0% found this document useful (0 votes)

46 views53 pages

Module 1: Principles of Risk: International Diploma in Risk Management

Uploaded by

rafal

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

46 views53 pages

Module 1: Principles of Risk: International Diploma in Risk Management

Uploaded by

rafal

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 53

International Diploma in Risk Management

Module 1: Principles of Risk

Module Handbook

June 2012
Module Handbook: Principles of Risk

Module One: Principles of Risk

Contents
1 Looking ahead to Module One 3

2 Module aims in summary 5

3 Module learning outcomes 6

4 Module syllabus 7

5 Module learning activities 7

6 Module learning materials 8

6.1 Pre-reading for the module 8
6.2 Core module reading list 8
6.3 Important notes about reading materials and expectations 9

7 Unit 1: What you should know; what you will learn 11

7.1 Unit 1 Pre reading 12
7.2 Unit 1 Core reading materials 12
7.3 Unit 1 Self-assessment 13
7.4 Previous examination questions 13

8 Unit 2: Risk: An introduction 15

8.1 Unit 2 Reading materials 17
8.2 Unit 2 Self-assessment 17
8.3 Previous examination questions 18

9 Unit 3: A modern understanding of risk: Part1 19

9.1 Unit 3 Reading materials 20
9.2 Unit 3 Self-assessment 20
9.3 Previous examination questions 21

10 Unit 4: A modern understanding of risk: Part2 22

10.1 Unit 4 Reading materials 23
10.2 Unit 4 Self-assessment 23
10.3 Previous examination questions 24

11 Unit 5: Risk issues, problems and challenges 25

11.1 Unit 5 Reading materials 25
11.2 Unit 5 Self-assessment 26
11.3 Previous examination questions 26

12 Unit 6: An application 27
12.1 Unit 6 Reading materials 27
12.2 Unit 6 Self-assessment 28
12.3 Previous examination questions 28

Module One: Principles of Risk

13 Unit 7: A short history of risk management 30

13.1 Unit 7 Reading materials 32
13.2 Unit 7 Self-assessment 32
13.3 Previous examination questions 32

14 Unit 8: Risk management: the modern and future scene 34

14.1 Unit 8 Reading materials 35
14.2 Unit 8 Self-assessment 35
14.3 Previous examination questions 35

15 Appendix 37
Self-assessed answers, comments and suggestions 37

Module One: Principles of Risk

1 Looking ahead to Module One

Diploma Module One is entitled Principles of Risk. This rightly suggests that the module mainly
focuses on helping students understand and apply the basic concepts, terms, theories and
principles of risk and risk management.

Within this module, students are expected to become conversant with risk as a concept, a
phenomenon and a subject of managerial attention. The Diploma‟s design process established
that successful risk managers are “risk experts”. This means that a deep understanding of risk
is central to the risk manager‟s identity.

To the newcomer, such an assertion may sound rather mundane and hardly worthy of
mention, but this would be wrong for a range of reasons, (which will become clearer as you
progress through the module):

The scope of risk management has changed to such a degree in recent years that
conventional views of risk have had to be altered. Moreover, it is still changing and
moving forward, as we shall see in Unit 8

Historically, risk management has focused on the mathematics of hazard-based risks

or on financial risks, largely to the exclusion of attention to the psychological
dimensions of risk, the social and cultural influences on our perceptions of risk, and the
overall context of risk in organisational settings. We shall cover these aspects in Units
3, 4 and 7.

New technologies allow us to have a deeper understanding of risk and its impact on
organisations. There will be specific focus on this aspect of risk management in
Diploma Module Three: Risk Decisions.

Our changing world has produced new risks that do not easily fit into historical frames
of reference. This is particularly looked at in Unit 2.

In IRM‟s view, a risk expert must be able to bring to his or her organisation a specific
knowledge of risk. This encompasses:

What risk is
How risk affects organisations (the focus of Diploma Module 2)
How our preconceptions and perceptions influence our views of risks
How culture and society subtly influence how we prioritise risks, and
How we effectively communicate risk information (the focus of Module 3)

This specific knowledge will enhance the overall quality and value of management decision
making and practice. The risk expert adds value to his or her organisation.

In addition to initiating the development of risk knowledge, a task that extends into Diploma
Modules Two and Three, Module One necessarily provides an introduction to the entire
Diploma. Thus, students should also expect to develop further their basic understanding of risk
management that they will have picked up at an earlier stage of their studies, or through
practical experience in the workplace. Although the treatment of this particular subject is
general and principles-based, this part of the module is not simply a rehash of prior learning.
Module One may be introductory, but it is not purely descriptive.

Module One: Principles of Risk

Fundamental concepts, principles and even theories of risk management are presented, so
that students are enabled not only to define and describe risk management, but also to go
some way toward thinking about the roles and purposes of risk management in an
organisation. The very technical detail of risk management practice is dealt with in the
remaining core Diploma modules (Modules Two through Five), but successful students will
complete Module One with a grasp of the fundamental concepts and principles.

1) A broad and highly influential theme is first introduced – though only lightly developed –
in Module One. This theme can be summarised as follows:

2) Risk management today is an aspect of overall organisational management that

aspires to assess and address all organisational risks in a manner consistent with the
organisation‟s goals and purposes. In adopting this frame of reference, seven premises
underlie the presentation in Module One, and by implication, in Modules Two to Five.
They are:

1) Risk management is a necessary component of effective management.

2) Risk management is concerned with understanding and managing uncertainty about

future performance. The aim is to improve performance related to various objectives
held by relevant stakeholders.

