Fundamentals of Risk Management
Download 3,45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
- Bu sahifa navigatsiya:
- TAbLE 25.1 Definitions of risk appetite Risk culture 304
- FIgURE 25.1
|
Organization
Definition of risk appetite IRM (2011) The amount of risk that an organization is willing to seek or accept in the pursuit of long-term objectives ISO Guide 73 (2009) The amount and type of risk that an organization is willing to pursue or retain Orange Book (2004) The amount of risk that an organization is prepared to accept, tolerate or be exposed to at any point in time CIIA (2005) The level of risk that is acceptable to the board or management. This may be set in relation to the organization as a whole, for different groups of risks or at an individual risk level TAbLE 25.1 Definitions of risk appetite Risk culture 304 Risk appetite and the risk matrix Figure 25.1 illustrates the concepts of risk appetite, risk exposure and risk capacity. Risk appetite is illustrated by way of shaded squares on the risk matrix and the over- all risk exposure of the organization is shown as a curved line. This illustration represents risk appetite, exposure and capacity for a risk-averse organization. The medium-shaded area represents a situation where the organization is com- fortable with taking the risk. The lighter areas represent the cautious and concerned zones, where management judgement is required before the risk is accepted. The risks shown in the darkest area are critical risks and these risks will only be accepted when there is a business imperative. FIgURE 25.1 Risk appetite, exposure and capacity (optimal) Critical zone Concerned zone Cautious zone Comfort zone Impact Likelihood Risk capacity Risk exposure Ultimate risk capacity Optimal risk exposure |
