simple tools and techniques for enterprices risk management
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (5.8 MB, 497 trang )
Simple Tools and Techniques for
Enterprise Risk Management
Robert J. Chapman
Simple Tools and Techniques for
Enterprise Risk Management
For other titles in the Wiley Finance Series
please see www.wiley.com/finance
Simple Tools and Techniques for
Enterprise Risk Management
Robert J. Chapman
Copyright
C
2006
John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester,
West Sussex PO19 8SQ, England
Telephone
(+44) 1243 779777
Email (for orders and customer service enquiries):
Visit our Home Page on www.wiley.com
All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system
or transmitted in any form or by any means, electronic, mechanical, photocopying, recording,
scanning or otherwise, except under the terms of the Copyright, Designs and Patents Act 1988
or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham
Court Road, London W1T 4LP, UK, without the permission in writing of the Publisher.
Requests to the Publisher should be addressed to the Permissions Department, John Wiley &
Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England, or emailed
to , or faxed to (+44) 1243 770620.
Designations used by companies to distinguish their products are often claimed as trademarks. All brand
names and product names used in this book are trade names, service marks, trademarks or registered
trademarks of their respective owners. The Publisher is not associated with any product or vendor
mentioned in this book.
This publication is designed to provide accurate and authoritative information in regard to
the subject matter covered. It is sold on the understanding that the Publisher is not engaged
in rendering professional services. If professional advice or other expert assistance is
required, the services of a competent professional should be sought.
Other Wiley Editorial Offices
John Wiley & Sons Inc., 111 River Street, Hoboken, NJ 07030, USA
Jossey-Bass, 989 Market Street, San Francisco, CA 94103-1741, USA
Wiley-VCH Verlag GmbH, Boschstr. 12, D-69469 Weinheim, Germany
John Wiley & Sons Australia Ltd, 42 McDougall Street, Milton, Queensland 4064, Australia
John Wiley & Sons (Asia) Pte Ltd, 2 Clementi Loop #02-01, Jin Xing Distripark, Singapore 129809
John Wiley & Sons Canada Ltd, 22 Worcester Road, Etobicoke, Ontario, Canada M9W 1L1
Wiley also publishes its books in a variety of electronic formats. Some content that appears
in print may not be available in electronic books.
Library of Congress Cataloging-in-Publication Data
Chapman, Robert J.
Tools and techniques of enterprise risk management / Robert J. Chapman.
p. cm.
ISBN-13: 978-0-470-01466-0
ISBN-10: 0-470-01466-0
1. Risk management. 2. Risk. 3. Uncertainty. 4. Decision making. I. Title.
HD61.C494 2006
658.15 5–dc22
2006004916
British Library Cataloguing in Publication Data
A catalogue record for this book is available from the British Library
ISBN 13 978-0-470-01466-0 (HB)
ISBN 10 0-470-01466-0 (HB)
Typeset in 10/12pt Times by TechBooks, New Delhi, India
Printed and bound in Great Britain by Antony Rowe Ltd, Chippenham, Wiltshire
This book is printed on acid-free paper responsibly manufactured from sustainable forestry
in which at least two trees are planted for each one used for paper production.
To Ranko Bon, an individual with clarity of thought
and exceptional interpersonal skills.
