Download RIMS - CRMP Complete Study Guide; 1 Analyze the Business Model, 2 Developing Organizationa and more Exams Credit and Risk Management in PDF only on Docsity! RIMS - CRMP Complete Study Guide; 1 Analyze the Business Model, 2 Developing Organizational Risk Strategies, 3 RIMS CRMP-Implementing the Risk Process, 4 Developing Organizational Risk Management Competency, 5 Supporting Decision Making, Complete Risks - answers>The effect of uncertainty on objectives The chance of something happening that will have an impact on objectives Being prepared for the worst and being poised to exploit opportunities as they are discovered Enterprise Risk Management - answers>A strategic business discipline that supports the achievement of an organization's objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio. Support Function: Business continuity and crisis management - answers>Risk identification, assessment and creation of emergency response and recovery plans related to threats or hazards that might lead to operational disruptions Analysis - answers>A systematic examination and evaluation of data or information by breaking it into its component parts to uncover their relationships. An examination of data and facts to uncover and understand cause-effect relationships, thus providing basis for problem solving and decision making. To embed risk management in both routine and strategic decision, what should managers be able to recognize? - answers>The type of decision being made; Who should be included in the decision making process; Where in the process decisions are being made Risk management strategies' general focus - answers>Meeting or exceeding an organization's objectives Adhering to control-based objectives, rules and/or controls Complying with regulatory requirements Support Function: Internal Audit - answers>Risk identification, assessment and treatment through audit plans with focus on fraud, corruption, regulatory noncompliance and/or misrepresentation related to the organization's internal control systems, financial operations, financial statements and reporting as well as enterprise risk and the organization's risk management framework and process. What steps can the risk management professional take to embed risk management in decision making? - answers>Include risk assessment in planning process; Leverage cross-functional risk assessment team and subject matter experts to identify enterprise risks; Consider cascading and cumulative effects Gap Analysis - answers>Technique that can be used to determine what steps might need to be taken to improve the organization's capacity to move from a current state to a desired future state. Risk appetite - answers>The total exposed amount that an organization wishes to undertake on the basis of risk-return trade-offs for one or more desire and expected outcomes. Communication and Consultation - answers>Risk management professional's role in Implementing Risk Strategies Support Function: Legal - answers>Risk identification, assessment and treatment of risks related to the obligation an organization undertakes and transfers through contracting, as well as its compliance with applicable laws and regulatory obligations. What are the typical failures in risk management which can be avoided if it is embedded in the decision making process? - answers>Program not integrated into strategy or its execution; Focused on the wrong risks; Not executed in a repeatable process; Risk management is practiced in a silo; Activity not viewed as being value added Strategic Plan - answers>Determines that actions the organization will take at any stage of the planning period as circumstances change. Risk owner - answers>The individual who is ultimately accountable for ensuring that risk is managed appropriately, including the implementation of selected responses. Risk Identification Process - answers>Finding, Recognizing and Recording Risks Support Function: Compliance - answers>Risk identification, assessment and treatment of risk related to regulations that may affect the organization's ability to operate in its respective jurisdictions, as well as activities that fall within its compliance and ethics programs. To successfully integrate risk management into decision making, risk management professionals will rely on strategies that draw on personal and technical skills in - answers>Building organizational awareness; . Differentiating the different types of decisions used in varying situations using elements of decision quality; Performing various roles in the taking risk into account in decision-making process Strategy - answers>A complete plan of action for whatever situations might arise in achieving an organization's goals within the established time. Gap analysis - answers>determine steps to improve the organization's capacity to move from a current state to a desired, future state. (current available factors, success factors needed to achieve future desired objectives, highlighting the gaps) How to obtain the real story aside from reading information? - answers>Talk to those inside the organization; Talk with external stakeholders ; Do site visits assumptions - answers>The risk manager can then identify ________________ made by management when developing these goals. Root Cause Analysis - answers>multiple techniques designed to identify the underlying or initiating risk sources or drivers. (fault tree analysis, event tree analysis, failure mode and effect analysis and cause-and-effect analysis - fish bone diagram) Element of decision quality: Frame the issue; identify the need - answers>Is solving this problem or realizing this opportunity worthwhile? What are the intended outcomes? Risk Culture - answers>The norms and traditions of behavior of individuals and of groups within an organization that determine the way in which they identify, understand, idsuss and act on the risk organization confronts and takes. Influence analysis/diagrams - answers>identify the strength of influencing factors and help determine potential weighting for consideration during the risk assessment process. Define root causes for major risks, define the chain of events likely in a scenario and become the foundation for further modeling. Training needs assessment: Why conduct the training? - answers>to tie the performance deficiency to a working need and be sure the benefits of conducting the traiing are greater than the problems being cuased by the performance deficiency. Conduct two types of analysis to answer this question: 1) needs versus wants analysis and 2) feasibility analysis Element of decision quality: Explore doable alternatives - answers>What options are available and how effective or disruptive will each one be in solving the problem or realizing the opportunity? What unintended consequences will each alternative create? Knowledge - answers>A risk management professional must possess general business acumen to generate conversations that lead to deeper understanding of organizational structure; value chain; market analysis, PESTLE, etc. key risks to each strategic goal - answers>The risk manager can then use in-depth risk analysis to assess the __________________ as well as the risks to the successful execution of the strategic plan. Risk Register Analysis - answers>compile risk into a risk register to analyze and manage those risks in an organized way, typically by category. Training needs assessment: Who is involved in the training? - answers>involve appropriate parties to solve the deficiency. Conduct a target population analysis to learn as much as possible about those involved in the deficiency and how to customize a training program to capture their interest. Element of decision quality: Consider meaningful, reliable information - answers>Is the information accurate, applicable and useful? How will this information inform the decision-making process? What different interpretations of the data are possible and how will each one affect the decision-making process? Skills - answers>A risk management professional must possess communication, technical and interpersonal skills to obtain organizational information. Action plans - answers>_____________ should be developed to address gaps between the key risks to the strategic plan and the successful delivery of the mission. Organize - answers>After obtaining information, what should be the next step to be done? organizational strategy - answers>Risk strategy should be continually revised to align with ____________________. Element of decision quality: Develop realistic options available to the decision makers - answers>How feasible, acceptable or desirable is each option and which will be most useful in achieving the objective? Scenario analysis - answers>process of analyzing possible and plausible future events by considering alternative settings, circumstances and outcomes. It provides a basis for making decisions in the context of different conditions. Training needs assessment: How can the performance deficiency be fixed? - answers>Can training fix the performance deficiency or suggest other remediation if training is not appropriate? Conduct a performance analysis to identify what skill deficiency is to be fixed by a training remedy. Risk analysis results to - answers>determine the risk adjusted probability of achieving strategic objectives; determine the key risks that may negatively or positively affect the achievement of the strategic objectives Synthesize - answers>A process of combining information in ways that are coherent, logical and meaningful. Element of decision quality: Understand clearly the values and trade-offs - answers>In pursuing each option, what are the consequences of making the trade-offs that will be needed? How clearly is the expected value understood? Training needs assessment: What is the best way to perform? - answers>Is there a better or preferred way to do a task to get the best results? Are job performance standards set by the organization? Are thre governmental regulations to consider when completing the task in a required manner? Conduct a task analysis to identify the best way to perform. Site analysis - answers>leaders at each site perform an assessment by analyzing and evaluating the potential risks based on what is being produced at the site and its environmental factors. This may include threat, vulnerability and criticality analyses. Prioritize - answers>The step to choose the information that is most relevant, timely, useful and valuable for assessing risks that could affect the organization's objectives. risk register - answers>________________ is a tool that can be used to provide an overview or the organization's risk profile aligned to corporate strategy Element of decision quality: Use logical correct reasoning - answers>What biases may be influencing reasoning? Training needs assessment: When will training take place? - answers>What is the best timing to delivery training? Attendance at training can be impacted by work cycles, holidays and so forth. Conduct a contextual analysis to answer logistic questions. SWOT analysis - answers>strengths and weaknesses (internal), opportunities and threats (external) Monte Carlo analysis - answers>mathematical technique that generates random variables for modelling risk or uncertainty of a certain system (simulation). The random variables or inputs are modelled on the basis of probability distributions Developing training goals: Align training to specific organizational performance goals - answers>Training should directly support specific organization performance goals, such as increasing, revenues, decreasing costs, teaching a new process, launching a new product or complying with regulations. risk awareness - answers>Organizational risk competency capabilities: ____________ as a core cultural characteristic What are attributes of a learning organization? - answers>Supports constructive