FIN 424 EXAM 1

Loss Prevention

A risk control technique that reduces the frequency or probability of a particular loss. used when avoidance is impossible or undesirable. Examples - safety engineering and workplace design.​

Risk Identification​

Adopting a team approach to identify risks can help organizations uncover risks that wouldn't necessarily be apparent to an individual. ​It can also provide diverse perspectives on risks, as well as reveal how risks are interconnected. ​ Effective team approaches include -​ Facilitated workshops​ Delphi technique​ Scenario analysis​ HAZOP​ SWOT​

Ensure Legal and Regulatory Compliance​

An important goal for risk management programs is to ensure that the organization's legal obligations are satisfied. ​ Such legal obligations typically include:​ Standard of care owed to others​ Contracts entered into by the organization​ Federal, state, and local laws and regulations​

Leasing

An organization that leases property may practices risk control by allowing the property owner to retain the risks related to property ownership.​

Identifying Risks​ (RMP)

Goal is to create a comprehensive list of risks that could jeopardize the company's stated objectives. ​ Requires collaboration:​ With the board and senior management to identify strategic risks. ​ With the company's functional leaders and staff to understand/flag department-specific risks.​ Operational risks​ Hazard risks​ Financial risks​ With external experts who can shed light on emerging risks that the organization may not have anticipated. ​

Risk Treatment Plan​

Main elements of a risk treatment plan -​ Explanation of the treatment​ Proposed actions​ Resource requirements​ Roles and responsibilities​ Timeline​ Monitoring requirement​ Often times the plan is combined with company's risk register or comprehensive risk management plan.​

Directors and Officers Liability​

can be held liable for failing to fulfill their responsibilities and duties as required under the law. Breach of fiduciary duty is a common source of risk for directors and officers. ​ Duty of care - approach their responsibilities with informed judgement and a reasonable degree of care.​ Duty of loyalty - act in the best interest of the shareholders.​ Duty of disclosure - must disclose material facts to stakeholders that have a right to know them and would otherwise not have access to them.​ Duty of obedience - to the law.​

Which of the following is an example of negatively correlated variables? height and shoe size age and memory loss rainfall and flooding car speed and gas mileage

car speed and gas mileage

Determine the effectiveness of controls, identifying emerging risks, and analyzing events and their consequences is part of which of the following risk management tips? monitor and review scan the environment analyze risks treating risks

monitor and review

Market Value​

most appropriate in some cases - particularly inventory - because property that must be replaced will usually be replaced at the going price in today's marketplace.​

Noninsurance transfer (risk control)

transfers the loss exposures to the transferee to reduce the frequency and/or severity of the transferor's losses arising from the loss exposures.​

Mechanical Sensors

pressure sensors, flow sensors, motion detectors

Pure Risk

A chance of loss or no loss, but no chance of gain. The risk of loss due to fire, flood, or wind The risk of loss due to accident. Insurance deals primarily with pure risks.​ Hazard and Operational Risks

Facilitated Workshop​

A neutral party (the facilitator), who has no stake in the outcome or participation responsibilities, runs the workshop and propels the group to achieve its goal.​ Discussion or brainstorming allows ideas to flow freely from participants.​ Include representatives from diverse groups in the organization...all functions and all levels.​ Effective for identifying enterprise-wide risks.​ If facilitated workshops are used to identify enterprise-wide risks, the facilitator must be skilled in risk identification and management as well as group communication and be prepared for a long-term project. ​

Benefits of Risk Management​

A properly implemented risk management strategy enables an organization to - ​ Maintain tolerable uncertainty​ Drive profitability and growth​ Ensure legal and regulatory compliance​ Pursue ESG​ Reduce the cost of risk​ Reduce deterrent effect of hazard risks​

Scanning the Environment​ (RMP)