Contents
List of figures
Preface
xxiii
Acknowledgements
About the author
PART I
xxi
ENTERPRISE RISK MANAGEMENT IN CONTEXT
xxv
xxvii
1
1 Introduction
1.1 Approach to risk management
1.2 Business growth through risk taking
1.3 Risk and opportunity
1.4 The role of the board
1.5 Primary business objective (or goal)
1.6 What is enterprise risk management (ERM)
1.7 Benefits of ERM
1.8 Framework
1.8.1 Corporate governance
1.8.2 Internal control
1.8.3 Implementation
1.8.4 Risk management process
1.8.5 Sources of risk
1.9 Summary
1.10 References
3
4
4
5
5
8
8
9
10
10
11
11
11
11
11
12
2 Developments in Corporate Governance in the UK
2.1 Investor unrest
2.2 The problem of agency
2.3 Cadbury Committee
2.4 The Greenbury Study
2.5 The Hampel Committee and the Combined Code of 1998
13
13
14
15
16
16
viii
Contents
2.6
2.7
2.8
2.9
2.10
2.11
2.12
2.13
2.14
2.15
2.16
Smith guidance on audit committees
Higgs
Tyson
Combined Code on Corporate Governance 2003
The “comply or explain” regime
Definition of corporate governance
Formation of companies
The Financial Services and Markets Act 2000
The London Stock Exchange
Summary
References
17
17
18
18
19
19
20
21
21
22
23
3 Developments in Corporate Governance in the US and Canada
3.1 Sarbanes-Oxley Act 2002
3.1.1 Enron
3.1.2 WorldCom
3.1.3 Provisions of the Act
3.1.4 Implementation
3.1.5 Sarbanes-Oxley, Section 404
3.2 Canada
3.2.1 Dey Report
3.2.2 Dey revisited
3.2.3 Saucier Committee
3.3 Summary
3.4 References
25
25
25
26
26
28
28
29
29
30
31
31
31
4 Internal Control and Risk Management
4.1 The composition of internal control
4.2 Risk as a subset of internal control
4.2.1 The application of risk management
4.3 Allocation of responsibility
4.3.1 Cadbury Committee
4.3.2 Hampel Committee
4.3.3 Turnbull
4.3.4 Higgs Review
4.3.5 Smith Review
4.3.6 OECD
4.4 The context of internal control and risk management
4.5 Internal control and risk management
4.6 Embedding internal control and risk management
4.7 Summary
4.8 References
33
33
34
34
38
38
38
39
40
40
41
41
43
43
43
44
5 Developments in Risk Management in the Public Sector
5.1 Responsibility for risk management in government
5.1.1 Cabinet Office
5.1.2 Treasury
45
45
46
47
Contents
5.2
5.3
5.4
5.5
5.6
5.7
5.8
5.9
5.10
5.11
5.12
5.13
5.14
5.15
5.16
5.17
PART II
ix
5.1.3 Office of Government Commerce
5.1.4 National Audit Office
Risk management publications
Successful IT
Supporting innovation
5.4.1 Part 1: Why risk management is important
5.4.2 Part 2: How well risk management is understood and implemented
by government departments
5.4.3 Part 3: What more needs to be done to improve risk management
The Orange Book
5.5.1 Identify the risks and define a framework
5.5.2 Assign ownership
5.5.3 Evaluate
5.5.4 Assess risk appetite
5.5.5 Response to risk
5.5.6 Gain assurance
5.5.7 Embed and review
Audit Commission
CIPFA/SOLACE Corporate Governance
MoR
DEFRA
5.9.1 Risk management strategy
Strategy Unit Report
Risk and value management
The Green Book
5.12.1 Optimism bias
5.12.2 Annex 4
CIPFA internal control
Managing risks to improve public services
The Orange Book (revised)
Summary
References
51
51
51
52
52
52
53
53
53
53
54
55
57
58
59
59
60
61
62
62
63
65
65
69
69
THE APPOINTMENT
71
6 Introduction
6.1 Change process from the client perspective
6.1.1 Planning
6.1.2 Timely information
6.1.3 Risk management resource
6.2 Selection of consultants
6.2.1 Objectives
6.2.2 The brief
6.2.3 Describing activity interfaces
6.2.4 Appointment process management
6.2.5 The long listing process
6.2.6 Short list selection criteria
47
47
48
49
