Mastering Risk Management

Mastering Risk Management

by Tony Blunden, John Thirlwell
Released January 2022
Publisher(s): Pearson Education
ISBN: 9781292331300

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Tony Blunden is an Executive Director of Chase Cooper Limited, a risk management solutions company that provides solutions for enterprise risk including broad risk management approaches such as Sarbanes-Oxley. He heads its consultancy division and has worked with over 250 international organisations. During his over 30 years in risk management he has spoken at over 100 international conferences and contributed to a wide variety of publications, all on risk management. He is an Honorary Professor at Glasgow Caledonian University and a Fellow of the Institute of Chartered Secretaries and Administrators, the Governance Institute.

John Thirlwell has worked in financial services in the City of London, both an executive and non-executive director on banking and insurance boards for over 30 years. He is currently non-executive Chair of the Board of a consumer credit company and a board adviser on risk management. He was Chief Risk Officer and a director of an investment bank and was a director of the British Bankers’ Association where he was responsible for negotiating risk aspects of the Basel Capital Accord and EU Capital Requirements Directive. He founded and chaired the BBA’s Global Operational Loss Database.

Table of contents

  1. Cover Page
  2. Title Page
  3. Contents
  4. About the authors
  5. Publisher’s acknowledgements
  6. Preface
  7. PART 1: Setting the scene
    1. 1 What Do We Mean by Risk Management?
      1. Introduction
      2. Defining risk
      3. Cause and effect
      4. External risks and horizon scanning
      5. Integrated risk management
      6. Summary
    2. 2 Business Benefits of Risk Management
      1. Introduction: why risk management?
      2. Benefits of getting risk management right
      3. What keeps management awake
      4. Risk management as a marketing tool
      5. Business optimisation
      6. Summary
    3. 3 Risk Management and Culture
      1. Introduction: the challenge
      2. What do we mean by organisational culture?
      3. Culture and risk culture
      4. Diversity, inclusion and culture
      5. Why risk management culture matters
      6. Embedding and sustaining risk management culture
      7. How do we know we’ve changed? Assessing and monitoring ­culture and change
      8. Independent assurance and internal audit
      9. Summary
    4. 4 Risk Appetite
      1. Introduction
      2. Risk profile, risk capacity and risk appetite
      3. Risk appetite in the business
      4. Quantitative and qualitative appetites
      5. Risk appetite components
      6. Risk appetite framework
      7. Risk appetite statement
      8. Risk appetite limits
      9. A practical approach to qualitative risk appetite limits
      10. Control appetite as a part of risk appetite
      11. Summary
  8. PART 2: Risk management tools
    1. 5 Implementing the Risk Management Framework
      1. Introduction
      2. Governance and leadership
      3. Getting buy -i n throughout the firm
      4. Risk management frameworks
      5. Risk policy
      6. Summary
    2. 6 Risk Management and Risk and Control Self -A ssessments
      1. Introduction
      2. The risk register
      3. Getting the level of assessment right
      4. Strategic risk assessments (risk assessments by another name!)
      5. Risk identification
      6. Risk assessment
      7. Mitigating risks (including risk transfer)
      8. Assessing risk management controls
      9. Control types and their effect on risks
      10. Challenging assessment scores
      11. Using the data for management -a ctionable risk appetite
      12. Summary
    3. 7 Risk Management and Indicators
      1. Introduction: what do we mean by key?
      2. Approaches to KRI identification
      3. Links between risks, controls, KRIs and KCIs
      4. Thresholds and risk appetite
      5. Predictive risk management indicators
      6. Reporting risk management KRI data
      7. Summary
    4. 8 Risk Management and Events
      1. Introduction
      2. Enterprise -w ide events and strategic events
      3. Collecting risk events
      4. Analysing risk events
      5. Gains and offsets
      6. Summary
    5. 9 Risk Management and Scenarios
      1. Introduction
      2. Why use scenarios?
      3. What’s the difference between scenarios and stress testing?
      4. Risk scenarios are much more than credit risk
      5. Scenario governance
      6. Developing risk scenarios
      7. Developing a set of practical scenarios
      8. Typical problems following scenario development
      9. Applying risk scenarios
      10. Summary
    6. 10 How Do You Model Risk Management Data?
      1. Introduction
      2. What business benefits can I get from modelling?
      3. How can we use modelling?
      4. Data requirements: using all four data sets for your modelling
      5. What is Monte Carlo simulation?
      6. How does confidence level and holding period affect the modelling?
      7. Is correlation and causation different?
      8. What is diversification?
      9. Summary
    7. 11 How Do You Challenge the Model?
      1. Introduction
      2. Parameters that affect the economic capital
      3. The tail problem
      4. Summary
    8. 12 Risk Management and Reporting
      1. Introduction: why reporting matters
      2. Communicating key messages and other common issues
      3. Basic principles
      4. User needs and report types
      5. Summary
  9. PART 3: The practical business side of risk management: what keeps management awake at night
    1. 13 Independent Assurance
      1. Introduction
      2. Independent assurance
      3. Internal and external assurance
      4. Internal audit and risk management oversight
      5. The role of internal audit
      6. Audit committees
      7. Effective internal audit
      8. Summary
    2. 14 People Risk Management
      1. Introduction – why it’s all about people
      2. The human resources department
      3. Elements of people risk management
      4. Safety and security
      5. Mitigating people risks
      6. Key people indicators
      7. Summary
    3. 15 Reputation Damage
      1. Introduction: what is reputation?
      2. Reputation and brand
      3. Stakeholders
      4. How can reputation be damaged?
      5. A framework for reputation management
      6. Reputation controls
      7. Managing intermediary reputation
      8. It won’t happen to me: what to do when it does
      9. Summary – The positives
    4. 16 Information Security and Cyber Risk Management
      1. Introduction
      2. Information security risk management framework
      3. Cyber risk management
      4. Summary
    5. 17 Business Survival and Recovery
      1. Introduction: ensuring survival
      2. Business survival and operational resilience
      3. Policy and governance
      4. Business impact analysis
      5. Threat and risk assessment
      6. The strategy and plan
      7. Testing the plan
      8. Maintenance and continuous improvement
      9. Summary
    6. 18 Third Parties, Outsourcing and Supply Chain Risk Management
      1. Introduction
      2. Deciding to outsource
      3. The outsourcing project – getting it right at the start
      4. Outsourcing – risk assessment
      5. Some tips on the request for proposal
      6. Selecting the supplier
      7. Some tips on Service Level Agreements
      8. Managing the outsourcing project
      9. Exit strategy
      10. Supply chains
      11. Third-party risk management
      12. Summary
  10. Notes
  11. Index

Product information

  • Title: Mastering Risk Management
  • Author(s): Tony Blunden, John Thirlwell
  • Release date: January 2022
  • Publisher(s): Pearson Education
  • ISBN: 9781292331300