Collaborating with the board and senior leadership to define the company's risk tolerance, which should align with the organization's stated mission and objectives. ​ Evaluating existing risk management processes for alignment with #1. ​ Defining risk criteria, factors to consider - ​ Sources of risk​ Effects of risk​ Metrics used to measure risk​ Timeframe of potential effects​ Methods to determine risk levels​ Approach to combinations of risk​

Treating Risks​ (RMP)

Comparing the total level of risk identified in the risk analysis phase to the established level of tolerable risk. ​ Determining where and how to treat (i.e., respond to) the identified risks.​ Avoid​ Reduce​ Transfer​ Accept​

Monitor and Review​ (RMP)

Determining the effectiveness of controls.​ Obtaining information to improve risk assessment.​ Analyzing events and their consequences to understand trends, successes, and failures.​ Considering changes in internal and external environments.​ Identifying emerging risks.​ The information gathered at this step is only as valuable as a risk manager's ability to transform it into actionable intelligence.​ Risk registers​ Heat maps​ Risk maps​ Communication with the board and senior leadership

Employment Practices​

Discrimination​ Wrongful termination​ Sexual harassment​ Retaliation​

Job Safety Analysis​ (JSA)

Each job (activity or operation) is broken down into individual sequential steps. ​ Hazards associated with each step are identified.​ Controls are defined​ Responsibility for implementing each control is assigned. ​ JSA applies best to repetitive human tasks performed in an environment sufficiently stable to allow most hazards to be foreseen.​

Reduce Deterrent Effects of Hazard Risks​

Effective risk management reduces the deterrent effects of hazard risks by making these losses less frequent, less severe, or more foreseeable.​

Pursuit of ESG

Environmental, social, and governance (ESG) criteria are a set of standards for a company's operations that socially conscious investors use to screen potential investments. Environmental criteria consider how a company performs as a steward of nature.​ Social criteria examine how it manages relationships with employees, suppliers, customers, and the communities where it operates. ​ Governance deals with a company's leadership, executive pay, audits, internal controls, and shareholder rights.​

Assessing the Effectiveness Internal Controls​

Every internal control process should be identified and tested.​ Tests of design​ Tests of effectiveness​ Control assessment can be quantitative, qualitative, or both.​ Internal control testing is useful in helping an organization decide whether to retain a control, improve it, or replace it with a different control method.​

Flood​

Inland and coastal areas can be subject to flooding from heavy rainfall, melting snow, or tidal surges. ​ Many floods indirectly cause fires through electrical shorts, flammable liquids floating on top of the water, or flammable gas that escapes from broken piping. ​ Pre-loss actions that can minimize flood-related fire loss exposure:​ Allow no open flames or non-waterproof electrical wiring near or in a flood-exposed structure.​ Protect flammable-gas piping from mechanical damage and install shutoffs or disconnects above expected flood-stage heights.​ Post-loss actions for flood emergencies can begin once flood waters have receded. ​

Insurance as a Risk Management Technique​

Insurance involves the transfer of risk to an insurer through a legal contract called an insurance policy. ​ Insured pays a policy premium, ordinarily much smaller than the policy's coverage limit.​ Insurance company pays all covered losses up to the policy coverage limit, subject to any deductible. ​ Insurance company also pays all costs of investigating claims and defending the insured should there be legal action. ​ The insurance model is based on sharing the costs of losses. ​ The insurer pools the premiums paid by its insureds.​ Insureds who experience covered losses are paid from the pooled funds. ​ "Law of large numbers" ... the principle on which the entire insurance industry is based.​

What is Big Data?

