Possibility of events that may have impact
(negative or positive) on objectives and
Events are potential incidents or occurrences
resulting from internal/external sources that
effect implementation of strategies or
achievement of objectives.
Events can be both positive and negative.
Organizational objectives are
1. Reliable financial reporting.
2. Efficiency and Effectiveness of operations.
3. Safeguarding of assets.
4. Compliance with laws and regulations.
Events has to be identified from external or
External conditions: Political, Economic,
Social andTechnological factors lead to
Internal Factors: Processes, Persons and
Infrastructure lead to possibility of events.
Business or operational risks:related to
activities of business-Functions
Financial risks: relating to financial
Environmental Risks: related to changes in
the political, economic, social and financial
Means assignment of risk into categories.
There is no one widely accepted set of
categories, it can vary according to the nature
of business and its industry.
List of risks can be endless.
By grouping risks, they can be managed in
common by use of similar controls.
Categorization forces managers to be more
proactive for managing risks.
Categorization helps manager to use their
past experience applied to one category
This provides a framework that can be used
to define who is responsible, design controls
and assist in simplified and consistent risk
A systematic approach may help identify risks
in the same category.
It can help identify which risks are inter
Relates to activities carried out within the
company arising from structures, systems,
people, products or processes.
BASEL committee on banking supervision
defined it as the risk of loss resulting from
inadequate or failed internal processes,
people, systems and external events.
It includes business interruptions, errors or
omissions, product failure, health and safety,
failure of IT system, Fraud, loss of key people,
litigation, loss of suppliers etc.
Generally within control of the company
through risk management practices including
internal controls and insurance
Financial risk is an umbrella term for any risk
associated with any form of financing.Typically, in
finance, risk is synonymous with downside risk and
is intimately related to the shortfall or the
difference between the actual return and the
expected return (when the actual return is less)
Financial risks arise from an organization’s
exposure to financial markets, its transactions with
others, and its reliance on processes, systems, and
Financial risk arises through countless
transactions of a financial nature, including
sales and purchases, investments and loans,
and various other business activities. It can
arise as a result of legal transactions, new
projects, mergers and acquisitions, debt
financing. the energy component of costs, or
through the activities of management,
stakeholders, competitors or foreign
There are three main sources of financial risk:
Financial risks arising from an organization’s
exposure to changes in market prices, such as
interest rates, exchange rates, and commodity
Financial risks arising from the actions of, and
transactions with other organizations such as
vendors, customers, and counterparties in
Financial risks resulting from internal actions or
failures of the organization, particularly people,
processes, and systems.
Organizations manage financial risk using a
variety of strategies and products. It is
important to understand how these products
and strategies work to reduce risk within the
context of the organization’s risk tolerance
Interest rates are a key component in many
market prices and an important economic
barometer.They are comprised of the real rate
plus a component for expected inflation, since
inflation reduces the purchasing power of a
Higher risk=higher interest rate
The greater the term to maturity, the greater
Interest rates are also reflective of supply and
demand for funds and credit risk.
Interest rates are particularly important to
companies and governments because they are
the key ingredient in the cost of capital.
Most companies and governments require debt
financing for expansion and capital projects.
When interest rates increase, the impact can be
significant on borrowers. Interest rates also
affect prices in other financial markets, so their
impact is far-reaching.
Other components to the interest rate may
include a risk premium to reflect the
creditworthiness of a borrower. For example, the
threat of political or sovereign risk can cause
interest rates to rise, sometimes substantially, as
investors demand additional compensation for
the increased risk of default.
Expected levels of inflation
General economic conditions.
Foreign exchange market activity.
Foreign investor demand for debt securities.
Levels of sovereign debt outstanding.
Financial and political stability
Foreign exchange rates are determined by
supply and demand for currencies.
Supply and demand, in turn, are influenced
by factors in the economy, foreign trade, and
the activities of international investors,
capital flows, given their size and mobility,
are of great importance in determining
Factors that influence the level of interest rates also
influence exchange rates among floating or market-
Currencies are very sensitive to changes or anticipated
changes in interest rates and to sovereign risk factors. Some
of the key drivers that affect exchange rates include:
• Interest rate differentials net of expected inflation
•Trading activity in other currencies
• International capital and trade flows
• International institutional investor sentiment
• Financial and political stability
• Monetary policy and the central bank
• Domestic debt levels (e.g., debt-to-GDP ratio)
• Economic fundamentals
Purchasing power parity, based in part on “the
law of one price,” suggests that exchange rates
are in equilibrium when the prices of goods and
services (excluding mobility and other issues) in
different countries are the same.
If local prices increase more than prices in
another country for the same product, the local
currency would be expected to decline in value
vis-à-vis its foreign counterpart, presuming no
change in the structural relationship between
The balance of payments approach suggests
that exchange rates result from trade and
capital transactions that, in turn, affect the
balance of payments.The equilibrium
exchange rate is reached when both internal
and external pressures are in equilibrium.
