Application of Technical Analysis to P ...
Regardless of whether the strategy is top-down or bottom-up, technical analysis complements fundamental... Read More
Risk governance is the top-down process that directs and aligns risk management to support the goals of an enterprise. The governing body determines the goals and objectives of an organization and its risk appetite or tolerance. Risk tolerance helps in the determination of acceptable risks, risks that should be mitigated, and risks that are unacceptable.
Risk governance can be difficult. Effective risk governance, therefore, requires evident commitment from the governing body. It is important for the governing body to openly discuss risk, undertake scenario planning and evaluate the potential negative outcomes of the risk on the organization. This should happen not only after a crisis but also during periods of normalcy.
The risk governance process should focus on the entire enterprise (enterprise risk management) and consider the full spectrum of potential risks, not just quantitative risks.
Since risk management extends into daily operational management, it is good practice to establish a regular forum for the discussion of the risk framework and key issues at the management level.
Moreover, effective risk governance involves a formal appointment of a chief risk officer (CRO) in an executive role, who is responsible for establishing and implementing the risk framework for the enterprise and overseeing its activities
Question
Which of the following least accurately describes effective risk governance practices?
A. Defining risk tolerance and unacceptable risks after a period of crisis
B. Appointing a CRO to work with the CEO and other executives to build and implement a risk framework
C. Integrating the risk management framework and process into the management level of the organization
Solution
The correct answer is A.
Effective risk governance requires the governing body to openly discuss risk, undertake scenario planning and evaluate the potential negative outcomes of the risk on the organization during periods of normalcy.