|
Glossary
of
Risk Management Terms
ARM
Associate in Risk Management
Chief
Risk Officer (CRO)
Newer title denoting a senior manager with day-to-day oversight
of enterprise risk management.
Control
A process effected by our Governing Board, management, and
other personnel, designed to provide reasonable assurance
regarding the achievement of objectives relating to risks
MCCCD identifies.
COSO
Committee of Sponsoring Organizations of the Treadway Commission
Cost
of Risk
The financial impact of an organization from undertaking activities
with an uncertain outcome. The cost of managing risks and
incurring losses.
Enterprise
Risk Management (ERM)
a)
An integrated approach to assessing and addressing all risks
that threaten achievement of the organization's strategic
objectives. The purpose of ERM is to understand, prioritize,
and develop action plans to maximize benefits and mitigate
top risks. The ERM framework enables management, working
without silos, to collaboratively identify, assess, and
manage future risks and opportunities individually and across
the organization. Also known as holistic, strategic, or
integrated risk management.
b) ERM:
· is central to an organization's strategic management
· is focused on identifying and treating risks
· adds maximum sustainable value to all activities
· increases probability of success and minimizes
probability of failure
· is continuous; integrated with strategic planning
and plan implementation
· integrated with organizational culture and led
by senior management
· assigns responsibility throughout the organization;
in each job description
IIA
Institute of Internal Auditors
IIA
Insurance Institute of America
Impact
Result or effect of an event. There may be a range of possible
impacts associated with an event. The impact of an event can
be positive or negative relative to the entity's related objectives.
Inherent
Risk
The risk to an entity in the absence of any actions management
might take to alter either the risk's likelihood or impact.
Internal
Environment
Encompasses the tone of an organization, and sets the basis
for how risk is viewed and addressed by an entity, including
risk management philosophy and risk appetite, integrity and
ethical values, and the environment in which the organization
operates.
Liklihood
The possibility that a given event will occur.
Maricopa
Integrated Risk Assessment
(MIRA)
A new way of looking at risk. A project, committee, and initiative
which integrates ERM into MCCCD culture through education
and practice. MIRA blends concepts from both traditional risk
management and enterprise risk management in to a comprehensive
risk management program.
Metrics
Measuring the effectiveness and/or success of risk mitigation
strategies.
MIRA
Champion
Officer of the organization who takes personal responsibility
for the success of the MIRA initiative.
Monitoring
The entirety of risk management is monitored and modifications
made as necessary. Monitoring is accomplished through ongoing
management activities separate evaluations, or both.
NACUBO
National Association of College and University Business Officers
Opportunity
The possibility that an event will occur and positively affect
the achievement of objectives.
PRIMA
Public Risk Management Association
Residual
Risk
The remaining risk after management has taken action to alter
the risk's likelihood or impact.
RIMS
Risk and Insurance Management Society
Risk
a)The
combination of the probability of an event and its consequences.
Risk is inherent in all types of undertaking, and may carry
the potential for benefit or be a threat to success.
b)The opportunities, uncertainties, threats, or barriers
to which MCCCD must respond in order to achieve its objectives.
Risk
Acceptance
No action is taken to affect risk likelihood or impact.
Risk
Analysis
Identifying, describing and estimating risks, and developing
a risk profile.
Risk
Appetite
An organization's tolerance for risk. The broad-based amount
of risk MCCCD is willing to accept in pursuit of its mission
(or vision).
Risk
Assessment
Determining the impact of an identified risk on the organization.
Risks are assessed on an inherent and residual basis.
Risk
Assessment Tools
Instruments designed to assist employees in assessing and
evaluating risks when making decisions.
Risk
Avoidance
Avoiding the activities giving rise to risk.
Risk
Categories
External:
Exposure to uncertainty affecting the communities served
by MCCCD.
Financial: Exposure to uncertainty regarding the
management and control of the finances of the organization.
Hazard: Exposure to loss arising from damage to property
or from tortious acts; typically includes the perils covered
by insurance.
HR: Exposure to uncertainty related to compliance
with personnel policies and procedures, employee morale,
and organizational culture.
Legal/Regulatory Compliance: Exposure to uncertainty
related to laws, statutes, and administrative regulations
that govern how MCCCD operates.
Operational: Exposure to uncertainty related to day-to-day
business activities.
Reputational: Exposure to uncertainty related to
brand, perceived value, organizational status, and public
perception and trust.
Strategic: Exposure to uncertainty related to long-term
policy directions of the organization. "Big picture"
risks.
Risk
Control
A synonym for loss control in traditional risk management.
The technique of minimizing the frequency or severity of losses
with training, safety, and security measures.
Risk
Description
To display the identified risks in a structured format, for
example, by using a table.
Risk
Estimation
The use of a tool or system (quantitative or qualitative)
to determine probability of occurrence and consequences of
risks.
Risk
Evaluation
Comparing the results of Risk Estimation to established criteria
for the purpose of determining the significance of risks and
whether to accept them or treat them (see also Risk Mitigation
and Avoidance).
Risk
Financing
The mechanisms for funding risk mitigation strategies and/or
funding the financial consequences of risk (i.e., insurance).
Risk
Identification
The qualitative determination of risks that are material;
i.e., that potentially can impact he achievement of our objectives.
Risk
Management Advisory Committee (RMAC)
A sub-committee of MIRA charged with raising awareness of
and expanding traditional risk management initiatives in the
MCCCD.
Risk
Management Policy
An organization's written statement that sets out its approach
to an appetite for risk and its approach to risk management.
Risk
Mapping
The visual representation of risks (which have been identified
through a risk assessment exercise) in a way that easily allows
priority ranking them. This representation often takes the
form of a two-dimensional grid with probability on one axis
and impact on the other axis. The risks that fall in the high
probability/high impact quadrant are given priority risk management
attention.
Risk
Mitigation
Actions which reduce a risk or its consequences (see Risk
Strategies).
Risk
Nervous System
Comprehensive system for providing employees with risk-related
information, reporting and monitoring.
Risk
Portfolio
A list of risks identified and evaluated by an organization
(also called Risk Register) that represent our portfolio of
risks at a certain time.
Risk
Prioritization
The ranking of material risks on an appropriate scale, such
as frequency and/or severity (see also Risk Mapping)
Risk
Profile
The use of a tool or system to rate and/or prioritize a series
of risks.
Risk
Reduction
Action is taken to reduce risk likelihood or impact, or both.
Measures to reduce the frequency or severity of losses. May
include engineering, fire protection, safety inspections,
or claims management.
Risk
Register
A listing of an organization's risks (also called Risk Portfolio).
Risk
Response
Management selects risk responses-avoiding, accepting, reducing
or sharing risk-developing a set of actions to align risks
with the entity's risk tolerances and risk appetite.
Risk
Reporting
Publishing information on risks to internal or external stakeholders.
Risk
Sharing
Reducing risk likelihood or impact by transferring or otherwise
sharing a portion of the risk.
Risk
Strategies (see Risk Mitigation)
Possible responses to risk situations such as: Avoidance,
Acceptance, Sharing, Reduction
Risk
Tolerance
The acceptable variation relative to the achievement of an
objective.
Risk
Treatment
The process of selecting and implementing measures to modify
the risk.
Silo
Describes divisions, departments or other groups and individuals
in organizations that tend to act in isolation.
Tone
at the Top (See MIRA Champion)
Traditional
Risk Management
Original form of risk management focusing on insurable losses
and/or specific functional areas of an organization.
URMIA
University Risk Management and Insurance Association
|