The monetary approach suggests that
exchange rates are determined by a balance
between the supply of, and demand for,
When the money supply in one country
increases compared with its trading partners,
prices should rise and the currency should
The asset approach suggests that currency
holdings by foreign investors are chosen
based on factors such as real interest rates, as
compared with other countries.
Physical commodity prices are influenced by
supply and demand. Unlike financial assets,
the value of commodities is also affected by
attributes such as physical quality and
1. Expected levels of inflation, particularly for precious
2. Interest rates
3. Exchange rates, depending on how prices are
4. General economic conditions.
5. Costs of production and ability to deliver to buyers.
6. Availability of substitutes and shifts in taste and
7. Weather, particularly for agricultural commodities
8. Political stability, particularly for energy and precious
Credit risk is an investor's risk of loss arising
from a borrower who does not make
payments as promised. Such an event is
called a default. Another term for credit risk
is default risk.
Higher credit risk reduce value of securities.
It increases as time to maturity, settlement or
Organizations are exposed to credit risk
because of business and financial
Investor losses include lost principal and interest,
decreased cash flows and increased collection costs which
arise in a number of circumstances:
A consumer does not make a payment due on a mortgage,
credit card, line of credit or other loan.
A business does not make a payment due on a mortgage,
credit card, line of credit, or other loan
A business or consumer does not pay a trade invoice when
A business does not pay an employee's earned wages when
A business or government bond issuer does not make a
payment on a coupon or principal payment when due.
An insolvent insurance company does not pay a policy
An insolvent bank won't return funds to a depositor.
is the risk that a given security or asset cannot be
traded quickly enough in the market to prevent a loss
(or make the required profit).
Risk that liabilities cannot be met when they fall due.
Liquidity risk arises from situations in which a party
interested in trading an asset cannot do it because
nobody in the market wants to trade that asset.
Liquidity risk becomes particularly important to
parties who are about to hold or currently hold an
asset, since it affects their ability to trade.
A process to
3. Manage and
4. Control potential events or situations
----to provide reasonable assurance regarding
the achievement of organizational objectives.
The method of recognizing possible threats
It consists of measurement of risk in terms of
probability /impact and prioritizing risk.
Ranking risks from highest to lowest.
Actions taken to manage risks.
Enterprises doing risk management using a
framework can be more successful.
By formally organizing risk management
responsibilities, an organization is better
positioned to achieve its strategic objectives.
Use of framework ensure RM activities are
This involves driving events/conditions from
-Economic-Price movements, lower barriers
-Natural Environment-Floods, Fire
-Social-changing demographics, life priorities
-Infrastructure, personnel, process.
Consider events at activity and enterprise
Look at history and future estimates.
Event Inventory-events common to similar companies.
InternalAnalysis-detailed analysis of information.
Process flow analysis
Leading event indicators (monitoring loan payment for
Loss event data methodologies (examining data on past
individual loss events to identify trends and root causes of
Physical Risk Inspection
Flow chart is a micro level technique. Better
detailed activities can be known through the
help of flow chart. Organizational chart is unable
to give a clear picture of the risks lying in the
organization and it also cannot identify the
impact of the risk on the organization. The flow
chart will remove these drawbacks which are
found in organizational chart. The flow chart
also shows that where the most important and
crucial dependencies are in the process of
The organizational chart is very useful in
identifying the risk as it explains the activities of
organization and structure of the organization.
The organizational chart can be limited to the
organization and it can also be extended outside
the organization to show that on which suppliers
and other departments the organization
depends.The organizational chart will help the
risk manager to locate the area where there will
be risk concentration
Flowchart sequentially and graphically depicts
the activities of a particular organization. Any
loss or any risk which will cause disruption in the
operations and will therefore be the bottlenecks
can be clearly identified through this technique.
Flow chart shows the clear picture of the internal
activities of a particular organization, particular
activity of the organization and also the
organization’s complete chain of economic
Now let us take the example of paper making
industry. In which the raw material is collected
which includes straw and used paper.These are
then stored in store room. After that processing
is done on the raw material and pulp is
produced. From pulp, tissue paper, corrugated
paper and fax paper will be made. From
corrugated paper, corrugated sheets are
prepared.Corrugated sheets are then converted
into paper reels, which can be used internally for
packing a product or can be used for selling it.
This flow chart is drawn below and will explain that
how risks can be identified from a flow chart. Used
paper is normally stored under the sheds and straw in
not stored under sheds, straw can itself ignite when
temperature is near 40 C, therefore the risk manager
will try to reduce the risk of self ignition by installing a
network of hydrants around straw, which sheds water
twice a day. Risk manager will try to locate the area of
risk concentration and risk dependencies. Pulp
making is a non-hazardous process as water is used as
a raw material in it.This is how the risk manager will
locate the risk in the production process by the help of
a flow chart.
