Risk Management Strategies and Frameworks, Exams of Human Resource Management

Download Risk Management Strategies and Frameworks and more Exams Human Resource Management in PDF only on Docsity!

SHRM Certified Professional CP Risk

Management Interpersonal 2024 Exam

Review Questions and Answers 100% Pass

| Graded A+

Administrator [Date] [Course title]

1. Significant differ- ences between ISO 31000 and **COSO

2. Risk Manage-** **ment
3. Risk manage-** ment strategies 1.COSO tends to be more compliance-oriented, while ISO is more proactive and is applicable to a broader range of organizations. 2. COSO focuses traditional definition of stakeholders (owners/shareholders), while ISO reflects a more contem- porary focus on organizational stakeholders. 3. COSO risk = adverse, ISO Risk = uncertainty "coordinated activities to direct and control an organiza- tion with regard to risk." designed to change the probability of a risk event occur- ring and/or the degree of its impact on the organization's objectives
4. Risk Control An action taken to manage a risk 5. COSO Enterprise Risk Manage- **ment
5. Benefits of Risk** Management to **Organization
6. Barriers to** Risk Management created in the U.S., primarily for the needs of the financial industry and to support financial auditing, (used as frame- work for ISO) 1. Support Strategy 2. Better response to Risk 3. Consistent Response & Better predictability 4. Efficiencies/Opportunities better identified and seized 5.Better understanding and management of the interrela- tionships between Risks 1. Structural - Silo Structures overlook dependencies

3.Cultural - type of mindsets that are sought, instilled and rewarded

8. Known knowns events that are to be expected and so involve little uncer- tainty 9. Known un- knowns 10.Unknown un- known uncertainties that we know exist but we don't know much about their probability or impact risks that we don't know exist. They are the events that "blindside" an organization
9. "Black swans" are unforeseen "outlier" events that are extremely rare, have a major impact, and, when viewed in hindsight, are reasonably predictable 12.unknown knowns 13.ISO Risk Man- agement Frame- work risks we mistakenly think we understand.
   1. Management commitment
   2. Design of a framework for managing risk
   3. Implementing risk management
   4. Periodic monitoring and review of the framework
   5. Continual improvement of the framework
10. Risk Position the organization's desired gain or loss in value 15.Risk Appetite & Risk Tolerance the amount of uncertainty the organization is willing to pursue or to accept to attain its risk management goals Appetite= acceptable or not Tolerance = defined range
11. Moral hazard when one party engages in risky behavior knowing that it is protected against the risk because another party will incur any resulting loss

17.Principal-Agent Problem arises when an agent (such as an employee) makes deci- sions or takes actions on behalf of a principal (an employer

protect them from foreseeable injury

25. Risk Matrix a simple grid in which the horizontal axis represents the probability that an event will occur and the vertical axis

relates to the severity of the impact on the organization or function if the event occurs

26. Risk Scorecard a tool used to gather individual assessments of various characteristics of risk (e.g., frequency of occurrence, de- gree of impact/loss/gain for the organization, degree of efficacy of current controls)
27. PAPA model Likelihood vs. Speed of change Prepare - Fast & unlikely Act - Fast & likely Park - Slow & unlikely Adapt - Slow and likely 28.Key Risk Indica- tors (KRIs) metrics that "provide an early signal of increasing risk exposures in the various areas of an enterprise." KRIs are strategically aligned with key initiatives or strate- gic objectives. developed by considering the root causes of risks and intermediate events that signal changes
28. Risk Register documents information about and responsibility

31.Eliminate Uncer- tainty 32.Redefine Owner- ship 33.Increase or De- crease Effect Optimize positive, Avoid negative Share positive, transfer egative Enhance positive, Decrease negative

34. Take No Action Accept positive, Ignore negative
35. Residual Risk the amount of uncertainty that remains after all risk man- agement efforts have been exhausted
36. contingency plan protocol that an organization implements when an identi- fied risk event occurs.
37. Secondary Risk Risk caused by a risk management tactic 38.Key Responsibil- ity of HR 39.Key responsibili- ties for advanced

1.Directly or indirectly developing, implementing and over- seeing the execution of programs, practices, and poli- cies that mitigate risk and support organizational success (e.g., appropriate use of technology, fiduciary responsibil- ity, fraud, theft, workplace safety and security, workplace violence).

2. Maintaining accountability for recording and reporting workplace safety compliance.
3. Developing crisis management and contingency plans for the HR function and the organization. 4.Designing and implementing continuity plans for the HR function and the organization. 5.Communicating critical information about risk mitigation to all stakeholders. 6.Communicating information about workplace safety and security issues to all levels of employees.
4. Auditing risk management activities.
5. In conjunction with other leaders, developing and im- plementing a comprehensive strategy to address and mit- HR professionals igate risk on a global basis.

45.Categories of Risk - ISO

(-) ISO

(-) Kaplan and Mikes's Categories (-) COSO Risk Management Framework (-) Known Known (-) Known Unknown (-) Unknown Unknown

46.Categories of Risk - HR

47. ISO 11 Principles
48. Management (-) applying an appropriate appetite for risk, commitment - (-) managing risks in a way that protects and enhances Org's framework stakeholder interests, (-) rewarding individuals in a way that is consistent with risk management goals
49. Design of a (-) the organization's governance layer of explicit policies framework for and processes designed to fulfill those policies. managing risk - (-) the organization's ethics and values, Org's framework (-) the examples of the organization's leaders, and the culture created by the pattern of decisions and behaviors of everyone in the organization.
50. Implementing to determine the management approach for specific risks risk management - Org's framework
51. Continual im- (-) realigning the framework to a new organizational strat- provement of egy for risk management, the framework - (-) making the framework more responsive to emerging

53. Risk Criteria set a risk position for each of the risk categories they have defined
54. risk position The risk position can be defined as the organization's desired gain or loss in value 55.risk position in- fluence by 56.risk appetite and risk tolerance 57.Risk appetite and tolerance are af- fected by other factors 58.Examples of mis- aligned risks (-) risk appetite and risk tolerance the amount of uncertainty the organization is willing to pursue or to accept to attain its risk management goals (-) The organization's strategic goals and the degree to which risk will help achieve those goals (-) The organization's characteristic attitude toward risk, (-) The organization's resources or risk capacity (-) Externally imposed requirements Moral Hazard Principal-Agent Problem Conflict of interest
55. Moral Hazard Moral hazard exists when one party engages in risky behavior knowing that it is protected against the risk be- cause another party will incur any resulting loss. Insur- ance, for example, can have the unintended consequence of creating moral hazard by incentivizing people to act more recklessly than they would have had they not had Risk Manage- ment Process

insurance.

60. Duplicate Duplicate risks may mean wasted resources and burden- some reporting that could discourage compliance.
61. Overlapping (-) could lead to incomplete management of a risk, (-) conflicts among the different owners of the risk,

68.Risk Prioritiza- tion matrix - PAPA model 69.69.

Risk Register in- clude informa- tion 70.Approach - Re- sponses to Up- side and Down- side Risks 71.Risk Manage- ment Plan 72.Defining Risk Management Per- formance Objec- tives 73.Crisis Manage- ment Planning and Readiness Process 74.Develop Contin- gency Plans.