Nội dung text LM06 Introduction to Risk Management IFT Notes.pdf
LM06 Introduction to Risk Management 2025 Level I Notes © IFT. All rights reserved 4 4. Risk Governance: An Enterprise View 4.1 An Enterprise View of Risk Governance Risk governance is a top-down process that defines risk tolerance and provides guidance to align risk with enterprise goals. It includes guidance on unacceptable risks and worst losses that can be tolerated. An enterprise risk management perspective deals with the whole organization. The governing body drives the risk framework in the following ways: It determines the goals of the organization. It is responsible for providing risk oversight to ensure that value is maximized. It determines the risk tolerance level; which risks are acceptable, which risks to mitigate, and which risks are unacceptable. The process includes guidance on worst losses that can be tolerated for every scenario. Elements of good risk governance are as follows: To provide a forum where management can discuss the risk framework and key issues that come up during execution. Form a risk governance committee to oversee the implementation of the framework at an operational level relative to the high level oversight by the governance body. Appoint a chief risk officer (CRO) to build and implement the risk framework for the entire enterprise. 5. Risk Tolerance Risk tolerance identifies the extent of losses an organization is willing to experience. Risk tolerance focuses on the appetite for risk of an organization in its pursuit of achieving goals and maximizing value. The process involves defining: Which risks are acceptable and which risks are not acceptable? How much risk can the entity be exposed to? The risk tolerance decision begins with two different analyses: Inside view: What shortfalls within the organization will cause it to fail or not achieve certain goals? Outside view: What uncertain forces is the organization exposed to? Using these two views in conjunction, the board will: Define which risks to take and which risks not to take. Determine the risk appetite: how much of these risks to take. Communicate risk tolerance before a crisis. Provide a high-level guidance to management in strategizing and choosing activities. There are no standard formulas to determine the risk tolerance of a company. Some of the factors that will help a board determine its risk appetite are as follows: