Risicomanagement

Explorations in Monte Carlo Methods

admin

Undergraduate texts in mathematics.

Authors: Ronald W. Shonkwiler and Franklin Mendivil.

The Monte Carlo method is a technique for analyzing phenomena by means of computer algorithms that use random numbers. This method basically owes its existence to the existence of computers.

In this book the authors give an introduction. It is a book of examples, with every step that is made in theory. In their book, they use the Matlab product to develop program examples, although other programming languages ​​(C, C ++, Pascal, Delphi) can be called just as suitable or more suitable. This approach with program examples makes it very tangible for exact scientists.

Monte Carlo techniques are useful in a wide variety of domains: from estimates of the number Pi, on calculations of mutations in cells, to the running of financial risks when playing in casinos or the evolution of the market.

This book is a very general book for the introduction to Monte Carlo, in the sense that it gives no advantage to a certain type of subject. Although it is a very good book to have a general idea of ​​how Monte Carlo can be used in all kinds of fields, it is not a book that you immediately benefit from as a risk manager. The application of Monte Carlo in the case of machine breakdown, or in financial decisions at a high level is not discussed. This requires more specialized literature.

But as didactic introductory mathematical work to know exactly what Monte Carlo techniques are capable of, it is definitely recommended. If you pass through this book, you are still more layman than specialist, but you are no longer an absolute beginner. You get an idea of ​​the importance of the central limit theorem, and of the Markov chains, and a whole bunch of other things.

For managers who have not enjoyed mathematics for a long time, I have the following advice: try it, your experts might even appreciate it. But if you are lost: no worries, there are still mathematicians out there who are happy to look after your case.

Guide To Effective Risk Management 3.0

admin

Authors: Alex Sidorenko and Elena Demidenko

This book about risk management is different from the other books that I already read about the subject. It is an e-book that not only works with text. The texts, usually a page per subject as an appetizer, are alternated with to do checklists, and many lists with click-through options to videos on youtube and URLs with web pages with further explanation. It is a handy book full of tips of do’s and don’ts of tasks that belong to risk management. These checklists are a useful task list for a CRO in a company.

The structure is realized in 3 major objectives: 1) Drive risk culture; 2) Help integrate risk management into business; 3) Become a trusted advisor. What did I remember?

Drive risk culture: make sure you have a suitable framework for working on risk management. Knowledge of the regulations that the company must comply with is important. In addition, ISO 31000 can be a handy standard. Moreover, the management of suitable risk analysis techniques is an advantage. Already from the beginning of the book the authors talk about Monte Carlo and scenario analysis. As always, involving top management is a must. All classics of risk management are discussed. But there are also useful tips such as the fact that you best discuss risks per topic in the board meeting instead of making risk management a separate subject of these meetings. Furthermore, a no-blame culture is essential. That is logical, because you still have to work with others to improve the performance of the organization. Another important psychological tip is to determine risk management responsibilities in the job descriptions. Furthermore, it was an eye-opener that risk management is primarily a matter of change management for the culture of the organization.
Help integrate risk management into business: it is important that risk management is not something that comes with it, but something that is included in the work itself. It is very important, for example, that it is integrated in taking the different types of decisions. After all, an informed decision always makes a trade-off between the advantages and disadvantages (the impact) and the chances that these will occur. That is why it is also important that the business and the CRO speak the same language. And if things go wrong, the business must be able to escalate in a simple way.
Become a trusted advisor: know the business, but also know your risk management techniques. Maintain your skills of scenario analysis, stress testing, Monte Carlo techniques, game theory, behavioral psychology … a lot of different scientific techniques can be applied. They take care of it, together with a look at the environment, that you can inform the management of emerging risks. Finally, you do not do it all alone. You can rely on the help of people in the organization (risk champions) but you can also rely on the knowledge of colleagues in other organizations. So networking is the message.

The number of topics is very large, and with all referrals in it, it is a very strong book. It is advisable to take your time and also see the videos, as a different form of learning. Because of this structure, the book does not have to be read from front to back, but can be started at a certain point, depending on the needs of the moment.

The book is freely available on the website of RISK-ACADEMY:

https://www.risk-academy.ru/en/download/risk-management-book/

Implementing Enterprise Risk Management

admin

Editors: Fraser; Simkins and Narvaez

This 650-page book is intended to be a textbook / exercise book, which I believe can be used in a Bachelor’s program for Enterprise Risk Management. It consists of 35 chapters, actually 35 stories, each of which is completed with a questionnaire as a guide for a discussion by a team of students. It is accompanied by another book, namely “Enterprise Risk Management – today’s leading research and best practices for tomorrow’s executives”. The latter is the associated theory book.

Does this mean that you must have to read the theory book first? Not if you already have a good basic knowledge of ERM.