Checklists and Questionnaires is also a
technique which is widely used to search and
understand the risk internally.This technique is
also used to understand the impact of the risk,
its frequency and its severity. Questionnaires
should ideally be in either yes or no but
practically it is difficult because sometimes we
need details about a particular question to
clearly identify the risk.The questionnaire
should be very much simple and less time
Key questions should be involved and all important
factors should be covered while making a
questionnaire.Whenever a questionnaire is being
constructed, it should involve as many people or staff
as possible because everyone has its own thinking and
perception about risk. By Involving different staff
levels, important questions can be created which can
then be very helpful for a risk manager for example
the guard of the organization will also be useful for
the risk manager as he can tell about the risks at his
level.The technical skill of the users should be kept in
mind while constructing the questionnaire.
The benefits of checklists and questionnaires
are numerous as they can be extremely
efficient way of collecting information from a
wide range of people which are scattered in
different areas. Large amount of information
can be widely collected by this tool. It is a
simple and easy way to use and it can be used
to update the information and to see the
trends against the previous surveys.
There are certain disadvantages of checklists and questionnaires
as well.These can be completed by someone who is not skilled
and do not have knowledge to fill the questionnaire or completed
by person who do not understand the objective of those
questionnaires.These checklists can be ambiguous to the reader
and they could understand the questions according to
perceptions.These questionnaires are also at a risk of being
completed by the person who may have some reasons for holding
back the risk information. All these factors can create problem for
risk manager for identifying the risks.Therefore the risk manager
should be very much vigilant during the construction of
questionnaires and checklists; it should be designed in such a
format that could extract as much information as possible.
This is one of the most useful methods for
identifying risk areas. Physical risk inspection
allows the risk manager to have face-to-face
conversation with the workers on the floor as
well as the risk manager will have a very clear
and precise picture of the risk environment of
This will not be practically possible for the risk
manager to visit each and every part of the large
organization; the risk manager can randomly
visit the areas of organization to locate risks,
change if any occur requires frequent
inspections.The picture which is made on papers
about the organization is totally different from
the actual picture. Usually a perfect situation has
been shown in the paper which in practice is not
according to that.
There are specialized Risk Surveyors, who can
be appointed to carry out the inspection and
then report back to the management, adding
their own assessment and suggestions.The
reports prepared by them are very useful for the
risk managers but the risk manager should keep
in mind that the report prepared by risk
surveyors for a particular purpose and they are
not embracing all the risk events which could
occur on the floor of organization.
The biggest advantage of physically inspecting risk is
proper risk assessment. Identification of risk along with
the suggestions of managing them is another advantage
of physical inspection.The drawback of physical risk
inspection is that it is quite expensive in terms of both the
time and money. When the risk manager will visit the
factory floor on a specific day, only the activities of that
day will be reflected and remaining day’s activities will not
be taken into account, which is a disadvantage in properly
assessing the risk.The risk manager will not be able to
physically inspect those areas which are not included in
the organization but the organization is depending on that
department for example suppliers of raw materials.
A collaborative process that to compare
performance measures and results of events
/processes and identify improvement
Dimensions to check are cost, time, quality.
Internal benchmarking (compare divisions)
Best in Class
Value at Risk (VaR)
Cash flow at Risk
Earnings at Risk
Use subjective assumptions in estimating the
impact of events without quantifying an
associated likelihood. Examples include.
Also known as risk mitigation techniques or
risk response techniques.
1. Avoidance. (exist the activity)
2. Reduction.( apply internal controls)
3. Sharing and (transfer or share a portion of
risk (insurance or outsourcing)
4. Acceptance (take no action)
Limiting risk management to financial
hazards- not considering soft issues (HR,
social responsibility, reputation)
Identifying too many risks as a long list will
increase chances of inadequate attention to
Overcomplicating risk quantification.
ERMP changes over time.
Current responses may be irrelevant.
Controls might have lost their relevance.
Business objectives might have changed
Through monitoring activities management
determines if ERMS is effective.
Separate evaluations are done by functions.
Depends upon competence of people
handling control activities, changes in the
processes and results of ongoing evaluations.
On a continuum from no role to managing
Give assurance report for risk management
Parece que tem um bloqueador de anúncios ativo. Ao listar o SlideShare no seu bloqueador de anúncios, está a apoiar a nossa comunidade de criadores de conteúdo.
Atualizámos a nossa política de privacidade.
Atualizámos a nossa política de privacidade de modo a estarmos em conformidade com os regulamentos de privacidade em constante mutação a nível mundial e para lhe fornecer uma visão sobre as formas limitadas de utilização dos seus dados.
Pode ler os detalhes abaixo. Ao aceitar, está a concordar com a política de privacidade atualizada.