Linear Generalized Linear Model (GLM): increases the flexibility of a linear model by linking it with a nonlinear function
Stephanie is a real estate developer who would like to purchase insurance covering damage by fire and other causes of accidental loss to an apartment complex while it's being constructed. Would an insurer cover the building her company is working on against these types of loss?
Stephanie can purchase insurance covering damage by fire and other causes of accidental loss to the building while it's being constructed because they represent pure risk.
Which one of the following is a pre-loss action for the flood cause of loss?
Stock disaster supplies
_________ ________ is the most intangible and abstract of the 4 risk quadrants (8.6)
Strategic Risk
Is telematics structured or unstructured data?
Structured
The formal of data is described as ____________ or ___________ (10.6)
Structured or unstructured (Data analysis is used for both of these types, but it is especially useful for unstructured) ** Structured: organized into specific fields - instrumental in biz intelligence (BI) because it's quantifiable ** Unstructured: not consistent in format - includes info from the internet (social media)
Regarding diversifiable and nondiversifiable risk, which one of the following statements is accurate?
Systemic risks are generally nondiversifiable
Joe works in an auto garage. His work area is cluttered and disorganized. His supervisor is rarely in the area, and Joe lacks direction and proper training. Joe is injured when he receives a severe shock from improper grounding while using a piece of electrical equipment. This example best illustrates the accident causation theory of the
Technique of operations review (TOR) approach
Computer Vision
Technology that simulates human vision - it recognizes an object, gives the object context, and responds to it as a human would - used in automobiles - involves detecting, extracting, and analyzing images to better understand them
Collateralize (7.12)
The act of pledging an asset, like real property, to secure a loan or investment by providing recourse in the event of default.
Casual Factors (3.22)
The agents that directly result in one event causing another.
Risk Tolerance / Capacity (8.18)
The amount of risk an org is able to accept - always stated in quantitative terms
Economic Value (5.16)
The amount that property is worth based on the ability of the property to produce income ** focuses on the effect that the loss of the property would have on the org's future income
Vision Statement (8.8)
The aspirational description of what an org will accomplish in the long-term future ** what an org wants to become
Functional Replacement Cost (5.14)
The cost of replacing damaged property with similar property that performs the same function but might not be identical to the damaged property ** should be used for property that is easily affected by tech changes
Replacement Cost (5.13)
The cost to repair or replace property using new materials of like kind and quality with no deduction for depreciation ** used to value buildings and personal property - a building's RC is the cost of constructing a new building to replace an existing bldg
Fiduciary Duty (5.18)
The duty to act in the best interests of another. ** Common source of risk for directors and officers 1. Duty of Care 2. Duty of Loyalty 3. Duty of Disclosure 4. Duty of Obedience
Consequences (2.19)
The effects, positive or negative, of an occurrence
What facts must an employee generally prove to prevail in a claim of hostile work environment in most United States courts?
The employee is a member of a protected class. The employee was subjected to unwelcome harassment based on the protected characteristic. The harassment affected a term or condition of employment. The employer knew or should have known about the harassment and failed to take prompt remedial action.
How is an event tree constructed?
The first step in building an event tree is identifying the first accidental event related to a product or process that could result in unwanted consequences. The various progressions of events that could follow the accidental event are then identified, along with any barriers to those consequences. The progression of events that are identified could be based on factors such as human responses, interaction with other systems, weather, or the performance or failure of barriers to consequences. The analysis ends in a list of potential consequences of the initial event.
What are the two ways a holistic risk management strategy can empower an organization to improve its capital allocation?
The first way is to reduce the cost of risk, freeing up capital for other purposes. The second is to improve risk analysis for various strategic options so that capital is allocated where it is likely to produce the best reward for the risk.
In what general categories do the majority of work-related injury causes of loss in manufacturing and retail businesses fall?
The general categories into which the majority of work-related injury causes of loss in manufacturing and retail businesses fall are machinery and equipment use, materials handling, vehicle fleet operations, and physical condition of premises.
Which one of the following is the goal with strategic risk?
The goal is to use information about strategic risks to make informed decisions that optimize the risk-reward ratio.
Waiver (4.25)
The intentional relinquishment of a known right.