50
51
73
73
73
74
74
75
75
75
75
76
76
77
x
Contents
6.3
6.4
6.2.7 Request for a short listing interview
6.2.8 Compilation of short list
6.2.9 Prepare an exclusion notification
6.2.10 Prepare tender documents
6.2.11 Agreement to be issued with the tender invitation
6.2.12 Tender process
6.2.13 Award
6.2.14 Notification to unsuccessful tenderers
Summary
Reference
77
77
78
78
79
79
79
80
80
80
7 Interview with the Client
7.1 First impressions/contact
7.2 Client focus
7.3 Unique selling point
7.4 Past experiences
7.5 Client interview
7.5.1 Sponsor
7.5.2 Situation
7.5.3 Scheme/plan of action
7.5.4 Solution implementation
7.5.5 Success, measurement of
7.5.6 Secure/continue
7.5.7 Stop/close
7.6 Assignment methodology
7.7 Change management
7.8 Sustainable change
7.9 Summary
7.10 References
81
81
82
82
84
85
85
85
85
86
86
86
86
86
87
87
88
89
8 Proposal
8.1 Introduction
8.2 Proposal preparation
8.2.1 Planning
8.2.2 Preliminary review
8.3 Proposal writing
8.3.1 Task management
8.3.2 Copying text
8.3.3 Master copy
8.3.4 Peer review
8.4 Approach
8.5 Proposal
8.5.1 Identify the parties, the who
8.5.2 Identify the location, the where
8.5.3 Understand the project background, the what
8.5.4 Define the scope, the which
8.5.5 Clarify the objectives, the why
91
91
91
91
92
92
92
92
92
93
93
93
93
95
95
95
96
Contents
xi
8.5.6 Determine the approach, the how
8.5.7 Determine the timing, the when
Client responsibilities
Remuneration
Summary
Reference
96
96
97
97
97
97
9 Implementation
9.1 Written statement of project implementation
9.2 Management
9.2.1 Objectives
9.2.2 Planning the project
9.2.3 Consultant team composition
9.2.4 Interface with stakeholders
9.2.5 Data gathering
9.2.6 Budget
9.2.7 Assessment of risk
9.2.8 Deliverables
9.2.9 Presentation of the findings
9.2.10 Key factors for successful implementation
9.3 Customer delight
9.4 Summary
9.5 References
99
99
99
99
100
101
101
101
102
102
102
103
103
104
106
106
8.6
8.7
8.8
8.9
PART III
THE RISK MANAGEMENT PROCESS
10 Analysing the Business: Stage 1
10.1 Process
10.2 Process goal and subgoals
10.3 Process definition
10.4 Process inputs
10.5 Process outputs
10.6 Process controls (constraints)
10.7 Process mechanisms (enablers)
10.7.1 Ratios
10.7.2 Risk management process diagnostic
10.7.3 SWOT analysis
10.7.4 PEST analysis
10.8 Process activities
10.8.1 Business objectives
10.8.2 Business plan
10.8.3 Examining the industry
10.8.4 Establishing the processes
10.8.5 Projected financial statements
10.8.6 Resources
10.8.7 Change management
107
109
109
110
111
111
113
113
113
114
114
116
116
116
117
118
118
119
120
122
123
xii
Contents
10.8.8 Marketing plan
10.8.9 Compliance systems
10.9 Summary
10.10 References
123
124
124
124
11 Risk Identification: Stage 2
11.1 Process
11.2 Process goal and subgoals
11.3 Process definition
11.4 Process inputs
11.5 Process outputs
11.6 Process controls (constraints)
11.7 Process mechanisms (enablers)
11.7.1 Risk checklist
11.7.2 Risk prompt list
11.7.3 Gap analysis
11.7.4 Risk taxonomy
11.7.5 PEST prompt
11.7.6 SWOT prompt
11.7.7 Database
11.7.8 Business risk breakdown structure
11.7.9 Risk questionnaire
11.7.10 Risk register content/structure
11.8 Process activities
11.8.1 Clarifying the business objectives
11.8.2 Reviewing the business analysis
11.8.3 Risk and opportunity identification
11.8.4 Gaining a consensus on the risks, the opportunities and their
interdependencies
11.8.5 Risk register
11.9 Summary
11.10 References
125
125
125
126
127
128
128
128
128
129
129
130
131
133
133
134
135
135
135
135
136
137
