Benchmarking - ANSWER The process of measuring the performance of an organization
against external standards of reference that frequently come from similar organizations do-
ing similar things.
Corporate governance - ANSWER The system of rules, practices and processes by which a
company is directed and controlled
Enterprise risk management - ANSWER A strategic discipline that supports the achieve-
ment of an organization's objectives by addressing the full spectrum of its risk and managing
the combined impact of those risks as an interrelated risk portfolio.
Strategy: Consider all risks and exploit risks as part of strategy
Measurement: Include Upside of Risk (Bugalla and Kugler)
Look at building, expanding, exploiting to add value
Push and Pull risk performance data
This approach is Coordinated & Strategic
Gap analysis - ANSWER Comparison of an existing process or procedure to recognized
standards in order to identify deficiencies or excesses in the existing process.
Technique that can be used to determine what steps might need to be taken to improve the
organization's capacity to move from a current state to a desired future state.
1
,Key performance indicator (KPI) - ANSWER An activity that signals the achievement of or-
ganizational objectives
Key risk indicator (KRI) - ANSWER A measurement of how risk and volatility relate to
achieving organizational objectives
Designed to manage the downside of risk
Leading indicators of risk to business performance; giving early warning of potential risk
early signal of changes in risk exposures in various areas of the enterprise
Risk Metrics - ANSWER Integrated into the performance objectives of the organization for
monitoring risks
Examples: KPIs and KRIs
Indemnification - ANSWER Contractual obligation placed on the indemnifier to return the
indemnified to essentially the same financial condition that existed prior to the loss or claim,
to stand in as the source for financing the legal liability
Contractual Risk Transfer - ANSWER A legally binding agreement between two parties
whereby one agrees to indemnify and hold another party harmless for specified actions, in-
actions, injuries or damages
Hold Harmless - ANSWER wording that requires one party to shield the other party from
the effects of the legal liability assignable to transfer or obligor
2
, Risk Transfer/Sharing - ANSWER Action taken when 1) costs of retaining risks exceeds the
organization's risk tolerance; 2) risks (or some portion) can be transferred at a lower cost; 3)
risks should be apportioned based on an agreement, and 4) it is required by regulation
Insurance - ANSWER Risk-transfer mechanism that ensured full or partial financial com-
pensation for the loss, damage and legal obligations of a policyholder or beneficiary
PESTLE analysis - ANSWER Political, Economic, Social, Technological, Legal and Environ-
mental and identifies the categories utilized to analyze internal and external environments.
Risk - ANSWER The effect of uncertainty on objectives
Chance of Something happening that has an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as discovered
Risk appetite - ANSWER The total exposed amount that an organization wishes to under-
take on the basis of risk-return trade-offs for one or more desired and expected outcomes
how much risk the company will take on
linked to rewards (risk-return trade-offs)
express qualitatively or quantitively
Risk attitude - ANSWER An organization's or individuals' view/perspective of the per-
ceived qualitative and quantitative value that may be gained in comparison to the related
potential loss or losses.
Risk culture - ANSWER The beliefs, values, norms and traditions of behavior of individuals
and groups within an organization that determine the way in which they identify, under-
stand, discuss and act on the risk(s) the organization confronts and takes.
3
against external standards of reference that frequently come from similar organizations do-
ing similar things.
Corporate governance - ANSWER The system of rules, practices and processes by which a
company is directed and controlled
Enterprise risk management - ANSWER A strategic discipline that supports the achieve-
ment of an organization's objectives by addressing the full spectrum of its risk and managing
the combined impact of those risks as an interrelated risk portfolio.
Strategy: Consider all risks and exploit risks as part of strategy
Measurement: Include Upside of Risk (Bugalla and Kugler)
Look at building, expanding, exploiting to add value
Push and Pull risk performance data
This approach is Coordinated & Strategic
Gap analysis - ANSWER Comparison of an existing process or procedure to recognized
standards in order to identify deficiencies or excesses in the existing process.
Technique that can be used to determine what steps might need to be taken to improve the
organization's capacity to move from a current state to a desired future state.
1
,Key performance indicator (KPI) - ANSWER An activity that signals the achievement of or-
ganizational objectives
Key risk indicator (KRI) - ANSWER A measurement of how risk and volatility relate to
achieving organizational objectives
Designed to manage the downside of risk
Leading indicators of risk to business performance; giving early warning of potential risk
early signal of changes in risk exposures in various areas of the enterprise
Risk Metrics - ANSWER Integrated into the performance objectives of the organization for
monitoring risks
Examples: KPIs and KRIs
Indemnification - ANSWER Contractual obligation placed on the indemnifier to return the
indemnified to essentially the same financial condition that existed prior to the loss or claim,
to stand in as the source for financing the legal liability
Contractual Risk Transfer - ANSWER A legally binding agreement between two parties
whereby one agrees to indemnify and hold another party harmless for specified actions, in-
actions, injuries or damages
Hold Harmless - ANSWER wording that requires one party to shield the other party from
the effects of the legal liability assignable to transfer or obligor
2
, Risk Transfer/Sharing - ANSWER Action taken when 1) costs of retaining risks exceeds the
organization's risk tolerance; 2) risks (or some portion) can be transferred at a lower cost; 3)
risks should be apportioned based on an agreement, and 4) it is required by regulation
Insurance - ANSWER Risk-transfer mechanism that ensured full or partial financial com-
pensation for the loss, damage and legal obligations of a policyholder or beneficiary
PESTLE analysis - ANSWER Political, Economic, Social, Technological, Legal and Environ-
mental and identifies the categories utilized to analyze internal and external environments.
Risk - ANSWER The effect of uncertainty on objectives
Chance of Something happening that has an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as discovered
Risk appetite - ANSWER The total exposed amount that an organization wishes to under-
take on the basis of risk-return trade-offs for one or more desired and expected outcomes
how much risk the company will take on
linked to rewards (risk-return trade-offs)
express qualitatively or quantitively
Risk attitude - ANSWER An organization's or individuals' view/perspective of the per-
ceived qualitative and quantitative value that may be gained in comparison to the related
potential loss or losses.
Risk culture - ANSWER The beliefs, values, norms and traditions of behavior of individuals
and groups within an organization that determine the way in which they identify, under-
stand, discuss and act on the risk(s) the organization confronts and takes.
3
