1.

Discuss the term Key Risk indicators

Key risk indicators are essential tool within risk management which facilitates the monitoring and
control of risk. Its also used in risk identification, control assessments and the implementation of
effective risk appetite. However risk identification is an area that challenges most institutions. Hence the
need for further guidance in this area. The purpose for key risk indicators is to provide a guide for
management to appraise and set benchmarks.

2. Explain the term system downtime

System downtime refers to periods when the system is unavailable or fails to perform its primary
function. This usually occurs because of system failure or routine maintenance. A register is put in place
to monitor and recommend remedial measure to forestall it regular occurrence.

3. Identify two key risk indicators and provide it advantages to the organization

1. Service level agreement performance metrics defines the level of service an organization
expect from its vendor’s, setting out the metrics by which service are measured, as well as
remedies or penalties should agree-on service levels are not attained. The SLA motivates
the right behavior since mistakes are penalized for lack of performance.
2. Regulatory breaches and sanctions are for non-compliance of prudential requirements.
These sanctions help to ensure safety, soundness and the stability of the industry which are
supervised.

4. In a dynamic banking environment how do we manage risk tolerance?

Current banking environment presents unprecedented challenges to successfully managing risk and
establishing a platform for achieving predictable and sustainable earnings. With the recent banking
crisis, banks had not responded to the risks inherent in their business. Banks should ensure that
established risk levels by the boards are complied with so as not to incur regulatory sanctions. The risk
tolerance is the amount of risks a bank is willing to accept, as well as the aggregate effect of these risks
upon some critical measurement of success, such as earnings, capital, or shareholder value. Banks
identify the risks and establishing manageable tolerance levels.

5. Briefly explain the term risk culture and identify any group of persons in the organization to call for a
change in the risk culture.

Risk culture refers to a particular beliefs and assumptions. These can be clustered according to specific
cultural tenets, including risk, integrity, governance and leadership, decision-making, empowerment,
teamwork, responsibility and adaptability. These tenets are expressed in everyday workplace practices
through attitudes and behaviors. The Board and senior management are responsible to call for a change
after the organizational risk appetites have been evaluated.
6. What are the differences between incident management and problem management?

Incident management is the management of risk events by gathering and analyzing incident data across
the organization to forestall its future occurrence whiles problem management is occurrence of the
same incident that has happened many times. A problem can exist without having immediate impact on
the users, whereas incidents are usually more visible and the impact on the user is more immediate.

7. Outline three uses of incident management?

1. Certainty that incidents logged will be addressed to the root causes and not forgotten.

2. Working with knowledge on analyzed prior data will assist in identifying the cause of
incidents quickly.
3. It improved information on the reliability of the existing systems.

8. What is a key loggers.

Key loggers are malware which records every keystroke made on a computer to steal serial numbers for
software to launch internet attack, to gain access to email accounts, personal information as credit card
details.

9. Briefly explain Scenario Analysis and state the uses of the process in Banking.

Scenario analysis is a process of analyzing possible future events by considering alternative possible
outcomes sometimes called "alternative worlds". Thus, scenario analysis, which is one of the main forms
of projection, does not try to show one exact picture of the future. Instead, it presents several
alternative future developments. Consequently, a scope of possible future outcomes is observable. Not
only are the outcomes observable, also the development paths leading to the outcomes. Each scenario
normally combines optimistic, pessimistic, and more and less probable developments. It enable banks to
evaluate the upside and downside potential of risk to the bank as a whole under different future
development.

10. Define derivatives and explain the types.

Derivatives are financial arrangement or product (such as a future, option, or warrant) whose value
derives from and is dependent on the value of an underlying asset, such as a stocks, bonds, commodity,
currency, or security. There are two types of derivatives. Commodity derivatives and financial
derivatives. Derivatives originated as a tool for managing risk in commodities markets. In commodity
derivatives, the underlying asset is a commodity. It can be agricultural commodity like wheat, soybeans,
cotton etc. or precious metals like gold, silver etc. The term financial derivative denotes a variety of
financial instruments including stocks, bonds, treasury bills, interest rate, foreign currencies and other
hybrid securities. Financial derivatives include futures, forwards, options, swaps, etc. Futures contracts
are the most important form of derivatives, which are in existence long before the term ‘derivative’ was
coined. Financial derivatives can also be derived from a combination of cash market instruments or
other financial derivative instruments. In fact, most of the financial derivatives are not new instruments
rather they are merely combinations of older generation derivatives and/or standard cash market
instruments.