12 Risk Assessment: Stage 3
12.1 Process
12.2 Process goals and Subgoals
12.3 Process definition
12.4 Process inputs
12.5 Process outputs
12.6 Process controls (constraints)
12.7 Process mechanisms (enablers)
12.7.1 Probability
12.8 Process activities
12.8.1 Causal analysis
12.8.2 Decision analysis
12.8.3 Pareto analysis
147
147
147
148
148
150
150
150
150
152
152
154
155
143
143
144
144
Contents
12.8.4 CAPM analysis
12.8.5 Define risk evaluation categories and values
12.9 Summary
12.10 References
xiii
156
157
157
157
13 Risk Evaluation: Stage 4
13.1 Process
13.2 Process goals and subgoals
13.3 Process definition
13.4 Process inputs
13.5 Process outputs
13.6 Process controls (constraints)
13.7 Process mechanisms (enablers)
13.7.1 Probability trees
13.7.2 Expected monetary value
13.7.3 Utility theory and functions
13.7.4 Decision trees
13.7.5 Markov chain
13.7.6 Investment appraisal
13.8 Process activities
13.8.1 Basic concepts of probability
13.8.2 Sensitivity analysis
13.8.3 Scenario analysis
13.8.4 Simulation
13.8.5 Monte Carlo simulation
13.8.6 Latin Hypercube
13.8.7 Probability distributions
13.9 Summary
13.10 References
159
159
159
160
160
160
161
161
162
163
165
167
170
171
175
175
176
177
177
178
179
180
180
181
14 Risk Planning: Stage 5
14.1 Process
14.2 Process goals and subgoals
14.3 Process definition
14.4 Process inputs
14.5 Process outputs
14.6 Process controls (constraints)
14.7 Process mechanisms
14.8 Process activities
14.9 Risk appetite
14.10 Risk response strategies
14.10.1 Risk reduction
14.10.2 Risk removal
14.10.3 Risk transfer or reassign
14.10.4 Risk retention
14.11 Summary
14.12 References
183
183
183
184
184
184
185
185
185
186
188
188
188
189
190
190
191
xiv
Contents
15 Risk Management: Stage 6
15.1 Process
15.2 Process goals and subgoals
15.3 Process definition
15.4 Process inputs
15.5 Process outputs
15.6 Process controls (constraints)
15.7 Process mechanisms
15.8 Process activities
15.8.1 Executing
15.8.2 Monitoring
15.8.3 Controlling
15.9 Summary
15.10 Reference
193
193
193
194
194
194
195
196
196
196
196
197
199
199
PART IV
201
INTERNAL INFLUENCES – MICRO FACTORS
16 Financial Risk Management
16.1 Definition of financial risk
16.2 Scope of financial risk
16.3 Benefits of financial risk management
16.4 Implementation of financial risk management
16.5 Liquidity risk
16.5.1 Current and quick ratios
16.5.2 Mitigation of liquidity risk
16.6 Credit risk
16.6.1 Default risk
16.6.2 Exposure risk
16.6.3 Recovery risk
16.6.4 Credit insurance
16.6.5 Counterparty risk
16.6.6 Due diligence
16.7 Borrowing
16.8 Currency risk
16.9 Funding risk
16.10 Foreign investment risk
16.10.1 Country risk
16.10.2 Environment risk
16.11 Derivatives
16.11.1 Exchange traded derivatives
16.11.2 Over-the-counter derivatives
16.12 Summary
16.13 References
203
203
203
204
205
205
205
207
207
207
208
208
208
209
210
213
213
213
216
216
216
216
217
217
218
219
17 Operational Risk Management
17.1 Definition of operational risk
17.2 Scope of operational risk
221
222
223
Contents
17.3
17.4
17.5
17.6
17.7
17.8
17.9
17.10
17.11
17.12
17.13
Benefits of operational risk
Implementation of operational risk
Strategy
17.5.1 Definition of strategy risk
17.5.2 Objectives
17.5.3 Business plan
17.5.4 New business development
17.5.5 Resources
17.5.6 Stakeholder interests
17.5.7 Corporate experience
17.5.8 Reputation
People
17.6.1 Definition of people risk
17.6.2 Types of people risk
17.6.3 HRM practices
17.6.4 Ability to pay salaries
17.6.5 Regulatory and statutory requirements
17.6.6 Staff constraints
17.6.7 Staff dishonesty