criticism; Supports healthy debates; Open to understand attitudes about uncertainties, risk taking and tolerance forward-looking, long-term view - answers>Organizational risk competency capabilities: ___________________ into emerging risks Risk evaluation - answers>uses which risk criteria (risk appetite, risk tolerance, outputs from risk identification and risk analysis process) to determine which risks are acceptable and which require additional modification or treatment Pre-decision environment - answers>Decision has not yet been made; RMP should be able to articulate the value that can be gained by including more formal risk management process into the decision-making process for more significant or complex project, initiatives and strategy setting How are learning objectives communicated? - answers>Learning objectives have four parts: Each learning objective should indicate who will perform the action (person), the specific behavior to be performed, the conditions under which the behavior will be performed, and the degree to which the person must perform the behavior. Risk appetite - answers>is the total exposed amount that an organization wishes to undertake on the basis of risk-return trade-offs for one or more desire and expected outcomes. Coaching - answers>Methods of helping others to improve, develop, learn new skills, find success, achieve aims and manage change and challenges. Providing support and advice to an individual or group in order to help them recognize ways to improve their competencies and effectiveness. Active-decision Environment - answers>Decision is in the process of being made; RMP should identify the stakeholders, understand success measures; integration of risk management process; develop monitoring process What are the steps in benchmarking? - answers>Compare organization with peers and competitors; Differentiate and prioritize to identify peers trusted adivsor - answers>Organizational risk competency capabilities: Reputation for being technically risk- savvy and effective at influencing key decisions. Has earned the trust of leadership and decision-makers and is seen as a _____________. To benchmark the organization against its peers and competitors, which information must be obtained? - answers>Industry and trade publications; Stock analyst reports for publicly traded companies; Do your own research: Publicly available information such as google trends and prepare and competitive analysis identify, assess and treat risk - answers>Organizational risk competency capabilities: Ability to _______________ within a clear appetite and tolerance context. Risk tolerance - answers>is the amount of uncertainty an organization is prepared to accept in total - or more narrowly, within a certain business unit, a particular risk category, or for a specific initiative. Post-decision Environment - answers>Decision has already been made; RMP should create a learning environment for stakeholders to identify risks to performance through the execution process; Determine when in execution process risk-based discussions still could be used to favorably impact the outcome ERM integration in organizational strategies: Establish a purpose and value outcome for developing risk management competencies - answers>What value outcome will risk management competencies provide for strategy development and performance at strategic, operational and tactical levels? Risk interdependencies - answers>are situations where risks can have a cascading effect. Understanding this provides an opportunity to facilitate collaboration among various business units by addressing similar or related risks together. ERM integration in organizational strategies: Establish guiding principles by articulating the organization's risk philosophy - answers>Risk philosophy aligned with vision, mission and values; create and protect value Decision Making Environments - answers>Decisions can be categorized related to changes in the organization; scope and impact; level of familiarity In benchmarking, you may analyze and compare information and you can look for: - answers>Gaps, strengths and weaknesses, differentiators; risks matters to the organizational performance - answers>Organizational risk competency capabilities: Clear view into risk materiality and ability to narrow the focus to what really _________________. Core competencies - answers>These are fundamental for successfully performing as a risk management professional, irrespective of level of experience or training. These competencies form the foundation for being able to apply the related knowledge and skill components of the model for the needs of an organization. Quantitative Scoring Methods - answers>Scoring Method when rating organization against peers based on readily available data such as stock price, market capitalization and earnings per share Identify actual decision makers in the decision making environments - answers>Identify those who are accountable for performance ERM integration in organizational strategies: Establish a risk governance model that fits within the organization's unique governance arrangements - answers>Oversight, roles and responsibilities, structure unique to the organization Indemnification - answers>contractual obligation placed on the indemnifier to return the indemnified to essentially the same financial condition that existed prior to the loss or claim or to stand in as the source for financing the legal liability. Contractual risk transfer - answers>a legally binding agreement between two parties whereby one agrees to indemnify and hold another party harmless for specified actions, inactions, injuries or damages. ERM integration in organizational strategies: Determine the risk management strategy that will build organizational competencies in support of the organization's strategy - answers>Common definitions, references, measurements and process; improve risk management competencies throughout the