Large and diverse sets of information that grow at ever-increasing rates. Comes from multiple sources and arrives in multiple formats. Can be categorized as structured or unstructured. Three "Vs" traditionally characterize big data: ​ Volume of data​ Velocity at which data is collected​ Variety of the data​

Noninsurance Transfers for Risk Control

Leasing, Contracting for Services, Waiver or Exculpatory Clause​, Disclaimer of Warranties

Earthquake​

Location is a key factor in mitigating earthquake damage and injuries. ​ Locate farther away from volcanic areas and major geological faults. ​ Build on stable ground. ​ The design of a building or other structure is another pre-loss action.​ Box action design - stiff and can withstand considerable ground motion.​ Frame action design - relies on the building's ability to absorb the energy of the earth movement.​ During and immediately after an earthquake, post-loss actions should focus on caring for the injured, protecting the uninjured, and safeguarding endangered property. ​

Contracting for Services

Loss exposure stemming from a particular activity can be transferred by contracting with another organization to perform the activity (i.e., subcontracting).​ A few exceptions - ​ The principal is directly liable for their own negligence in selecting the contractor, giving directions, or failing to stop any dangerous practices of which the principal was aware.​ The principal cannot transfer responsibility for performing certain duties safely (example, a building owner cannot transfer to a contractor the responsibility to keep common areas safe). ​ If the subcontracted work is inherently dangerous to others, the principal can be held liable for a third-party injury caused by the contractor's negligence.​

Noninsurance Contractual Risk Transfer​

Most organizations are parties to noninsurance contracts that may include risk transfer provisions. ​

Which of the following risk measures would a risk manager likely use in assessing the company's exposure to interest rate risk? time horizon volatility likelihood correlation

NOT CORRELATION Either time horizon, volatility, likelihood

The relationship between which two basic measures is critical for risk management is assessing risk and deciding whether and how to manage it? correlation and likelihood likelihood and consequences volatility and time horizon exposure and time horizon

NOT EXPOSURE AND TIME HORIZON

Drive Profitability and Growth​

Risk management should be integrated into every facet of an organization's strategy for profitability and growth. ​ Decision making ​ -Decisions about new opportunities should be based on the organization's risk appetite. ​ -Provide organizations with a framework to analyze and manage the risks associated with an opportunity.​ Identifying and managing cross-enterprise risks​ -Reputational vs. Operational vs. Financial risk relative to a disruption in a company's supply chain.​ Capital allocation​ -Reducing the cost of risk frees up capital for other purposes.​ -Capital is allocated where it is likely to produce the best reward for the risk.​

Disclaimer of Warranties​

Sellers of property often assert disclaimers of warranties. ​ A seller denies any express warranties made during the sale. ​ A seller may deny implied warranties - ​ Implied warranty of "fitness for a particular purpose" - buyer relies upon the seller to select the goods to fit a specific request.​ Implied warranty of "merchantability" - a product is suitable for its normal purpose.​

Objective Risk

The measurable variation in uncertain outcomes based on facts and data.

Objective vs. Subjective Risk

The closer an organization's subjective interpretation of risk is to the objective risk, the more effective its risk management plan will likely be.​ Reasons why subjective and objective risk can differ:​ Familiarity and control (driving)​ Consequences over likelihood (flying)​ Risk awareness (investing)​

Reducing the Cost of Risk​

The costs of risk include - ​ Cost of accidental losses not reimbursed by insurance or other outside sources.​ Insurance premiums and expenses incurred for noninsurance indemnity.​ Cost of risk control techniques to prevent or mitigate accidental losses.​ Costs of administering risk management activities.​ Effective risk management optimizes the cost of risk, which is fundamental to risk management's value proposition. ​

Windstorm​

The greatest threat from windstorm (including hurricane) is building damage. ​ Pre-loss actions for windstorm include:​ Design buildings and structures to withstand anticipated wind loads. ​ Use storm shutters/blinds that are rated to handle higher wind loads.​ Keep roof and wall systems in good repair.​ Secure materials and equipment located outside the facility.​ Post-loss actions involve assessing the damage, engaging security to prevent looting or vandalism, and enacting the company's business continuity plan.​

The Law of Large Numbers​

The law of large numbers stems from the probability theory in statistics. ​ The mean value of a sample gains predictive power as the size of the sample increases. ​ Consider a coin toss.​ In the insurance industry, the law of large numbers produces its axiom. ​ As the number of exposure units increases, the probability that the actual loss per exposure unit will equal the expected loss per exposure unit also increases.​ This means it's easier to establish the correct premium and thereby reduce risk exposure as more policies are issued within a given insurance class.

