abgr xi international risk management and insurance seminar “introduction to risk management”...
TRANSCRIPT
ABGRXI International Risk management and Insurance Seminar
“Introduction to Risk Management”
ALARYS Latin American Risk Management Foundation
(FUNDALARYS)
Javier Mirabal, Eng, ARM, AIRM, RF
FUNDALARYS- Executive Director
Sao Paulo-BrasilOctober 26, 2015
Table of Contents
1. Risk
2. Risk Management
3. The Risk Management Process
3
2
1
0 Planning (strategic, operational, etc.)
Tim
e Objectives to achieve(strategic, operational, etc.)
Risk(ISO GUIDE 73:2009, Risk Management - Vocabulary)
“Effect of uncertainty on objectives”
3
2
1
0 Planning (strategic, operational, etc.)
Tim
e Objectives to achieve(strategic, operational, etc.)
Risks
Internal environment (weaknesses, strengths)
Organization
External Environment (threats, opportunities)
Source of Risk in an Organization
‘‘Events’’
Classification of the Risk Events (Criteria: Type of Environment)
Internal Environment
External Environment
- Culture- Infrastructure (financial, physical, etc.) - Personnel (people)- Processes- Systems (IT, etc.)
- Economical - Environmental- Political- Social- Technological- Legal- Others
Risk Classification
•Political•Economic•Social•Technological• Environmental• Legal, Regulatory
• Market• Credit• Counterparty• Liquidity
• People• Processes • System (Technology)• Corporate culture
• Property• People (health, injuries,
death, etc.)• Legal Liabilities• Gross benefit
HazardRisks
OperationalRisks
Business Risks
FinancialRisks
Risk
“Attributes”
Risk
Appetite
Inherent
RiskRisk
Tolerance
Residual
Risk
2- Risk Management
3
2
1
0 Planning (strategic, operational, etc.)
Tim
e Objectives to achieve(strategic, operational, etc.)
Risks
3
2
1
0 Planning (strategic, operational, etc.)
Tim
e Objectives to achieve(strategic, operational, etc.)
RiskManagement
Risk Management(ISO GUIDE 73:2009, Risk Management - Vocabulary)
“Coordinated activities to direct and control an organization with regard to risk”
Risk Management
Risk UniverseRisk Selection
Inherent
RisksRisk Treatment
Residual
Risks
Criteria: Risk Tolerance
Criteria: Risk Appetite
COSO-Enterprise Risk Management Integrated Framework-2004 (The Committee of Sponsoring Organizations of the Treadway Commission)
TGS DOC ID#TGS DOC ID#17
17
ISO 31000: 2009Risk Management – Principles and guidelines
Design of framework for managing risk
Continual improvement
of the framework
Implementing risk
management
Monitoring and review of the
framework
Establishing the context
Risk treatment
Risk identification
Risk analysis
Risk evaluation
Risk assessment
Mandate and commitment
Risk
Man
agem
ent
Prin
cipl
es
Com
mun
icati
on a
nd
cons
ulta
tion
Mon
itorin
g an
d Re
view
Framework ProcessPrinciples
3- The Risk Management Process
Risk Management
Risk UniverseRisk Selection
Inherent
RisksRisk Treatment
Residual
Risks
Criteria: Risk Tolerance
Criteria: Risk Appetite
Risk Transformation
(criteria: Risk Appetite & Risk Tolerance) Inherent Risk Residual Risk
COSO-Enterprise Risk Management Integrated Framework-2004 (The Committee of Sponsoring Organizations of the Treadway Commission)
Risk Management Process
TGS DOC ID#TGS DOC ID#22
22
ISO 31000: 2009Risk Management – Principles and guidelines
Design of framework for managing risk
Continual improvement
of the framework
Implementing risk
management
Monitoring and review of the
framework
Establishing the context
Risk treatment
Risk identification
Risk analysis
Risk evaluation
Risk assessment
Mandate and commitment
Risk
Man
agem
ent
Prin
cipl
es
Com
mun
icati
on a
nd
cons
ulta
tion
Mon
itorin
g an
d Re
view
Framework Risk Management ProcessPrinciples
Establishing the
context
RiskTreatment(Controls)
Event
Identification
Risk Assessment
Risk Management Process
Communication and Consultation
Monitoring & Review (Continuous Improvement)
Controls Implementation
Control(ISO GUIDE 73:2009, Risk Management - Vocabulary)
“Measure or action that modifies risk”
Control (Classification)
Type of Control Probability Impact
Risk Control(Prevention)
X
Risk Mitigation(Reduction)
X