Book contents
- Frontmatter
- Contents
- Preface
- 1 An Introduction to Enterprise Risk Management
- 2 Types of Financial Institution
- 3 Stakeholders
- 4 The Internal Environment
- 5 The External Environment
- 6 Process Overview
- 7 Definitions of Risk
- 8 Risk Identification
- 9 Some Useful Statistics
- 10 Statistical Distributions
- 11 Modelling Techniques
- 12 Extreme Value Theory
- 13 Modelling Time Series
- 14 Quantifying Particular Risks
- 15 Risk Assessment
- 16 Responses to Risk
- 17 Continuous Considerations
- 18 Economic Capital
- 19 Risk Frameworks
- 20 Case Studies
- 21 Solutions to Questions
- References
- Index
17 - Continuous Considerations
Published online by Cambridge University Press: 12 August 2017
- Frontmatter
- Contents
- Preface
- 1 An Introduction to Enterprise Risk Management
- 2 Types of Financial Institution
- 3 Stakeholders
- 4 The Internal Environment
- 5 The External Environment
- 6 Process Overview
- 7 Definitions of Risk
- 8 Risk Identification
- 9 Some Useful Statistics
- 10 Statistical Distributions
- 11 Modelling Techniques
- 12 Extreme Value Theory
- 13 Modelling Time Series
- 14 Quantifying Particular Risks
- 15 Risk Assessment
- 16 Responses to Risk
- 17 Continuous Considerations
- 18 Economic Capital
- 19 Risk Frameworks
- 20 Case Studies
- 21 Solutions to Questions
- References
- Index
Summary
Introduction
The previous chapters have outlined the stages that comprise a risk management process. However, as well as following these stages a number of activities should be carried out on a continuous basis. These can be summarised as:
• documentation;
• communication; and
• audit.
Documentation refers to the process by which all aspects of the risk management process are recorded, whilst communication refers to collation and circulation of information, both within an organisation and between that organisation and outside agencies. The final process, audit, covers the ongoing validation of the risk management process.
Whilst the scope of documentation and audit are relatively straightforward, communication covers a wide range of overlapping areas. The systems used to keep track of information could be described as monitoring, whilst the circulation of key items of risk information is also referred to as reporting. However, rather than try to separate these items arbitrarily, they are included in the same section.
Documentation
Risk registers and their roles in the identification of risk have already been discussed in Chapter 8. However, it is important to document the risk management process much more broadly. This means that the reasoning behind the process as a whole should be documented. However, there should also be adequate documentation of all decisions taken, and the reasons for those decisions.
The development of all systems should also be documented in detail, so that any future development can be carried out more easily. This is also true for financial models, the assumptions that they use and the data employed in calculations. As well as recording this information, the reasons for the choices made should also be clearly set out.
Finally, information on risk management failures should also be recorded in a risk incident log. This should refer to the nature of the failure and the financial implication. Information on whether it was caused by a failure to follow process or despite the controls that were in place should also be recorded. This is partly to help assess the effectiveness of the risk management process, but also to inform future developments.
Not absolutely every detail can be recorded, but there should be sufficient information to understand the background to any decisions made.
- Type
- Chapter
- Information
- Financial Enterprise Risk Management , pp. 476 - 480Publisher: Cambridge University PressPrint publication year: 2017