Special Purpose Vehicle (SPV) (7.12)
The intermediary that enables the bank to convert its mortgage receivables asset into a cash asset ** this securitizes the mortgage receivables by using them as a collateral for securities it sells to investors; then uses the interest and principal repayments on the mortgage receivables to fund the interest and principal repayments to the security investors ** has the following 2 risks: 1. default by the mortgagors (borrowers) 2. mortgagors might cancel their mortgages in order to refinance
Residual Risk (4.4)
The level of risk remaining after actions are taken to alter the level of risk.
Subjective Risk (2.9)
The perceived amount of risk based on an individual's or organization's opinion.
Standard Deviation (9.9)
The possible spread of potential results ** The greater the SD between the values in the distribution, the more volatile they are
Price Risk (7.5)
The potential for a change in revenue or cost because of an increase or a decrease in the price of a product or an input - uncertainty of setting the price of a product incorrectly Input Price Risk: uncertainty of the price of the resources Output Price Risk: uncertainty regarding the price an org can charge for its product
Systemic Risk (2.10)
The potential for a major disruption in the function of an entire market or financial system - generally non-diversifiable
Laura owns a construction company that is looking to lower accident frequency when equipment is being driven to work sites. Which data-driven decision-making approach would be better suited for solving the company's problem in this case?
The predictive data-driven approach would be better suited to this situation because it involves making a business strategy decision that may need to be repeated.
Market Value (5.15)
The price at which a particular piece of property could be sold on the open market by an unrelated buyer and seller ** should be used for products that are relatively indistinguishable from one another
Data Mining (10.12)
The process of extracting and analyzing large volumes of data from a database for the purpose of identifying hidden and sometimes subtle relationships or patterns and using those relationships to predict behaviors
Strategic Risk Management (8.16)
The process of identifying, assessing, and managing risks that affect an organization's strategic decisions and performance.
George has received an inheritance and is deciding what to do with the money. He has limited his options to four choices: donate all the money to his favorite charity, use the entire inheritance to buy a yacht, invest the inheritance in a small rental property, or use the entire amount to purchase T-bills. Which one of the following statements is true regarding the risk involved in George's options?
The rental property presents both pure and speculative risk; property values may increase, and the building could burn down
Which one of the following is true about the liability involved in contracting services?
The responsibility that certain duties be performed safely cannot be delegated to another party, such as the duty of common carriers to carry passengers safely.
Interest Rate Risk (7.3)
The risk that a security's future value will decline because of changes in interest rates.
Credit Risk (2.9)
The risk that customers or other creditors will fail to make promised payments as they come due
Ergonomics
The science of designing the workplace as well as its equipment and tools to make specific body movements more comfortable, efficient, and safe - wearables are designed with this
Risk Treatment (4.3)
The selection and implementation of actions to help manage or mitigate a risk - involves making decisions based on the results of a risk assessment - it is a continual process
Risk Transfer (4.5)
The shifting of risk from one individual or organization to another.
Which one of the following statements is true regarding the Life Safety Code®?
The standards of the Life Safety Code® are incorporated into the statutes and ordinances of most United States localities
Which one of the following statements is true regarding the strategic management process?
The strategic management process can be applied to any type of organization, including business, not-for-profit organizations, and government entities.
Cost of Risk (2.18)
The total cost incurred by an org because of the possibility of accidental loss
Insurtech
The use of emerging technologies in the insurance industry - reduces the uncertainty associated with predicting future events
Telematics
The use of technological devices in vehicles with wireless communication and GPS tracking that transmit data to businesses or government agencies; some return information for the driver.
Expected Value (Mean) (9.8)
The weighted average of the possible outcomes - aka. avg of all results
What is the difference between theoretical probability and empirical probability?
Theoretical probability is unchanging. It's associated with events such as coin tosses or dice throws. Empirical probability is associated with historical data. These probabilities may change as new data is discovered or the environment that produces those events changes.
Describe the relationship among risk tolerance, risk capacity, and risk appetite.
They are closely related and often confused with one another. Risk tolerance and risk capacity are often used interchangeably. They represent the same thing: the total amount of risk an organization can accept. Risk appetite, on the other hand, represents the amount of risk the organization is willing to (or wants to) accept.
Risk managers today differ from traditional risk managers in which one of the following ways?
They attempt to minimize threats and optimize opportunities.
