Efnisyfirlit

• Cover
• Dedication
• Title Page
• Contents
• List of figures
• List of tables
• Foreword
• Acknowledgements
• Introduction
• PART ONE Introduction to risk management
• Learning outcomes for Part One
• Part One further reading
• Part One case studies
• Rank Group: How we manage risk
• ABIL: Risk management overview
• BIS: Approach to risk
• 01    Approaches to defining risk
• Definitions of risk
• Types of risks
• Risk description
• Inherent level of risk
• Risk classification systems
• Risk likelihood and magnitude
• 02    Impact of risk on organizations
• Level of risk
• Impact of hazard risks
• Attachment of risks
• Risk and reward
• Attitudes to risk
• Risk and triggers
• 03    Types of risks
• Timescale of risk impact
• Four types of risk
• Embrace opportunity risks
• Manage uncertainty risks
• Mitigate hazard risks
• Minimize compliance risks
• 04    Scope of risk management
• Origins of risk management
• Development of risk management
• Specialist areas of risk management
• Simple representation of risk management
• Enterprise risk management
• Levels of risk management sophistication
• 05    Principles and aims of risk management
• Principles of risk management
• Importance of risk management
• Risk management activities
• Effective and efficient core processes
• Implementing risk management
• Achieving benefits
• PART TWO Approaches to risk management
• Learning outcomes for Part Two
• Part Two further reading
• Part Two case studies:
• United Utilities: Our risk management framework
• Birmingham City Council: Scrutiny, accountability and risk management
• Tsogo Sun: Risk management process
• 06    Risk management standards
• Scope of risk management standards
• Risk management process
• Risk management context
• COSO ERM cube
• Features of RM standards
• Updating of existing standard
• 07    Establishing the context
• Scope of the context
• External context
• Internal context
• Risk management context
• Designing a risk register
• Using a risk register
• 08    Enterprise risk management
• Enterprise-wide approach
• Definitions of ERM
• ERM in practice
• ERM and business continuity
• ERM in energy and finance
• Future development of ERM
• 09    Alternative approaches
• Changing face of risk management
• Managing emerging risks
• Increasing importance of resilience
• Different approaches
• Structure of management standards
• Future of risk management
• PART THREE Risk assessment
• Learning outcomes for Part Three
• Part Three further reading
• Part Three case studies:
• AA: Risk governance
• British Land: Our assessment of risk is a cornerstone
• Guide Dogs NSW/ACT: List of major residual risks
• 10    Risk assessment considerations
• Importance of risk assessment
• Approaches to risk assessment
• Risk assessment techniques
• Nature of the risk matrix
• Risk perception
• Attitude to risk
• 11    Risk classification systems
• Short-, medium- and long-term risks
• Nature of risk classification systems
• Examples of risk classification systems
• FIRM risk scorecard
• PESTLE risk classification system
• Compliance, hazard, control and opportunity
• 12    Risk analysis and evaluation
• Application of a risk matrix
• Inherent and current level of risk
• Control confidence
• 4Ts of hazard risk response
• Risk significance
• Risk capacity
• 13    Loss control
• Risk likelihood
• Risk magnitude
• Hazard risks
• Loss prevention
• Damage limitation
• Cost containment
• 14    Defining the upside of risk
• Upside of risk
• Opportunity assessment
• Riskiness index
• Upside in strategy
• Upside in projects
• Upside in operations
• PART FOUR Risk response
• Learning outcomes for Part Four
• Part Four further reading
• Part Four case studies:
• Intu Properties: Insurance renewal
• The Walt Disney Company: Disclosures about market risks
• Australian Mines Limited: Risk assessment and management
• 15    Tolerate, treat, transfer and terminate
• The 4Ts of hazard response
• Tolerate risk
• Treat risk
• Transfer risk
• Terminate risk
• Strategic risk response
• 16    Risk control techniques
• Types of controls
• Hazard risk zones
• Preventive controls
• Corrective controls
• Directive controls
• Detective controls
• 17    Insurance and risk transfer
• Importance of insurance
• History of insurance
• Types of insurance cover
• Evaluation of insurance needs
• Purchase of insurance
• Captive insurance companies
• 18    Business continuity
• Business continuity management
• Business continuity standards
• Successful business continuity
• Business impact analysis (BIA)
• Business continuity and ERM
• Civil emergencies
• PART FIVE Risk strategy
• Learning outcomes for Part Five
• Part Five further reading
• Part Five case studies:
• AMEC Foster Wheeler: Principal risks and uncertainties