The following items from this book are most memorable to me:

  • The PAPA model of LEGO: Park, Adapt, Prepare and Act. The aim is to determine the overarching strategic response based on how quickly things change in a scenario with respect to the probability that a scenario occurs.
  • The determination of the Risk Appetite based on 7 questions:
  1. How much risk do we think we take now? (Risk perception)
  2. How much risk do we actually take? What evidence do we have? (Risk exposure)
  3. How much risk do we usually like to take? If this is less than under point 1. then we do not feel comfortable. (Risk propensity / culture)
  4. How much risk can we take on / safely? (Risk capacity) This must be greater than under points 1., 2. and 3.
  5. How much risk do we think we should take? (Risk attitude)
  6. How much risk do we actually want to take? (Risk appetite)
  7. How can we implement measures and limits within the processes, products and business units to ensure that our total risk appetite is not exceeded? (Risk limits)
  • What UW (University of Washington) decided about their ERM Model:

    • Assess the risks in the context of the strategic objectives, and identify the interrelation of risk factors throughout the institute, not just for each function exercised.
    • Handle all types of risks: compliance, financial, operational, and strategic.
    • Grow a general awareness that allows individuals to focus their attention on risks with a strategic impact.
    • Improve and reinforce UW’s culture of compliance, while protecting the decentralized, collaborative entrepreneurial orientation of the institute.

  • Three lines of defense of the TD Bank: 1) the business and the accountants, 2) setting standards and challenging business to improve their governance, as well as their risks and control groups their responsibilities and liabilities, and 3) a independent internal audit.
  • The ERM objectives of Zurich Insurance Group:

    •     Protect the basic capital so that the risks that are taken do not exceed the risk tolerance.
    •     Improve the value creation and contribute to an optimal risk / return profile.
    •     Support decision-makers with consistent, timely and correct information about the risks.
    •     Protecting the reputation and brand through a healthy culture of risk awareness and a disciplined and informed risk-taking.

This is just a small sample of the valuable examples that the book displays.

Risk Issues and Crisis Management in Public Relations – A Casebook of Best Practice

admin

Authors: Michael Regester & Judy Larkin

In this book, the authors discuss risk management (although they only speak of risk issues) and crisis management as part of what they call ‘Issues management’ and that with an approach from the perspective of public relations. Here they give numerous examples in the form of case studies.

The book is divided into two parts: a section on the elaboration of issues management, which looks suspiciously like risk management, because it has many similar building blocks, and a second section on crisis management, emphasizing both the importance of the teams, as the communication aspects.

Issues management is working on the drafting of a procedure of issues management, in which a great deal of attention is paid to the components that the authors consider important. The whole is concluded with some overviews of concrete approaches in two existing organizations.

Concerning Crisis Management, it is the intention that you remember the following (not necessarily in this order and certainly not an exhaustive list):

 

  • Be the first to share, recognize first that there is a problem.
  • Rectify immediately any error that comes into the media.
  • Be complete, correct, honest, transparent and willing to communicate. Do not say things like ‘no comment’ and if nothing is known yet, then tell them you will not leave no stone unconverted untill is known how things work.
  • Provide a place to speak to the press. It’s best to work one-on-one for the television channels. The latter can take a lot of time and energy and therefore it can be interesting to have a single TV interview set up in consultation with all channels.
  • Start communicating immediately, even if you do not have any information yet.
  • Always discuss the following topics in the following order:

    • People
    • Environment and environs
    • Properties
    • Money

And always talk first about the facts, then emotions and then state a vision of what you will do or are doing about it. Prevent a void in communication.

  • Always make sure that your actions are in the spotlight, and that you are heard.
  • Avoid putting bad blood in the population.
  • Visit the disaster site.
  • Acknowledge fault when it is proven, not before. Refer to experts for the evidence and do not be tempted into endless defense talk.
  • Never speculate about what you do not know.
  • If the press does not pay attention to you, do not walk away, stay in the area but do not pull any attention to your organization. Do not be a ‘sitting target’.
  • Do not ignore any media source.
  • Be willing to pay ex-gratia.

All this is extensively upholstered with cases where it worked and where it did not work.

Key Risk Indicators

admin

Authors: Ann Rodriguez and Viney Chadha

In the book, the authors discuss the entire set-up and implementation of a Key Risk Indicators framework that can be used as an integral part of the Risk Management Framework, as a tool that can be used to support decision making in day-to-day management.

In the first chapter, the authors explain the foundations of KRI: measuring is after all knowing. That is why you also need to know that there are different types of indicators. The book covers Key Risk Indicators, Key Performance Indicators and Key Control Indicators.

Very important is the common language, the Risk taxonomy, which the people in the organization must speak. This is important, amongst other things, for the recognition of deviations that may occur in the measurements and / or the interpretation thereof.

But one of the most important aspects is with regards to Risk management and KRI, is the culture of the organization. One of the possible aspects is how committed the employees are to achieving common objectives. Another aspect is how well the three lines of defense have been developed and how well they work together.

In a few short chapters, the importance of the Enterprise Risk Management and the ERM Framework are discussed. The Operational Risk Management is discussed afterwards in a very extensive chapter. The most important program elements according to the authors are: risk and control self-assessments, scenario analysis, business environment assessments, data of internal losses, data of external losses, issues management and ultimately: the KRI.

In chapters 7, 8 and 9 the authors discuss the preparation of a KRI Framework, the life cycle of the KRI program and the KRI Project that implements everything. Chapters 10 and 11 deal with the use of KRIs and how you report about them, and what you report to them, depending on whether they do other things with the numbers … (The board does not need the same figures as Senior Management, for example).

In chapter 12, the authors discuss a tool that can determine whether an indicator is a “Key” indicator.

The story ends with a series of Case studies. The classic, Union Carbide in Bhopal could not be ignored. In addition, the authors also provide a number of KRI that could have yielded an alternative outcome. Finally, a number of concluding thoughts tell us that KRI must evolve from an art to a science. This book contributes to this.