Control Risk Self-Assessment (CRSA) (6.13)
This process reviews the effectiveness of the business's internal procedures, systems, and personnel - categorizes and prioritizes objectives - evals the risk mgmt process and risk controls - IDs risk controls that may be needed and weaknesses existing in risk controls - cultivates action plans - ensures the process is used consistently in all areas and levels of an org ** Conducted through workshops and questionnaires
Hardware Store has been able to control its prices and inventory since it has no competitors. A new highway currently being constructed is going to allow increased competition for Hardware Store. According to the quadrants of risk, this risk of increased competition falls into the category of
This risk of increased competition falls into the category of strategic risk
Aligning risks with the organization's risk appetite defines
Tolerable uncertainty
During the last three years, Partridge has expanded its hours of operation to remain open 24 hours a day, 7 days a week. Partridge has also begun to carry a line of computer equipment, including small portable accessories such as flash drives, USB converters, and wireless accessories. Based on Partridge's loss history, the most appropriate forecasting technique is
Trend analysis
Widget Manufacturing Company has noticed that its loss frequency and severity has increased in the past two years as its production has increased. In order to better forecast loss frequency and severity, Widget Manufacturing Company should consider using
Trend analysis
Market Risk (2.11)
Uncertainty about an investment's future value because of potential changes in the market for that type of investment
Exchange Rate Risk (7.3)
Uncertainty about an investment's value because of potential changes in the exchange rate between currencies * it's a concern for orgs with cash flows denominated in a foreign currency
Financial Risk (7.3)
Uncertainty arising from the effect of market forces on a financial asset or liability ** An org owning or using a financial instrument is exposed to this
Data analytics is especially useful for
Unstructured data
SWOT (3.12)
Useful when there is a specific goal - less useful for analyzing current processes and procedures
Describe the Delphi technique.
Uses the opinions of a select group of experts to identify risks. Typically, these experts do not meet but respond to a survey or inquiry. The standard Delphi technique involves submitting two rounds of queries to the selected experts. First, each expert responds to a question, and the combined answers, which remain anonymous, are presented to the group. The same question is then posed again to the experts, who are instructed to consider revising their responses based on the results that were reported to the group. This question-and-response cycle continues for a predetermined number of rounds or until a consensus is reached.
Management of LMN Insurance Company is considering investing in the Stability-Growth Mutual Fund; however they are concerned about the volatility of the investment. The fund's manager said that on any given day, there is a 5% probability of losing more than 3% of the investment's worth. The statistic quoted by the fund manager is
Value at Risk
Disaster recovery plans for windstorms should reflect not only weather conditions, but also the difference in
Warning times
A storm with high winds or violent gusts of wind with little or no rain is which one of the following?
Windstorm
Securities (7.11)
Written instruments representing either money or other property, such as stocks and bonds - org can use securitization to exchange income-producing assets for cash from the purchaser of the security - allows the org to convert an asset to cash - securitization transfers the risk inherent in the mortgage receivables from the bank to the security investors - securitization is a means to create a marketable security based on the expected cash flows from a financial asset ** If the bank wishes to convert the mortgage receivables asset to cash, it could sell it to an intermediary
Does strategic risk intersect with the other risk quadrants (hazard, operational, financial)?
Yes
Identify the steps in a hazard and operability, or HAZOP, process
a. Subdivides the project or system design into small components b. Reviews each component to identify risks c. Identifies the cause and potential outcome(s) for each risk d. Develops a solution for each risk e. Ensures that solutions work and reevaluates as necessary
How would you describe the premise of holistic risk management?
all business decisions and operations carry some risk.
Explain why it is helpful to include representatives from diverse groups in an organization during team workshops to identify risks.
because discussion of the combined and cascading effects of risks provides valuable information on risk level and priority. Such discussion can identify opportunity risks as well as risks with potentially negative consequences.
What are two emerging technologies that help control operational risks by providing accurate data and improving the efficiency of processes already in place?
blockchain and robotic process automation (RPA) are two technologies that help control operational risks by providing accurate data and improving the efficiency of processes already in place.