organization, iterative plan tasks aligned with organization's planning processs Identify impact in the decision making environment - answers>Which decisions make the greatest impact on a specific strategy? Leverage information by using organized internal and external sources; information gathered from meetings; key inputs and outputs of the value chain and operations Qualitative Scoring Method - answers>Scoring Method when rating organization against peers based on economic, environmental and philanthropic programs that increase brand quality Core Competency: Attributes - answers>Qualities, characteristics and behaviors that, when displayed, will assist risk management professionals in getting things done in areas where they do not hold direct responsibility. These attributes are particularly important when adapting and integrating a horizontal, portfolio approach to risk management across an organization. What are the specific knowledge risk professionals need during benchmarking? - answers>Market analysis and environmental scanning; Business acumen-market analysis and value assessment; Due diligence and analytics Risk avoider - answers>Risk attitude that considers "what can go wrong" rather than "what needs to go right" related to the decision Integrate risk management process with organizational strategies - answers>consider the organization's planning processes and calendar Risk Monitoring - answers>Observe Check the progress or quality of something over a period of time Keep under systematic review Prioritize risks to be monitored - answers>In monitoring risks, what should be done to identify the greatest potential for disrupting or accelerating performance? Plan - Do - Check - Act, Deming Cycle, Shewhart Cycle - answers>Continuous improvement multi-step quality model In order to facilitate discussions about risk in decision process, what stages should be identified and influenced? - answers>Timeline the decision is being made; The primary decision maker; If there is an establish risk tolerance and threshold Biases - answers>A method to identify uncertainties which can help identify potentially hidden expectations, motivations or even conflicts within the organization. It may sometimes lead to perceptual distortion, inaccurate judgment and illogical analysis of information. corporate success measures - answers>Success measures: aligning risk measures to ________________ corporate score card - answers>Success measures: Gaining lace on the ______________ Resources; - answers>A method to identify uncertainties allocates resources for managing risk related to organizational objectives. In facilitating risk discussions, who should be included? - answers>Decision makers, other influencers, accountable individuals; impacted stakeholders; those responsible for managing related risks Plan - answers>A step in continuous improvement model to identify an opportunity and plan for change. Risk metrics (key risk indicators) - answers>In monitoring risks, what should be integrated into the performance objectives of the organization? Reviews of the risk treatment plans - answers>In monitoring risks, what should be scheduled as an ongoing agenda item in the responsible leader's staff agenda? Do - answers>A step in continuous improvement model to implement change on a small scale; collaborating on the process assessment and potential options; validating the continuous improvement options; selecting and executing improvement options. What are characteristics of decisions that may increase the odds of successful outcomes through risk-informed decisions? - answers>Be transparent; Resolve potential conflicts; Follow escalation guidelines What are the important ATTRIBUTES that are needed over the course of risk management professional career? - answers>Assertiveness; Inquisitiveness; Judgment; Curiosity; Courage; Persuasiveness performance evaluation process - answers>Success measures: Integrating risk success measurement into the organization's ________________ engagement and accountability - answers>Success measures: Making the case for risk management _______________ What are the important SKILLS that are needed over the course of risk management professional career? - answers>Investigation skills; Strategic thinking; Inductive reasoning; Behavior modification; Relationship development; Decision making What could successful discussions reveal - answers>Potential untapped opportunities; Uncertainties that may benefit from scenario planning; Cognitive Biases, anchoring and loss aversion; Potential outcomes Check - answers>A step in continuous improvement model to use data to analyze the results of the change and determine whether it made a difference. Key performance indicators (KPI) - answers>help a firm see how it is performing in relation to its strategic goals and objectives. Key risk indicators (KRI) - answers>are leading indicators of risk to business performance, giving early warning about potential risks. Act - answers>A step in continuous improvement model to implement successful improvement changes on a wider scale and continuously assess your results. Risk management professionals can encourage continuous learning by - answers>Advising on alignment of the decisions within the organization's strategy and external information; Suggest improvements when changes may need to be made in other areas; Developing a sustainable communication process and network. Risk Manager Core Competency Model - answers>Consists of key skills and knowledge that will help a risk manager thrive. This can be used for position definition, professional development, communication and many other purposes corporate rewards strategy - answers>Success measures: Tying risk engagement, accountability and results to the ______________ Progress reports - answers>What should be monitored in terms of significant risks and use of risk process? Maturity models - answers>recognized measurement concept for demonstrating