eBook - ePub
Implementing Enterprise Risk Management
From Methods to Applications
James Lam
This is a test
Buch teilen
- English
- ePUB (handyfreundlich)
- Über iOS und Android verfügbar
eBook - ePub
Implementing Enterprise Risk Management
From Methods to Applications
James Lam
Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben
Über dieses Buch
A practical, real-world guide for implementing enterprise risk management (ERM) programs into your organization
Enterprise risk management (ERM) is a complex yet critical issue that all companies must deal with in the twenty-first century. Failure to properly manage risk continues to plague corporations around the world. ERM empowers risk professionals to balance risks with rewards and balance people with processes.
But to master the numerous aspects of enterprise risk management, you must integrate it into the culture and operations of the business. No one knows this better than risk management expert James Lam, and now, with Implementing Enterprise Risk Management: From Methods to Applications, he distills more than thirty years' worth of experience in the field to give risk professionals a clear understanding of how to implement an enterprise risk management program for every business.
- Offers valuable insights on solving real-world business problems using ERM
- Effectively addresses how to develop specific ERM tools
- Contains a significant number of case studies to help with practical implementation of an ERM program
While Enterprise Risk Management: From Incentives to Controls, Second Edition focuses on the "what" of ERM, Implementing Enterprise Risk Management: From Methods to Applications will help you focus on the "how." Together, these two resources can help you meet the enterprise-wide risk management challenge head on—and succeed.
Häufig gestellte Fragen
Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Implementing Enterprise Risk Management als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Implementing Enterprise Risk Management von James Lam im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Business & Finance. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.
Part One
ERM in Context
CHAPTER 1
Fundamental Concepts and Current State
INTRODUCTION
In October 1517, Ferdinand Magellan requested an investment of 8,751,125 silver maravedis from Charles I, King of Spain. His goal: to discover a westerly route to Asia, thereby permitting circumnavigation of the globe. The undertaking was extremely risky. As it turned out, only about 8 percent of the crew and just one of his four ships completed the voyage around the world. Magellan himself would die in the Philippines without reaching home.
What would motivate someone to undertake this kind of risk? After all, Magellan stood to gain only if he succeeded. But those long-term rewards, both tangible and intangible, were substantial: not only a percentage of the expedition's revenues, but also a 10-year monopoly of the discovered route, and numerous benefits extending from discovered lands and future voyages. What's more, he'd earn great favor with a future Holy Roman Emperor, not to mention fame and the personal satisfaction of exploration and discovery.
But I doubt that even all of these upsides put together would have convinced Magellan to embark on the voyage if he knew that it would cost him his life. As risky as the journey was, most risks that could arise likely appeared manageable. Magellan already had a great deal of naval experience and had previously traveled to the East Indies. He raised sufficient funding and availed himself of the best geographic information of the day.1
All in all, Magellan's preparations led him to the reasonable expectation that he would survive the journey to live in fame and luxury. In other words, by limiting his downside risk, Magellan increased the likelihood that he would reap considerable rewards and concluded that the rewards were worth the risk.
Whether taking out a loan or driving a car, we all evaluate risk in a similar way: by weighing the potential upsides and trying to limit the downsides. Like Magellan, anyone evaluating risk today is taking stock of what could happen if things don't go as planned. Risk measures the implications of those potential outcomes. In our daily lives, risk can cause deviation from our expected outcome and keep us from accomplishing our goals. Risk can also create upside potential. We will use a similar definition to define risk in business.
The purpose of this book is to provide the processes and tools to help companies optimize their risk profiles, but first we must have the necessary vocabulary for discussing risk itself. Then we can begin to construct a working model of an enterprise risk management (ERM) program, which we will flesh out over the course of this book. This chapter will cover the fundamental concepts and summarize ERM's history and current state of the art.
But first, some definitions.
WHAT IS RISK?
Risk can mean different things to different people. The word evokes elements of chance, uncertainty, threat, danger, and hazard. These connotations include the possibility of loss, injury, or some other negative event. Given those negative consequences, it would be natural to assume that one should simply minimize risks or avoid them altogether. In fact, risk managers have applied this negative definition for many years. Risk was simply a barrier to business objectives, and the object of risk management was to limit it. For this reason, risk models were designed to quantify expected loss, unexpected loss, and worst-case scenarios.