How does blockchain benefit insurers in financial and nonfinancial markets?
blockchain can simplify insurance premium collection and claims payment transactions, and it offers a streamlined approach to captive insurance and self-insurance policies by simplifying complex transactions, reducing operating costs, and adding transparency. In nonfinancial markets, insurers can benefit from blockchain transactions in policyholder acquisition and servicing and by sharing driver information in connected vehicles and confirming drivers' licenses. For claims, blockchain supports the exchange of data by authenticating ownership rights to art forms and supply-chain manufactured products, eliminating manual handling of medical information and promoting provider transparency, and helping to identify property and detect and deter fraud
How can classifying the various types of risk help an organization?
can help with assessing risks because many risks in the same class have similar attributes. It also can help with managing risk, because many risks can be managed with similar techniques. Finally, classification helps with the administrative function of risk management by helping to ensure that risks in the same class are less likely to be overlooked.
Scanning the environment includes ... (2.4)
evaluating how each of an organization's risk management processes aligns with its overall objectives
What are the six most commonly used basic risk measures, and why are they used?
exposure, volatility, likelihood, consequences, time horizon, and correlation. These all attempt to quantify the risks an organization faces, which is essential to developing strategies to treat them.
What do emerging technologies related to operational risk focus on?
focused heavily on data accuracy and process efficiency, aiming to achieve as much as possible while also being as accurate as possible
Why were special purpose vehicles (SPVs) established?
for the purpose of purchasing income-producing assets from an organization, holding title to them, and then using those assets to collateralize securities that will be sold to investors
Thanks to the Internet of Things (IoT), risk management has become more.... (4.9)
forward-looking * Advancements in forecasting could result in minimal financing being required to retain, transfer, or modify negative risks
Strategic management is the process of... (8.7)
identifying, describing, and continually reviewing biz decisions in a way that will propel an org to perform better ** Strategic management defines the org's strategies - responsibility of senior-level execs
What emerging risks are suggested by the development of recent coverages?
include those associated with active shooters and with the sharing economy
Summarize how technology is changing, or will change, how risk is financed through insurance.
increasing speed and automation, reducing paperwork, implementing smart (self-executing) contracts, and creating more policies that specifically address the needs of individual customers
Large deductible plans...
lower an org's cost of risk
For insurers, how has risk transfer been affected by big data, machine learning, and artificial intelligence?
made it easier for them to not only predict and plan for risk but also to develop products that specifically address certain risks
What two factors highly affect speculative risk?
price risk and credit risk
Risk management is a ... (2.3)
set of interconnected simultaneously and sequentially occurring activities that define an organization's holistic approach to managing risks
Explain the ideal outcome of a SWOT analysis.
should ideally conclude with a "go" or "no go" recommendation for a specific project and should include discussion on whether weaknesses or threats can be converted into strengths or opportunities.
How should a business manage risk with high likelihood and minor consequences?
should usually be managed through an organization's routine business procedures.
What should an organization verify when assessing controls?
should verify whether each technique is capable of achieving the intended level of treatment or control and whether its effectiveness can be demonstrated when required. Verification depends on the existence of records and documentation of the control's performance in relation to the risk.
Identify the sources of organizational causes of loss.
stem from faulty systems, processes, or policies (such as procedures that do not make it clear which maintenance employee is responsible for checking and maintaining the manufacturer's production line).
The future of holistic risk management will be fueled by ... (3.7)
the capture, storage, and analysis of data
Identify the purpose of root cause analysis.
to enable the risk management professional to dig past the obvious causes of an accident to find other factors that played a role
Risk is basically an expression of ... (2.14)
uncertainty in the future
Discuss the advantages and disadvantages of scenario analysis in identifying risks
useful in identifying a range of potential consequences and in prioritizing risks. An internal cross-functional team at an organization can implement the technique to obtain a multidimensional view of the potential consequences of a risk. However, a potential disadvantage is that the risk identification process may be limited by the imagination and brainstorming capabilities of the team selected. This could lead to overlooking key risks or consequences of risks. Although cross-functional teams reduce these disadvantages, they do not eliminate them.
Slope Equation
y = mx + b y = dependent x = independent b = y intercept m = slope
List the five basic principles of risk control under the technique of operations review (TOR) approach.
• An unsafe act, an unsafe condition, and an accident are all symptoms of something wrong in the management system. • Certain circumstances, unless identified and controlled, will produce severe injuries. • Safety should be managed like any other organizational function, with management setting achievable goals and planning, organizing, leading, and controlling to achieve them. • Management must specify procedures for accountability if safety efforts are to be effective. • The function of safety is to locate and define the operational errors that allow accidents to occur
Identify the four steps in an RCA process.
• Collect data • Chart causal factors • Identify the root cause • Determine and implement recommendations