development progress; linked closely with continuous improvement; represent the degree of formality and effectiveness of risk management activities and processes at different levels; highlighting consistent outcomes across organizations. What are the RMP's core competencies? - answers>Business insight; integrity/ethics; communication; collaboration; consultation strategy and measurement - answers>Enterprise Risk Management, in contrast to traditional risk management, takes into account ______________________ where it considers all risks as part of strategy and includes the upside of risk, concept of build, expand and exploit to add value, push and pull of risk performance data and uses RIMS risk maturity model Area of improvement to encourage continuous learning: Design of organizational strategies - answers>Are decisions aligned with the risk management goals, objectives and risk culture? Are decisions aligned with acceptable risk tolerance and appetite guidance? Is the decision achievable with resources available? Does it meet or align with the measures of success established? Leader - answers>Risk management professional's role is to drive adoption of enterprise-wide approach to enable the organization to achieve its objectives; develop awareness for broad risk management competencies; enable execution of consistent risk assessment methodologies, guiding improvement and monitoring efforts. Risk management maturity - answers>represents the degree of formality and effectiveness of risk management activities and processes in an organization at different levels, from ad hoc practices, to formal defined steps, to management result metrics to actively making the most effective use of processes and capabilities. Top Management - answers>Participants in the ERM governance model who establishes risk management policies/tolerances; review and reports significant risk issues; controls risk governance and infrastructure Unmanaged risk - answers>greatest source of waste in business and economy and can have a damaging effect on companies, employees and communities where the business operates. Adoption of ERM-based approach - answers>Comptency Drivers: Executive support of ERM; business process definition and risk ownership, far-sighted risk management vision; front line and support process owner participation What occurs during the "pull" flow of information - answers>Risk management professionals can pull information about new developments and promote action plans that manage significant risks Core Competency: Management Skills - answers>Strategic perspective; planning; organizing; decision making; relationship development Governing Body/Board of Directors - answers>Participants in the ERM governance model who is the ultimate risk management oversight responsibility Risk ownership - answers>Essential to the successful implementation of an ERM program because it places the responsibility, accountability and authority for volatile situations on those stakeholders directly affected by risk. ERM process management - answers>Competency Drivers: Repeatable and scalability; ERM program oversight ERM process steps; risk culture, accountability and communication, risk management reporting RIMS Risk Maturity Model (RMM) - answers>A best practice framework for enterprise risk management. Developed as an umbrella framework of the international, cross-industry standards, the RIMS RMM allows organizations to measure how well their risk management efforts align with these best practices. Risks viewed as an interrelated portfolio - answers>Coordinated and strategic approach of risk management Risk management - answers>strategic business discipline that supports the achievement of an organization's objectives by addresssing the full spectrum of its risks and managing the combined impact of those risks as an interrelated portfolio. Risk appetite management - answers>Competency Drivers: Risk portfolio review; risk reward tradeoffs Developing risk governance model, is defining and ensuring the effectiveness of the process steps, methods, tools and techniques for: - answers>Risk identification; Risk assessment; Risk Measurement; Risk Modification; Risk Modification Risk Reporting; Risk data collection, storage and access protocols and procedures Clearly identified responsibility for risk management - answers>A benefit of ERM that fosters an environment where risk-return trade-offs are carefully evaluated; responsibility and accountability for managing risks are explicit part of governance Root cause discipline - answers>Competency Drivers: Dependencies and consequences; Indicator classifications; risk (uncertainties) and opportunity information collection; root cause consideration commitment from leadership - answers>Component in implementing enterprise risk plan: Obtain __________________ of the organization for the purpose, scope and accountability, responsibility and resources to implement the risk management strategy. milestone/s - answers>Component in implementing enterprise risk plan: Define major _______________, accountable stakeholder owners and a timeline for each ____________ Uncovering risk - answers>Competency Drivers: Formalized risk indicators and measures; adverse (potential) outcomes as opportunities; follow-up reporting; risk ownership by business areas Efficiency of risk management resources - answers>A benefit of ERM that maximizes the efficiency of an organization's risk management resources and activities through a cross-functional view and common risk assessment process Risk Treatments - answers>Avoidance, Transfer, Acceptance, Mitigate Performance management - answers>Compentency drivers: ERM information and planning; communicating goals; ERM process goals and activities governed and guided - answers>Component in implementing enterprise risk plan: Define who and how the plan will be _____________________ Emerging risks - answers>Completely new or extremely rare negative events Business resilience and sustainability - answers>Compentency Drivers: Analysis-based planning; resilience and operational planning; understanding consequences organizational risk management competencies - answers>Component in implementing enterprise risk plan: Design the plan so that it supports and aligns with the desired __________________ Risk management culture and governance - answers>Examples include Adhere to systematic and consistent practices, limit future losses, optimal risk/reward structure Benchmarking - answers>comparing one's processes and performance metrics against those of organizations known to be leaders in one or mor easpects of their operations implementation plan success - answers>Component in implementing enterprise risk plan: Develop metrics to measure _______________ management agreement - answers>Component of risk communication strategy: Define and secure _______________ for key risk messages Ways to benchmark - answers>Industry groups; conferences, sumits and workshops; participation in surveys; association, academic, government and other research; networking RMM attribute: Adoption of ERM-based process - answers>RMM attribute: This attribute measures the organization's risk culture, and considers the degree of executive or board-level support for enterprise risk management. Engaging risk network promotes - answers>greater consistency in approaches and in developing capabilities for risk management activities across the organization. risk strategy and tactics; the enterprise communication process, the desired risk culture - answers>Component of risk communication strategy: Ensure alignment with _______________ RMM attribute: ERM process management - answers>RMM attribute: This attribute measures the extent to which the organization has adopted an ERM methodology throughout its culture and business decisions, and how well the risk management program follows best practice steps to identify, assess, evaluate, mitigate, and monitor risks. RMM attribute: Risk appetite management - answers>RMM attribute: This attribute evaluates the level of awareness around risk-reward trade-offs, accountability for risk, defining risk tolerances, and whether the organization is effective in closing the gap between potential and actual risk. Identifying what training is needed - answers>Logical first step before developing training goals Identify and gather available data - answers>A step in identifying risk whereby the purpose is to identify what might happen or what situations might exist that may affect the achievement of the organization's strategy, objectives and tactical plans. Tangible services - answers>A risk management professional may offer faster response, useful or sensitive information or public support in exchange for implementing enterprise-wide collaboration sufficient support for the strategy - answers>Strategies to obtain support: Determine if there is ___________________ from your immediate chain of command organization's strategies - answers>Strategies to obtain support: Validate risk management strategies with key stakeholders to confirm alignment with the _________________________ Data collection - answers>A strategy for gathering data to identify a risk that should be comprehensive, strategic and timely Sentiments - answers>A risk management professional may offer gratitude, appreciation or praise in exchange for implementing enterprise-wide colaboration Surveys, interviews and focus groups - answers>Methodologies used for gathering data to identify a risk Compliance for Mutual benefits - answers>A form of exchange between departments and enterprise risk management where there is increased ability to manage volatility, improved operational efficiency, more efficient process, strengthened supply chain, reduced operating costs secure support - answers>Strategies to obtain support: Define, communicate and ___________________ from key leaders for the risk roles needed from stakeholders and employees in general, that would enable the desired risk competencies in the enterprise Benchmarking, document review, assets and process reviews - answers>A strategy for gathering data to identify a risk involving external resources Compensation for Costs - answers>A form of exchange between departments and enterprise risk management where the latter offers to cover the cost associated with complying with the request; cost of additional staff, etc. remediate - answers>Strategies to obtain support: Identify gaps and __________ them objective; benefits - answers>Value proposition of ERM: It is _____________ as possible; it defines the __________ deliverable to each stakeholder Equivalent Payments - answers>A form of exchange between departments and enterprise risk management where the latter offers services in exchange for supporting and implementing enterprise-wide risk management process Existing capabilities - answers>A strategy for gathering data to identify a risk that includes understanding current risk management processes and approaches, existing controls and their levels of effectiveness to identify known risks Progress report should include these issues in the normal business - answers>Material risk target outcome; Specific activities that have taken place since the last report; Challenges in executing the risk treatment plan; A trend assessment in the risk profile against the targeted outcome How can risk management professionals take a collaborative approach with company executives? - answers>Build relationships; Practice empathy and listening; Present yourself as an ally; Focus on organizational objectives success measurement; return on investment - answers>Value proposition of ERM: There is a ______________ methodology; there some form of ______________ message that can ultimately be validated. When creating reports and presentations, the following must be considered - answers>Understand the audience; Understand the purpose; Type and detail of