In a business context, however, risk has an upside as well as a downside. Without risk there would be no opportunity for return. A proper definition of risk, then, should recognize both its cause (a variable or uncertain factor) and its effect (positive and negative deviation from an expected outcome). Taken thus, I define risk as follows:
Risk is a variable that can cause deviation from an expected outcome, and as such may affect the achievement of business objectives and the performance of the overall organization.
To understand this definition more fully, we need to clarify seven key fundamental concepts. It is important not to confuse any of these with risk itself, but to understand how they influence a company's overall risk profile:
- Exposure
- Volatility
- Probability
- Severity
- Time Horizon
- Correlation
- Capital
Exposure
Risk exposure is the maximum amount of economic damage resulting from an event. This damage can take the form of financial and/or reputational loss. All other factors being equal, the risk associated with that event will increase as the exposure increases. For example, a lender is exposed to the risk that a borrower will default. The more it lends to that borrower, the more exposed it is and the riskier its position is with respect to that borrower. Exposure measurement is a hard science for some risks—those which result in direct financial loss such as credit and market risk—but is more qualitative for others, such as operational and compliance risk. No matter how it is measured, exposure is an evaluation of the worst–case scenario. Magellan's exposure consisted of the entire equity invested by King Charles I, his own life, and the lives of his crew.
Volatility
Volatility is a measure of uncertainty, the variability in potential outcomes. More specifically, volatility is the magnitude of the upside or downside of the risk taken. It serves as a good proxy for risk in many applications, particularly those dependent on market factors such as options pricing. In other applications it is an important driver of the overall risk in terms of potential loss or gain. Generally, the greater the volatility, the greater the risk. For example, the number of loans that turn bad is proportionately higher, on average, in the credit card business than in commercial real estate. Nonetheless, real estate lending is widely considered to be riskier, because the loss rate is much more volatile. Lenders can estimate potential losses in the credit card business (and prepare for them) with greater certainty than they can in commercial real estate. Like exposure, volatility has a specific, quantifiable meaning in some applications. In market risk, for example, it is synonymous with the standard deviation of returns and can be estimated in a number of ways. The general concept of uncertain outcomes is useful in considering other types of risk as well: A spike in energy prices might increase a company's input prices, for example, or an increase in the turnover rate of computer programmers might negatively affect a company's technology initiatives.
Probability
The more likely an event—in other words, the greater its probability—the greater the risk it presents. Events such as interest rate movements or credit card defaults are so likely that companies need to plan for them as a matter of course. Mitigation strategies should be an integral part of the business's ongoing operations. Take the case of a modern data center. Among potential risks are cyberattack and fire, with the probability of the latter considerably lower than that of the former. Yet should the data center catch fire, the results would be devastating. Imagine that the company maintains backup data as part of its cybersecurity program. Simply housing that data in a separate, geographically remote facility would address both risks at a cost only incrementally greater than addressing just one. As a result, the company can prepare for the highly unlikely but potentially ruinous event of fire.
Severity
Whereas exposure is defined in terms of the worst that could possibly happen, severity, by contrast, is the amount of damage that is likely to be suffered. The greater the severity, the greater the risk. Severity is the partner to probability: If we know how likely an event is to happen, and how much we are likely to suffer as a consequence, we have a pretty good idea of the risk we are running. Severity is used to describe a specific turn of events, whereas exposure is a constant which governs an entire risk scenario. Severity is often a function of other risk factors, such as volatility in market risk. For example, consider a $100 equity position. The exposure is $100, since the stock price could theoretically drop all the way to zero and the whole investment could be lost. In reality, however, it is not likely to fall that far, so the severity is less than $100. The more volatile the stock, the more likely it is to fall a long way—so the severity is greater and the position riskier. In terms of a credit risk example, the probability of default is driven by the creditworthiness of the borrower, whereas loss severity (i.e., loss in the event of default) is driven by collateral, if any, as well as the order of debt payment.
Time Horizon
Time horizon refers t...