Subjective Risk

The perceived amount of risk based on an individual's or organization's opinion.

Risk Measures​

There are basic measures that risk professionals use to assess and quantify risk - ​ Exposure​ Volatility​ Likelihood​ Consequences​ Time horizon​ Correlation​

Accident Analysis​

There are five traditional approaches to understanding accident causation - ​ Sequence of events​ Energy transfer theory​ Technique of operations review approach​ Change analysis​ Job safety analysis​

Management Liability Risk​

These risks result from a person's or an organization's legal responsibility for the consequences of an action they have taken or that was taken on their behalf. ​ Three main classifications of management liability risk - ​ Activities of Directors and Officers​ Employment practices​ Fiduciary duties​

Maintain Tolerable Uncertainty​

Tolerable uncertainty means that whatever might happen will be within the bounds of what was anticipated and can be effectively addressed.​ Main components- Reducing downside risk through threshold limits.​ Maintaining earnings stability through precise forecasting and asset management.​ Anticipating and recognizing emerging risks through "risk radar" tools and techniques.​ Implementing business continuity plans.​ In short - NO SURPISES!​

Tornado​

Tornadoes affect most of the continental United States east of the Rocky Mountains, but high-frequency areas include the central Plains, east central Arkansas, northern Mississippi and Alabama, and central Indiana.​ Nothing can prevent property losses when a tornado makes direct contact, but bodily injury can be reduced by taking shelter. ​ The severity of the tornado damage may not leave any meaningful post-loss options beyond preserving life and clearing rubble. ​

Replacement Cost​

Used to value buildings and personal property. ​Functional replacement cost is used when a functionally equivalent building or property can replace the original at a lower cost than would be required by an identical replacement.​

Delphi Technique​

Uses the anonymous opinions of a select group of experts, which typically don't meet, but respond to a survey or inquiry instead.​ Queries are submitted to the selected experts. ​ Anonymous answers are presented to the group. ​ The same queries are posed again; participants instructed to consider revising their responses based on the other responses. ​ The question-and-response cycle continues for a predetermined number of rounds or until a consensus is reached.​ Benefits to using the Delphi technique - ​ Cost-effective. ​ Anonymity encourages candor and reduces the risk of group-think/bias.​

Waiver or Exculpatory Clause

Waiver - relinquish the right to sue, aka, "release of liability".​ Exculpatory clause - for example, "Not responsible for lost or stolen property".... "Not responsible for the actions of the performers of this event."

Smart Products

a device that is linked to the internet so it can share information about itself, its environment and its users. Data that smart products share - Helps them work more efficiently, make their owner's lives easier and safer. Enables seamless "over the air" upgrades or services.

Blockchain

a distributed database existing on multiple computers at the same time. Constantly growing, as new sets of recordings ("blocks") are added to the chain The database is not managed; rather, everyone in the network gets a copy of the whole database.

Fishbone Analysis

a graphic tool used to explore effects and the causes that create or contribute to those effects. Root causes have four basic characteristics:​ Expressed as a specific underlying cause, not a generalization. ​ Can be reasonably identified.​ Must be expressed as something that can be modified. ​ Something that can be prevented through effective recommendations. ​

Correlation​

a measure of the relationship between two or more variables.​

Risk Management Process (RMP)

a set of simultaneously and sequentially occurring interconnected activities that define an organization's approach to managing risks. Scan Environment, Identify, Analyze, Treat, Monitor and Review

Volatility​

a statistical measure of the dispersion of values around a mean.​ For a security, volatility is often measured by the standard deviation of returns over time or beta coefficients. ​ Risk increases as volatility increases

Computer Vision

a technology that simulates human vision.