17.6.8 Risk management
17.6.9 Health and safety
Processes and systems
17.7.1 Definition of processes and systems risk
17.7.2 Controls
17.7.3 Regulatory and statutory requirements
17.7.4 Continuity
17.7.5 Indicators of loss
17.7.6 Transactions
17.7.7 Computer/IT systems
17.7.8 Knowledge management
17.7.9 Project management
External events
17.8.1 Change management
17.8.2 Business continuity
Outsourcing
Measurement
Mitigation
Summary
References
18 Technological Risk
18.1 Definition of technology risk
18.2 Scope of technology risk
18.3 Benefits of technology risk management
18.4 Implementation of technology risk management
18.5 Primary technology types
18.5.1 Information technology
xv
223
224
224
224
225
225
226
227
227
227
227
228
228
229
230
230
230
233
240
240
245
245
245
246
247
247
248
248
250
254
254
256
256
256
258
259
259
259
260
263
263
264
264
265
265
265
xvi
Contents
18.6
18.7
18.8
PART V
18.5.2 Communications technology
18.5.3 Control technology
Responding to technology risk
18.6.1 IT governance
18.6.2 Investment
18.6.3 Projects
Summary
References
EXTERNAL INFLUENCES – MACRO FACTORS
268
272
277
277
279
282
283
284
285
19 Economic Risk
19.1 Definition of economic risk
19.2 Scope of economic risk
19.3 Benefits of economic risk management
19.4 Implementation of economic risk management
19.5 Microeconomics and macroeconomics
19.6 Macroeconomics
19.6.1 GDP
19.7 Government policy
19.7.1 Fiscal policy
19.7.2 Monetary policy
19.7.3 Competing theories
19.8 Aggregate demand
19.8.1 Using aggregate demand curves
19.8.2 Determinates of consumer spending
19.8.3 Determinates of investment expenditure
19.8.4 Determinates of government spending
19.8.5 Determinates of net expenditure on exports and imports
19.9 Aggregate supply
19.10 Employment levels
19.11 Inflation
19.12 Interest rate risk
19.13 House prices
19.14 International trade and protection
19.14.1 Trade
19.14.2 Methods of protectionism
19.14.3 Trade policy
19.14.4 Balance of trade
19.15 Currency risk
19.15.1 Risk mitigation by hedging
19.16 Summary
19.17 References
287
287
287
287
288
288
289
289
290
291
291
292
292
293
293
294
294
294
295
296
297
298
299
299
299
300
300
300
301
301
305
306
20 Environmental Risk
20.1 Definition of environmental risk
20.2 Scope of environmental risk
307
307
308
Contents
20.3
20.4
20.5
20.6
20.7
20.8
20.9
20.10
20.11
20.12
20.13
Benefits of environmental risk management
Implementation of environmental risk management
Energy sources
20.5.1 Renewable energy
Use of resources
Pollution
Global warming
Response to global warming
20.9.1 Earth Summit
20.9.2 The Kyoto Protocol
20.9.3 Pollution control targets
20.9.4 Sufficiency of emission cuts
20.9.5 US climate pact
20.9.6 European Union
20.9.7 Domestic government response to climate change
20.9.8 Levy
20.9.9 Emissions trading
20.9.10 Impact on business
Stimulation to environmental considerations
20.10.1 FTSE4Good Index
20.10.2 Carbon Trust
20.10.3 Public pressure
Environmental sustainability
Summary
References
21 Legal Risk
21.1 Definition of legal risk
21.2 Scope of legal risk
21.3 Benefits of legal risk management
21.4 Implementation of legal risk management
21.5 Business law
21.5.1 Classification of law
21.6 Companies
21.6.1 The Memorandum of Association
21.6.2 Articles of Association
21.6.3 Financing the company
21.6.4 The issue of shares and debentures
21.6.5 The official listing of securities
21.6.6 The remedy of rescission
21.6.7 Protection of minority interests
21.6.8 Duties of directors
21.7 Intellectual property
21.7.1 Patents
21.7.2 Copyright
