Efnisyfirlit

• Cover
• Halftitlepage
• Titlepage
• Dedication
• Contents
• List of figures
• List of tables
• List of case studies
• Foreword by Stephen Sidebottom
• Acknowledgements
• Introduction
• Risk management in context
• Nature of risk
• Risk management
• Risk management terminology
• Benefits of risk management
• Features of risk management
• Book structure
• Risk management in practice
• Future for risk management
• Changes for the sixth edition
• Part One Introduction to risk management
• Learning outcomes
• Further reading
• Case studies
• 01 What risk is and why it is important
• Definitions of risk
• Types of risks
• Risk description
• Levels of risk
• Classification systems
• Risk likelihood and impact
• Why understanding risk is important
• Impact of hazard risks
• Attachment of risks
• Risk and reward
• Attitudes to risk
• Risk and triggers
• Notes
• 02 Risk is an opportunity as well as a threat
• Four types of risk
• Timescale of risk impact
• Minimize compliance risks
• Mitigate hazard risks
• Manage uncertainty (or control) risks
• Embrace opportunity risks
• 03 Managing risk: The background, principles and aims of risk management
• Origins of risk management
• Taking calculated risks
• Specialist areas of risk management
• Enterprise risk management
• Levels of risk management sophistication
• Principles of risk management
• Objectives of risk management
• Risk management activities
• Effective and efficient core processes
• Implementing risk management
• Achieving benefits
• Risk management drives and enables activities
• Notes
• 04 Risk management standards
• Use of risk management standards for listed companies
• Risk management process
• Context
• The standards in more detail
• Updating of RM terminology
• Note
• 05 Risk management in context
• Scope of the context
• External context
• Internal context
• Risk management context
• Designing a risk register
• Using a risk register
• The future for risk registers
• Part Two Enterprise risk management
• Learning outcomes
• Further reading
• Case studies
• 06 Enterprise risk management
• Enterprise-wide approach
• Definitions of ERM
• ERM in practice
• ERM and business continuity management
• Integrating strategy and performance
• Note
• 07 Implementing enterprise risk management
• Investment in change
• A worthwhile change
• Integrating processes, reviewing and improving
• Plan, implement, measure and learn (PIML)
• Notes
• 08 The context for ERM
• Changing face of risk management
• Lessons from the past: Financial and health crises
• The power of taking risks
• Managing emerging risks
• Increasing importance of resilience
• Note
• 09 Setting objectives for ERM
• Risk management standards and objectives
• Strategy and objectives in standards
• Implementing objectives
• Aligning objectives to risk management principles
• Notes
• Part Three Assessment and analysis
• Learning outcomes
• Further reading
• Case studies
• 10 Assessing risks: Considerations, causes and consequences
• Importance of risk assessment
• Approaches to risk assessment
• Risk assessment techniques
• Nature of the risk matrix
• Risk perception
• Attitude to risk
• 11 Classifying risks
• Risk classification systems
• Time to impact
• Examples of risk classification systems
• FIRM risk scorecard
• PESTLE risk classification system
• Compliance, hazard, control and opportunity
• 12 Analysing risks: The dimensions of risk
• Levels of risk
• Inherent and current level of risk
• Control confidence
• 4Ts of hazard risk response
• Risk significance
• Risk capacity
• Evaluating risks: Risk appetite
• Note
• 13 Controlling the downside of risk
• Risk likelihood
• Risk magnitude
• Hazard risks
• Loss prevention
• Damage limitation
• Cost containment
• 14 Maximizing the upside of risk
• Defining the upside
• Opportunity assessment
• Riskiness index
• Upside in strategy
• Upside in projects/programmes
• Upside in operations
• Upside of compliance risks
• Note
• Part Four Risk response
• Learning outcomes
• Further reading
• Case studies
• 15 Managing and responding to risk
• The 4Ts of hazard response
• Strategic risk response
• 16 Risk treatment controls for hazard risks
• Types of controls
• Cost of risk controls
• 17 Ongoing monitoring and review
• The importance of monitoring
• Frequency
• Process
• Reporting
• Responsibility
• 18 Insurance and risk transfer
• History of insurance
• Transferring the financial consequences of risk
• Types of insurance cover
• Evaluation of insurance needs
• Purchase of insurance
• Captive insurance companies
• 19 Surviving shocks and disruption: ERM, BCP and resilience
• VUCA
• Business continuity planning and resilience
• Business continuity planning
• Business continuity standards
• Successful business continuity
• Business impact analysis
• Resilience, business continuity and ERM
• Civil emergencies
• Notes
• Part Five Organizational environment
• Learning outcomes
• Further reading
• Case studies
• 20 Business and the risk environment
• Dynamic business models
• Types of business processes
• Strategy and tactics
• Effective and efficient operations
• Ensuring compliance
• Reporting performance
• 21 The organization’s business model, visions and values
• Components of the business model
• Risk management and the business model
• Ethics and corporate governance
• CSR and risk management
• Supply chain and ethical trading
• Importance of reputation
• Notes
• 22 How risk management adds value
• What is the evidence?