Noninsurance Transfers for Risk Financing​

accomplished through a "hold-harmless" agreement.​ Typical "hold harmless" language in a contract between a property owner (the "lessor") and the party leasing the property (the "lessee") - ​ "To the fullest extent permitted by law, the lessee shall indemnify, defend, and hold harmless the lessor, agents, and employees of the lessor from and against all claims arising out of or resulting from the leased premises."​ Indemnitee - the party that uses a hold-harmless agreement to transfer the financial consequences of loss to a second party.​ Indemnitor - the party which agrees to indemnify the indemnitee.​

Nondiversifiable Risk

aka, "systematic risk", aka "market risk", are correlated. Include inflation, unemployment, natural disasters, and interest rates.

Diversifiable Risks

aka, "unsystematic risk", aka "specific risk", are not highly correlated. These risks can be managed by diversification. An insurance company can diversify the risks associated with fire by insuring many buildings in different locations. ​ An investor can diversify their holdings by investing in many stocks instead of a few. ​

Holistic Risk Management (Enterprise Risk Management)

all business decisions and operations carry some risk; therefore, an organizations must look beyond hazard risk to assess risks from the other three risk quadrants:​ Strategic risk - uncertainties associated with the organization's long-term goals and management decisions.​ Operational risk - uncertainties associated with the organization's procedures, systems, and policies.​ Financial Risk - uncertainties associated with the organization's financial activities​

Which of the following is a benefit of risk management? drives profitability and growth maintains tolerable uncertainty reduces the deterrent effect of hazard risks all the above

all the above

Likelihood

an estimate of the certainty with which the outcome of a specific event can be predicted.​

What is Risk?

an ever-present, ever-changing constellation of threats and opportunities that emerge from the intersection of an organization's ambitions and its overall environment.

Large deductible plan

an insurance policy with a significant per occurrence or per accident deductible, such as $100,000 or more. ​ Large deductible plans allow an organization to pay a reduced insurance premium for retaining losses below the deductible level. ​ The organization transfers the financial consequences of losses that exceed the deductible to the insurer.​ the insurer adjusts and pays all claims, even those below the deductible level, and then seeks reimbursement from the insured.

Applying risk criteria to determine the source, cause, likelihood, and potential consequences of risk is part of which step of the risk management process? identifying risk treating risk monitoring and reviewing risk analyzing risk

analyzing risk

Exposure​

any condition that presents a possibility of gain or loss, whether or not an actual loss occurs.​ Some exposures are easily quantified, others not so much.​ Florida Atlantic hurricane exposure​ Data breach​ Even if an exposure cannot be readily quantified, an attempt should be made to qualitatively measure its effect on the organization to effectively manage the risk. ​

Fiduciary Duties (Employee Benefit Plan)​

arise mainly out of the possibility that beneficiaries of an employee benefit plan may file a lawsuit against the plan officials for breach of fiduciary duties. Loyalty - act in the best interest of the plan and plan participants​ Prudence - carry out their duties with the care, skill, judgment, and diligence of a prudent person familiar with such matters.​ Diversification - ensure that the plan's investments are sufficiently diversified to minimize the risk of large losses.​ Adherence - must act according to the plan documents and applicable law. ​

Operational Risk

arises from people, processes, systems, or controls. people risk, IT risk, management oversight, business processes Examples- process/control failure, IT systems failure, health and safety violations, loss of critical equipment, key personal departures, poor contract negotiation, vandalism, logistics failure, utilities failure

Hazard Risk

arises from property, liability, or personnel loss exposures. property risk, legal risk, personnel risk, consequential loss Examples- theft, product liability, building collapse, equipment accident, severe weather, subsidence/sinkholes, fire/explosion/flooding, hazardous substance exposure, pollution, worker injuries

Financial Risk

arises from the effect of market forces on financial assets or liabilities. market risk, credit risk, price risk, liquidity risk Examples- credit default, budget overruns, liquidity/cash/currency risks, uncompetitive cost structure, accounting irregularities, economic recessions, interest rate, inflation