21.7.3 Designs
21.8 Employment Law
xvii
309
309
309
310
311
312
312
313
313
313
314
315
315
315
316
317
318
318
318
318
319
320
320
321
321
323
323
323
324
324
325
325
326
326
327
327
327
327
328
328
328
329
329
333
334
334
xviii
Contents
21.9
Contracts
21.9.1 Essentials of a valid contract
21.9.2 Types of contract
21.10 Criminal liability in business
21.10.1 Misdescriptions of goods and services
21.10.2 Misleading price indications
21.10.3 Product safety
21.11 Computer misuse
21.11.1 Unauthorised access to computer material
21.11.2 Unauthorised access with intent to commit or facilitate commission of further offences
21.11.3 Unauthorised modification of computer material
21.12 Summary
334
334
335
335
335
336
337
338
338
338
339
339
22 Political Risk
22.1 Definition of political risk
22.2 Scope of political risk
22.2.1 Macropolitical risks
22.2.2 Micropolitical risks
22.3 Benefits of political risk management
22.4 Implementation of political risk management
22.5 Zonis and Wilkin political risk framework
22.6 Contracts
22.7 Transition economies of Europe
22.8 UK Government fiscal policy
22.9 Pressure groups
22.10 Terrorism and blackmail
22.11 Responding to political risk
22.11.1 Assessing political risk factors
22.11.2 Prioritising political risk factors
22.11.3 Improving relative bargaining power
22.12 Summary
22.13 References
341
341
342
342
342
344
344
344
347
347
348
348
349
349
351
351
351
352
352
23 Market Risk
23.1 Definition of market risk
23.2 Scope of market risk
23.2.1 Levels of uncertainty in the marketing environment
23.3 Benefits of market risk management
23.4 Implementation of market risk management
23.5 Market structure
23.5.1 The number of firms in an industry
23.5.2 Barriers to entry
23.5.3 Product homogeneity, product diversity and branding
23.5.4 Knowledge
23.5.5 Interrelationships within markets
23.6 Product lifecycle stage
23.6.1 Sales growth
355
355
356
357
358
358
358
358
359
361
361
362
363
363
Contents
23.7
23.8
23.9
23.10
23.11
23.12
23.13
23.14
23.15
Alternative strategic directions
23.7.1 Market penetration
23.7.2 Product development
23.7.3 Market development
23.7.4 Diversification
Acquisition
Game theory
23.9.1 Price stability
23.9.2 Non-price competition
23.9.3 Branding
23.9.4 Market strategies
Price elasticity/sensitivity
23.10.1 Elasticity
23.10.2 Price elasticity
Distribution strength
Measurement
23.12.1 Value-at-Risk
Risk response planning
Summary
References
24 Social Risk
24.1 Definition of social risk
24.2 Scope of social risk
24.3 Benefits of social risk management
24.4 Implementation of social risk management
24.5 Education
24.6 Population movements – demographic changes
24.6.1 The changing market
24.7 Socio-cultural patterns and trends
24.8 Crime
24.8.1 Key facts
24.9 Lifestyles and social attitudes
24.9.1 More home improvements
24.9.2 Motherhood
24.9.3 Health
24.9.4 Less healthy diets
24.9.5 Smoking and drinking
24.9.6 Long working hours
24.9.7 Stress levels
24.9.8 Recreation and tourism
24.10 Summary
24.11 References
xix
364
364
365
367
368
370
370
371
372
372
373
376
376
377
377
377
377
378
378
379
381
381
381
382
382
383
384
385
385
387
388
388
388
389
389
390
391
391
392
392
393
393
Appendix 1
Successful IT: Modernising Government in Action
395
Appendix 2
Sources of Risk
399
xx
Contents
Appendix 3
DEFRA Risk Management Strategy
403
Appendix 4
Risk: Improving Government’s Capability to Handle Risk
and Uncertainty
407
Appendix 5
Financial Ratios
413
Appendix 6
Risk Maturity Models
417
Appendix 7
SWOT Analysis
423
Appendix 8
PEST Analysis
427