information; Insights and recommendations How can risk management professionals develop the desired risk culture and risk management capabilities? - answers>Training sessions that clearly communicate the corporation's attitude about risk-taking; Key risk indicators embedded into management performance objectives; On-boarding process; Risk management visualization technique mandate; training plan - answers>Value proposition of ERM: There is a ___________ from C-suite and board of directors; A _____________ exists to enable role performance communication plan; resource support - answers>Value proposition of ERM: A _____________ exists to keep players informed and provide channels for issue resolution: ____________ has been or will be secured to enable players to execute expected roles How can managers make risk informed decisions that enable them to succeed? - answers>Adapt risk management process to meet operational area need; Focus discussions on organization objectives; Develop a test case in a specific area In what areas and activities can risk management professional give advise? - answers>Strategy development and performance; Enterprise-wide or related areas, whether internal or external; Specific operational and functional areas; Development of new initiatives; New and evolving issues; Significant changes What is the process of giving advice? - answers>Evaluate metrics and reports; Gain insights into organizational performance; Validate insights with key stakeholders; Develop recommendations; Communicate recommendations How to identify training needs? - answers>Identify required performance or desired behavior; identify Gaps/needs; What are the desired actual performance or behavior What opportunity does risk management provide? - answers>An opportunity to identify risks that can be exploited to benefit the organization's mission and goals An enterprise-wide risk management framework views risk within an organization's: - answers>Unique strategy; Tolerance; Culture; Decision Making; Governance How to validate whether the training programs are delivering what is expected? - answers>Engaging others in feedback reviews; Testing training in small groups What does strategic risk management seeks to? - answers>Drive deliberate and action regarding uncertainties and untapped opportunities that affect an organization's strategy and strategy execution Risk Categorization - answers>helps assign accountability, allocate resources, and ensure that the risk reports are more easily understood by top management How to match training and media for audience? - answers>Message differs depending on the audience; Daily decision-making or general awareness; High-level overview operational instruction or general knowledge What actions could result to informed decisions that increase the likelihood of long-term organizational success? - answers>Building organizational risk competency; Aligning risk strategy to corporate strategy; Embedding risk awareness and competency throughout organizational functions and processes Implement - answers>Continuous improvement model (Act): _____________ validated improvement option more widely Primary responsibility of a great risk leadership - answers>Ensuring that risk stakeholders are enabled to play their roles and are guided down the path of risk competency maturity over time What are two ways that companies achieve risk transfer? - answers>Contractual risk transfer and insurance Develop risk treatment plans - answers>A common method of implementing the selected risk solutions Individuals with specific technical knowledge about the organization and capability and resources to implement solutions - answers>Who can best find, chose and implement effective risk solutions? Treatment plans should be integrated to the: - answers>management plans and processes of the organization rationale; benefits - answers>Elements of treatment plans: the _________ for the selection of the treatment plans; including the expected ________ to be gained approving and implementing the plan - answers>Elements of treatment plans: those who are accountable and responsible for ______________ actions - answers>Elements of treatment plans: proposed __________ and timeline constraints and contingencies - answers>Elements of treatment plans: resources required including ___________________ performance measures - answers>Elements of treatment plans: the ________________ that validate that the solutions are working as planned reporting and monitoring - answers>Elements of treatment plans: the required ___________________ of risks as part of normal business activity and reporting Accountability for risk - answers>this matters when it is measured and can achieve a trickle down effect as the operations and functional managers engage their staff to support in the achieving the objectives What should be evaluated that may dramatically impact the organization's strategic goals? - answers>effect of significant acquisitions, organizational and process changes, other changes How can risk management professionals gain insights into organizational performance related to the effectiveness of the organizational risk management? - answers>evaluating metrics and reports that result from a disciplined and informed risk management process How can risk management professionals gain credibility and engagement with key stakeholders - answers>validating insights with key stakeholders priorities - answers>Monitoring risk process: setting _______ based on desire performance performance objectives - answers>Monitoring risk process: developing risk metrics integrated with _______________ monitoring schedules - answers>Monitoring risk process: Establishing _________________ to check progress over time expected value of the of the collective objectives - answers>Monitoring risk process: validating whether the ___________________ from making risk-informed decisions and implementing risk solutions have been achieved