Strategic Risk

arises from trends in the economy and society. economic environment, political environment, demographics, competition Examples- new competitors, pricing wars, negative news coverage, political hostility, union relations, supplier relations, regulation, consumer demand, obsolescence

Change Analysis​

asks a series of what-if questions regarding a possible change in process that has yet to occur. ​ It then projects the consequences for the changes and for all feasible combinations of changes to reveal the risks that could arise because of the changes that went into effect. ​

Sensors/Sensor Networks

assess risk by detecting and measuring objects or conditions on a continuous basis. Early warning of impending problems or malfunctions. May trigger remedial actions, thereby controlling risk and helping reduce losses.

Quantitative Risk Analysis

assigns specific values to consequences and their probabilities to reach a numeric indication of the level of risk. May not be feasible, or even useful, for every risk if the organization lacks historical data or other uncertainties related to the risks being analyzed. ​

Book Value​

calculated on the accounting assumption that a portion of that asset's useful life has expired. ​Generally lower than market value. Risk management professionals do not rely on book value for valuing property.​

Which one of the following statements is true regarding the basic measures that apply to risk management? hedging is a risk management strategy that can reduce operational risk longer time horizons are generally less risky than shorter ones risk increases as volatility decreases consequences measure the degree to which an occurrence could positively or negatively affect an organization

consequences measure the degree to which an occurrence could positively or negatively affect an organization

Structured Big Data

consists of information already managed by the organization in databases and spreadsheets.

HAZOP​

derived from "hazard and operability" study, which is a comprehensive review of a process or system. ​ A team of subject matter experts and stakeholders identifies the risks associated with a given process and recommends a solution.​ HAZOP is primarily used to design complex, scientific systems such as those used in engineering, chemical, mechanical, electronic, and computer operations. ​ Because this process is comprehensive and involves experts on the subject at hand, it's ideal for projects and systems where virtually all risks must be eliminated.​

An insurance company manages the risk associated with automobile collision by insuring many vehicles of the same risk class. This is an example of which of the following? systemic risk nondiversifiable risk correlated risk diversifiable risk

diversifiable risk

Which of the following risk measures would an insurance company use to measure a company's natural catastrophe risk? exposure beta time horizon volatility

exposure

Risk Reduction

finding ways to lower your chance of incurring a loss. Low impact/high probability

Technique of Operation Review (TOR) ​

focuses on preventing accidents caused by ineffective management. ​ Key principles - ​ Unsafe acts, unsafe conditions, and accidents are all symptoms of something wrong in the management system.​ Safety should be managed like any other organizational function.​ TOR identifies particular faults of an organization's management and groups them into categories: inadequate coaching, failure to take responsibility, unclear authority, and inadequate supervision.​

Economic Value

focuses on the effect of property loss on the organization's future income/cash flows and, therefore, the property's contribution to the organization's overall value and net worth.​

Qualitative Risk Analysis

measures a risk by the significance of consequences.​ May use such ratings as high, medium, and low.​ A clear, written explanation of each qualitative rating should be included.​

Biochemical Sensors

home diagnostic tests, wearable fitness monitors, diabetes test strips/meters/patches

Scenario Analysis​

identifies risks and predicts the potential consequences of those specific risks.​ Best done in an assembly of internal, cross-functional team to gain a multidimensional view of a risk's potential consequences.​ Popular technique for developing business continuity plans.​ A potential disadvantages is that the risk identification process may be limited by the imagination and brainstorming capabilities of the team selected. ​

Working with all levels of an organization to create a comprehensive list of enterprise risks is part of which step of the risk management process? scanning the environment analyzing risk identifying risk treating risk

identifying risk

Human Risk Sources​

include both deliberate and non-deliberate (accidental) acts. ​ War​ Terrorism​ Vandalism​ Explosion​ Fire​

Unstructured Big Data

information that is unorganized and does not fall into a pre-determined model or format.