Appendix 9
VRIO Analysis
429
Appendix 10
Value Chain Analysis
431
Appendix 11
Resource Audit
433
Appendix 12
Change Management
437
Appendix 13
Industry Breakpoints
441
Appendix 14
Probability
443
Index
453
List of Figures
1.1
1.2
3.1
4.1
4.2
5.1
5.2
7.1
8.1
P3.1
P3.2
10.1
10.2
10.3
11.1
11.2
11.3
11.4
11.5
11.6
12.1
12.2
12.3
12.4
12.5
12.6
12.7
13.1
13.2
13.3
13.4
The role of the board and the integration of risk management
ERM framework
Risk management survey questions and their responses
Composition of the Combined Code 2003 and its relationship to the Turnbull
guidance
Internal control and risk management in context
Parties responsible for risk management in government
Decision making within the management hierarchy of an organisation
Influences on a change process
Preparation of a proposal
Stages in the risk management process
IDEFO process design notation. Process elements are described by IDEFO
using inputs, outputs, control and mechanisms
Structure of Chapter 10
Analysis process illustrating the inputs, output, constraints and mechanisms
Structure of Section 10.8
Structure of Chapter 11
Risk identification process
Definition of categories of risk
Structure of questionnaire
Software development risk taxonomy
Techniques for identifying business risk
Structure of Chapter 12
Risk assessment process
Quantitative probability impact matrix
Cause and effect
Main causes of effect
Main, level 1 and level 2 causes
Cause and effect diagram for a petrochemical company
Structure of Chapter 13
Risk evaluation process
Probability tree
Dependent events
7
10
30
35
42
46
57
88
94
108
108
110
111
117
126
127
131
131
132
138
148
149
151
152
153
153
154
160
161
162
163
xxii
13.5
13.6
13.7
13.8
13.9
14.1
14.2
15.1
15.2
16.1
17.1
17.2
17.3
17.4
17.5
17.6
17.7
18.1
18.2
19.1
19.2
19.3
19.4
19.5
19.6
20.1
21.1
21.2
22.1
23.1
23.2
23.3
23.4
23.5
24.1
A1.1
A6.1
A7.1
A10.1
A14.1
A14.2
A14.3
A14.4
A14.5
A14.6
List of Figures
Utility functions
Decision tree of land purchase decision
Decision tree rolled back
Directed diagram
Probability over two periods
Structure of Chapter 14
Risk planning process
Structure of Chapter 15
Risk management process
Structure of Chapter 16
Structure of Chapter 17
Taxonomy of strategy risk
Taxonomy of people risk
Systems perspective of sources of turnover
Taxonomy of processes and systems risk
Taxonomy of external events risk
Events causing discruption to organisations in 2004
Structure of Chapter 18
The investment decision-making process
Structure of Chapter 19
The circular flow of income in the UK economy
An aggregate demand (AD) curve
Shifts of and movements along the aggregate demand curve
An aggregate supply (AS) curve
Short run aggregate supply (AS) curve
Structure of Chapter 20
Structure of Chapter 21
The division between public and private law
Structure of Chapter 22
Structure of Chapter 23
Sources of market risk and opportunity
Product lifecycle stages
Alternative strategic directions for business development
The marketing mix composed of the 4ps
Structure of Chapter 24
Summary Risk Profile
Business Risk Maturity Model
Factors relevant to a SWOT analysis
The value chain
Complement of event A
Union of events A and B
Mutually exclusive events A and B
Venn diagram illustrating types of degree held by employees
Tree diagram of two suppliers, A1 and A2
Probability tree diagram of two suppliers, A1 and A2
166
168
169
170
171
184
185
194
195
204
222
224
229
238
246
256
258
264
280
288
290
292
293
295
296
308
324
325
342
356
357
363
364
372
382
398
420
424
432
444
445
445
448
449
450
