Risk Risk
Identification Measurement
Risk
Mitigation
Risk Governance Risk, Strategy, Risk in Execution Risk Information, Monitoring Enterprise
and Culture and Objective-Setting Communication, Risk Management
and Reporting Performance
© 2016 The Professional Risk Managers’ International Association
1. Exercises Board Risk 7. Considers Risk and 12. Identifies Risk 18. Uses Relevant
COSO Revised ERM Framework 2016:
“Aligning Risk with Strategy and Performance”
Risk 7. Considers Risk and 12. Identifies Risk 18. Uses Relevant 22.
Business Context in Execution Information
nance 8. Defines Risk Appetite 13. Assesses Severity 19. Leverages 23.
del of Risk Information Systems
9. Evaluates Alternative
Strategies 14. Prioritizes Risks 20. Communicates Risk
haviors Information
10. Considers Risk while 15. Identifies and Selects
mmitment Establishing Business Risk Responses 21. Reports on Risk,
hics Objectives Culture, and Performance
16. Assesses Risk
ability 11. Defines Acceptable in Execution
Variation in Performance
, and 17. Develops Portfolio View
ndividuals
REPORTING R
I
G
MEASUREMENT AND MODELLING S
O
K
V
E
A
R
Internal Loss
Risk and
P
N Data Scenario Key Risk
Control Self P
A External Analysis Indicators
Loss Data
Assessment E
N
T
C
POLICIES AND PROCEDURES I
E
T
CULTURE AND AWARENESS E
ORM Handbook, p. 58
© 2016 The Professional Risk Managers’ International Association 20
Risk Severity Categories
Inevitables
# of Losses • Below a certain level, these losses are a cost ofdistribution
Severity doing business.
• Best understood through historical loss data.
• Absorbed by annual earnings.
Intermediates
• Uncommonly large losses that may exceed annual earnings.
• Best understood through firm and industry large losses.
• Absorbed in part by capital.
Improbables
• Highly unusual and catastrophic losses that may well
exceed multiple years’ earnings.
• Best understood through stress testing, scenarios.
• Absorbed by capital.
Size of Loss
ORM Handbook, p. 73
© 2016 The Professional Risk Managers’ International Association 21
Chapter 3:
Risk Management Framework
Risk Policy
• Independence
• Expertise
• Leadership
• Influence
• Talent Development
• Team Work
• Humility
• Anticipation
• Courage
• Cohesion
Source: Stéphane Chassard, Chief Risk Officer UK, BNP Paribas, 2013.