A risk manager would respond to a low probability/high impact risk by doing which of the following? insuring the risk accepting the risk exploiting the risk avoiding the risk

insuring the risk

Speculative Risk

involves a chance of gain and often involves price risk and credit risk. Investing in the stock market.​ Starting a business.​ Gambling.​ Financial and Strategic Risks

Analyzing Risks​ (RMP)

involves applying defined risk criteria to determine - ​ Source​ Likelihood​ Potential financial consequences​ Can be quantitative, qualitative, or both. ​

Risk Analysis​

involves applying defined risk criteria to determine - ​ Source​ Likelihood​ Potential financial consequences​ Organizations use risk analysis to determine their levels of risk and how best to treat (respond to) identified risks. ​ Risk analysis include -​ Qualitative assessment​ Quantitative analysis​ To accurately determine its level of risk, an organization must also examine the effectiveness of their internal controls.​

Separation

involves arranging an organization's activities and resources so that no single event can cause simultaneous losses to all of them. Key employees flying separately is common.

Duplication

involves creating backup facilities or assets to be used only if the primary activity or asset suffers a loss. ​

Risk Treatment Defined​

involves making decisions based on the results of a risk assessment. ​ Responses to risk include - ​ Avoid​ Accept/Retain​ Reduce/Modify​ Transfer​ Exploit​ Successful risk treatment - ​ Leads to a tolerable level of residual risk, or​ Helps the organization maximize the potential benefits of an opportunity, and ​ Involves selecting, communicating, and implementing risk treatment options and measuring their effectiveness.​

Alpha Company is the largest employer in Freeport, IL. the state Bank of Freeport carries much of Alpha's debt and the mortgage loans of many Alpha employees. The problem with the bank loaning money to both Alpha and its employees is that? there will be a mismatch between the bank's business and personal loans loan defaults are likely to be highly correlated the interest rate charged on the loans must be equal there is no problem

loan defaults are likely to be highly correlated

Prouty Approach

looks at a risk's loss likelihood and impact to determine a proper treatment. ​ Assumes that risk likelihood and impact can be accurately estimated.​ Uses a matrix approach to determine most appropriate risk treatment.​ Employs 4 four categories of loss likelihood and 3 categories of loss impact.​ Similar to a "heat map".​ Although subjective, the Prouty Approach provides a means of communicating and justifying the priority placed on a risk and providing risk treatment recommendations.

Insurable Risk and Loss Exposures​

mainly confined to hazard risk and operational risk.​ In general, insurers are willing to insure a loss exposure that has all or most of these characteristics:​ Associated with "pure" risks​ Accidental from the insured's standpoint​ Definite and measurable​ One of a large number of exposure units​ Not catastrophic​ Economically feasible to insure​

Natural Risk Sources​

occur randomly in nature, including - ​ Windstorms​ Floods​ Earthquakes​ Volcanic eruptions​ Lightning strikes (explosions, fires that result).​ Snow accumulation​ Freezing​ Sinkholes​ Vermin / infestation​

Cyber risk falls into which of the following? financial strategic operational hazard

operational

External environmental factors

opportunities and threats

Radiant Sensors

optical sensors, radar, radio frequency identification (RFID) tags

Which of the following is false with respect to internal controls? formally defined in a company's policies and procedures primarily intended to reduce hazard risks and achieve strategic effectiveness effected by the company's board of directors and management internal control testing includes tests of design and effectiveness

primarily intended to reduce hazard risks and achieve strategic effectiveness

Sequence of Events (Domino Theory)​

proposes five accident factors forming a chain of events that lead in succession to the resulting accident and injury.​ Ancestry and social environment​ An individual's mistake​ Unsafe act and/or a mechanical or physical hazard​ The accident itself​ The resulting injury​ Removing any of the four factors that occur before the injury should, in theory, prevent the resulting injury from occurring. ​

Insurance risks are generally classified as which of the following? speculative, objective, and nondiversifiable pure objective, and diversifiable pure, speculative, and objective speculative, subjective, and diversifiable

pure, objective, and diversifiable

Which of the following is the primary goal of risk treatment? exploiting risk reducing risk to a tolerable level eliminating risk transferring risk

reducing risk to a tolerable level

Enterprise Risk Management

refers to a holistic approach to managing risks and opportunities with the intent of maximizing shareholder value.