• BBC: Internal controls assurance
• Emperor Watch & Jewellery: Risk management
• 19    Core business processes
• Dynamic business models
• Types of business processes
• Strategy and tactics
• Effective and efficient operations
• Ensuring compliance
• Reporting performance
• 20    Reputation and the business model
• Components of the business model
• Risk management and the business model
• Reputation and corporate governance
• CSR and risk management
• Supply chain and ethical trading
• Importance of reputation
• 21    Risk management context
• Architecture, strategy and protocols
• Risk architecture
• Risk management strategy
• Risk management protocols
• Risk management manual
• Risk management documentation
• 22    Risk management responsibilities
• Allocation of responsibilities
• Range of responsibilities
• Statutory responsibilities of management
• Role of the risk manager
• Risk architecture in practice
• Risk committees
• 23    Control of selected hazard risks
• Cost of risk controls
• Learning from controls
• Control of financial risks
• Control of infrastructure risks
• Control of reputational risks
• Control of marketplace risks
• PART SIX Risk culture
• Learning outcomes for Part Six
• Part Six further reading
• Part Six case studies:
• Network Rail: Our approach to risk management
• Ekurhuleni Metropolitan Municipality (EMM): Risk management
• Ericsson: Corporate governance report
• 24    Risk-aware culture
• Styles of risk management
• Steps to successful risk management
• Defining risk culture
• Measuring risk culture
• Alignment of activities
• Risk maturity models
• 25    Importance of risk appetite
• Nature of risk appetite
• Risk appetite and the risk matrix
• Risk and uncertainty
• Risk exposure and risk capacity
• Risk appetite statements
• Risk appetite and lifestyle decisions
• 26    Risk training and communication
• Consistent approach to risk
• Risk training and risk culture
• Risk information and communication
• Shared risk vocabulary
• Risk information on an intranet
• Risk management information system (RMIS)
• 27    Risk practitioner competencies
• Competency frameworks
• Range of skills
• Communication skills
• Relationship skills
• Analytical skills
• Management skills
• PART SEVEN Risk governance
• Learning outcomes for Part Seven
• Part Seven further reading
• Part Seven case studies:
• Severn Trent Water: Our approach to risk
• Tim Hortons: Sustainability and responsibility
• DCMS: Capacity to handle risk
• 28    Corporate governance model
• Corporate governance
• OECD principles of corporate governance
• LSE corporate governance framework
• Corporate governance for a bank
• Corporate governance for a government agency
• Evaluation of board performance
• 29    Stakeholder expectations
• Range of stakeholders
• Stakeholder dialogue
• Stakeholders and core processes
• Stakeholders and strategy
• Stakeholders and tactics
• Stakeholders and operations
• 30    Operational risk management
• Operational risk
• Definition of operational risk
• Basel II and Basel III
• Measurement of operational risk
• Difficulties of measurement
• Developments in operational risk
• 31    Project risk management
• Introduction to project risk management
• Development of project risk management
• Uncertainty in projects
• Project lifecycle
• Opportunity in projects
• Project risk analysis and management
• 32    Supply chain management
• Importance of the supply chain
• Scope of the supply chain
• Strategic partnerships
• Joint ventures
• Outsourcing of operations
• Risk and contracts
• PART EIGHT Risk assurance
• Learning outcomes for Part Eight
• Part Eight further reading
• Part Eight case studies:
• Unilever: Our risk appetite and approach to risk management
• Colgate Palmolive: Damage to reputation
• Sainsbury’s and Tesco: Principal risks and uncertainties
• 33    The control environment
• Nature of control environment
• Purpose of internal control
• Control environment
• Features of the control environment
• CoCo framework of internal control
• Good safety culture
• 34    Risk assurance techniques
• Audit committees
• Role of risk management
• Risk assurance
• Risk management outputs
• Control risk self-assessment
• Benefits of risk assurance
• 35    Internal audit activities
• Scope of internal audit
• Role of internal audit
• Undertaking an internal audit
• Risk management and internal audit
• Management responsibilities
• Five lines of assurance
• 36    Reporting on risk management
• Risk reporting
• Sarbanes–Oxley Act of 2002
• Risk reports by US companies
• Charities’ risk reporting
• Public-sector risk reporting
• Government report on national security
• Appendix A: Abbreviations and acronyms
• Appendix B: Glossary of terms
• Appendix C: Implementation guide
• Index
• Copyright