• Improved performance and key risk indicators
• The benefits of an ERM approach
• Climate change as a key risk
• Becoming more strategic
• Notes
• Part Six Risk strategy and culture
• Learning outcomes
• Further reading
• Case studies
• 23 Risk architecture and strategy
• Architecture, strategy and protocols
• Risk architecture
• Risk management strategy
• Risk management protocols
• Risk management manual
• Risk management documentation
• 24 Roles, responsibilities and documentation
• Allocation of responsibilities
• Range of responsibilities
• Statutory responsibilities of management
• Role of the risk manager
• Risk architecture in practice
• Risk committees
• 25 Culture and behaviours
• Styles of risk management
• Steps to successful risk management
• Defining risk culture
• Measuring risk culture
• Alignment of activities
• Risk maturity models
• 26 Risk appetite and tolerance
• Nature of risk appetite
• Risk appetite and the risk matrix
• Risk and uncertainty
• Risk exposure and risk capacity
• Risk appetite statements
• Risk appetite and lifestyle decisions
• Note
• 27 Risk training and communication
• Consistent response to risk
• Risk training and risk culture
• Risk information and communication
• Shared risk vocabulary
• Technology to support risk management process and procedures
• Risk management information systems
• 28 Risk practitioner competencies
• Competency frameworks
• Range of skills
• Communication skills
• Relationship skills
• Analytical skills
• Management skills
• Part Seven Corporate governance and risk management
• Learning outcomes
• Further reading
• Case studies
• 29 Introducing corporate governance
• Corporate governance
• OECD principles of corporate governance
• Future direction of corporate governance
• London Stock Exchange corporate governance framework
• Corporate governance for a financial services organization
• Corporate governance for a government agency
• Evaluation of board performance
• Notes
• 30 Stakeholders, ethics and corporate social responsibility
• Range of stakeholders
• Stakeholder dialogue
• Stakeholders and core processes
• Stakeholders and strategy
• Stakeholders and tactics
• Stakeholders and operations
• Notes
• 31 Different approaches to risk management
• Operational risk management
• Project risk management
• Supply chain risk management
• Note
• Part Eight Risk assurance and reporting
• Learning outcomes
• Further reading
• Case studies
• 32 The control environment
• Nature of internal control
• Resilience of the organization in the event of external shock
• Purpose of internal control
• Control environment
• Features of the control environment
• Expectations of internal control
• CoCo framework of internal control
• Good safety culture
• The future for control processes
• Note
• 33 Internal audit activities
• Scope of internal audit
• Role of internal audit
• Undertaking an internal audit
• Risk management and internal audit
• Management responsibilities
• Five lines of assurance
• 34 Risk assurance techniques
• Audit committees
• Role of risk management
• Risk assurance
• Risk management outputs
• Control risk self-assessment
• Benefits of risk assurance
• 35 Reporting on risk management
• Risk reporting
• Sarbanes-Oxley Act of 2002
• Risk reports by US companies
• Charities’ risk reporting
• Public sector risk reporting
• Government report on national security
• Notes
• Appendix A: Abbreviations and acronyms
• Appendix B: Glossary of terms
• Index
• Copyright