Risk Management

refers to coordinated activities to direct and control an organization with regard to risk.

Loss reduction

refers to measures that reduce the severity of a loss after it occurs

artificial intelligence

refers to the ability of machines to simulate human intelligence. Enables computers to perform tasks that require critical thinking.

Time Horizon​

refers to the estimated duration of a particular exposure.​ The longer the duration, the greater the risk.​

Variance

refers to the spread of a data set, i.e., how far apart the numbers are in relation to the mean. ​

Collaborating with board members, evaluating existing risk management processes, and defining a company's risk criteria is part of which phase of the risk management process? monitor and review analysis scanning the environment risk treatment

scanning the environment

Risk Transfer

shifting risk to another party through insurance. High impact/ low probability

Thermal Sensors

smoke detectors, heat sensors, computer hardware sensors

The CFO of Alpha Company believes the US dollar (USD) will weaken substantially against the Britain's pound sterling (GBP) in the coming months. To exploit this perceived opportunity, the CFO invests a portion of the company's portfolio in GBP-denominated investments. This is an example of which of the following? pure/operational speculative/strategic speculative/financial pure/financial

speculative/financial

Risk Avoidance

stopping behavior that leads to a risk. High impact/high probability

Internal environmental factors

strengths and weaknesses

Telematics

system involving a tracking device installed in a vehicle that allows sending, receiving and storing of telemetry data.

Energy Transfer Theory​

the basic cause of accidents is energy out of control. Its approach to preventing accidents or reducing the resulting damage focuses on controlling energy and/or reducing the harm caused by that energy. ​

Internet of Things (IoT)

the concept of connecting any device with an on and off switch to the Internet and/or to each other. Cellphones, Coffee makers, washing machines, headphones, Lamps, wearable devices, etc. The IoT is a giant network of connectivity - ​ People-to-people​ People-to-things​ Things-to-things​

Cloud Computing

the delivery of computing services over the internet ("the cloud"). Servers, Storage, Databases, Networking, Software, Analytics

Self-insured retention

the insured organization is responsible for adjusting and paying its own losses up to the SIR amount, after which the insurance company steps in.

Covariance

the measure of how two random risk variables change in relation to each other, and it's used to calculate the Correlation between the variables. Positive correlation indicates that both variables tend to move upward or downward at the same time. ​ Negative correlation means that they move counter to each other. ​

Consequences​

the measure of the degree to which an occurrence could positively or negatively affect an organization. ​ The greater the consequences, the greater the risk.​

Transferee

the party to whom the risk is transferred, not an insurance company.

Transferor

the party transferring the risk.​

Text Mining

the process of transforming unstructured text data into meaningful and actionable information. Ex: Automatic detection of e-mail spam or phishing through analysis of document content.

Which of the following is true regarding objective vs. subjective risk? subjective risk is based largely on facts and data objective is primarily rooted in opinion the wider the gap between an organizations interpretation of objective and subjective risk, the less effective its risk management function will be none of the above

the wider the gap between an organizations interpretation of objective and subjective risk, the less effective its risk management function will be

What are the goals of risk management?

to assist organizations in setting strategy, achieving objectives and making informed decisions.​

Noninsurance transfer (risk financing)

transfers only the financial consequences of the transferor's loss exposures.​

Risk Acceptance

understanding and accepting the level of risk. Low impact/low probability

SWOT

useful when there is a specific goal; less useful for analyzing current processes and procedures.​

Which of the following risk measures would a mutual fund manager primarily use to measure the risk of individual stocks in a portfolio? correlation time horizon volatility exposure

volatility