3) Risk management should be embedded in all aspects of management and

organisational decision making, planning, coordination and control activity, across all
functions and at all levels, in a manner that is both efficient and cost-effective.

4) Organisations should operate separate applications of risk management in a variety of

different contexts, such as operations, projects, programmes, strategy formulation and
corporate reviews.

5) Whatever the application context, it is useful to employ a formal generic risk

management process that includes:

Identification of sources of risk and uncertainty

Assessment of the significance of sources of uncertainty and their inter-
relationships
Consideration of alternative ways of managing these uncertainties, and
Informed selection of an appropriate management strategy.

6) The depth and scope of an efficient and effective risk management process in a
particular application will depend on the application context, the resources available
and the particular reasons for undertaking risk management in this context.

7) The provision of an appropriate administrative infrastructure should facilitate risk

management activity. This infrastructure should include:

Clear corporate policies that set out why, when and how to deploy risk
management and the processes for monitoring and reviewing the quality of risk
management undertaken.

Clearly defined roles and responsibilities for carrying out and reporting on risk
management activity.

Module One: Principles of Risk

Documentation of both processes for carrying out risk management in various

application contexts, and analyses undertaken.

Specialist support to facilitate efficient and cost-effective risk management

activity and to develop organisational capability in risk management.

All present evidence indicates that since the mid-1990s risk management has moved from a
technical specialisation into a general management function, while, nevertheless, retaining
many technical aspects.

The structure of the Diploma reflects that fact. The first five core modules present a foundation
for setting students on a pathway to both risk expertise and managerial skilfulness. The
Specialist modules enable students to create a further area of expertise and differentiation,
and the final paper allows them to demonstrate a comprehensive mastery of the subject.

As students read through the various readings that are recommended for this module, they
should always consider the implications of what they read against the seven principles above,
since this linkage forms the approach adopted at the examination stage. In short, IRM is not
just hoping that students can acquire new knowledge, but that they can also apply that
knowledge in a range of scenarios.

Students of the Diploma are taking the first step on the road to professional advancement. IRM
wishes them every success with Module One.

2 Module One - Aims in summary

Module One: Principles of Risk, serves two core purposes:

1) To orient students toward the substance of the entire Diploma programme, and

2) To provide a focused introduction to risk.

The first two-thirds or so of Module One comprise an extended investigation of the principles
of risk and the practical applications of its meaning today. One of the overarching objectives is
to provide students with a clear understanding of the multi-dimensional nature of risk. They will
see that risk is a cultural and psychological construct, a quantifiable, measurable and objective
phenomenon, and a characteristic of reality as we understand and perceive it.

The last third of the module provides an exploration of risk management. The intention here is
not to revisit students‟ prior knowledge of the subject, but to provide a restatement of the
subject and to place the Diploma‟s investigation on a somewhat higher intellectual level. The
purpose of the Diploma is not to dwell unnecessarily on the factual or descriptive side of the
subject, but to focus on the applications, issues and challenges that are part of the field.

Therefore, the module concludes with an introductory investigation of problems and issues
that confront risk management today. These issues are somewhat conceptual and
philosophical in nature, but also quite practical. As an introductory exercise, they will suggest
some of the more critical modern challenges facing risk managers and risk management
practice.

Module One: Principles of Risk

3 Module learning outcomes

By the end of the module, students should be able to:

1. Explain the rationale for developing risk management in an organisational context.

2. Understand and explain the significance of uncertainty management compared with

threat and opportunity management.

3. Identify and explain the drivers of modern risk management practices.

4. Explain the complexities associated with defining and understanding risk.

5. Understand and explain some important issues, problems and challenges encountered
by individual risk managers and the risk management community.

6. Explain the range of factors that can influence the perception of risk and principles
involved in achieving effective risk identification.

7. Explain the ways in which risk and uncertainty may be quantified and the limitations to
quantification, including the treatment of interdependencies between sources of
uncertainty.

8. Explain the history of risk management and the important antecedents influencing the
modern risk management world.

Student note
Seriously consider and review the module learning outcomes listed. This list goes a
long way toward informing students what they are intended to learn and, importantly,
what the basis of evaluation and examination will be.

Module One: Principles of Risk

4 Module syllabus
Unit 1: What you should know; what you will learn.
Establishes the expectations going into the Diploma and reflects on the intended
outcomes.

Unit 2: Risk: an introduction.

Introduces and reviews definitions of risk and affiliated concepts.
.
Unit 3: A modern understanding of risk: Part 1.
Further explores risk and affiliated concepts with an emphasis on cultural and
psychological dimensions.

Unit 4: A modern understanding of risk: Part 2.

Further explores risk and affiliated concepts with an emphasis on the objective,
scientific nature of those concepts.

Unit 5: Risk issues, problems and challenges.

Exposes students to several contemporary subjects related to risk, such as the recent
Governance crises, the moving out of recession, and the positive and negative impacts
of the risk society.

Unit 6: Risk: an application.

Provides an application/case setting in which students can think critically about the
concepts and principles set forward in the previous units.

Unit 7: A short history of risk management.

Discusses the practice of risk management with a focus on the factors that have driven
its evolution.

Unit 8: Risk management: the modern and future scene.

Explores the practice of risk management, with reference to its modern characteristics
and current developments. This final unit specifically builds on the contents of Units 5
and 7.

5 Module learning activities

Course content: This module is concerned with basic terms, concepts and principles of risk.
A basic problem is ambiguity about what constitutes principles of risk and what constitutes
tools and techniques, which are covered in later modules. For the purposes of this module,
principles of risk are generic, underpinning concepts, theories or frameworks that are present
in any risk management situation or process, and that might influence how risk management is
or should be carried out. In studying for this module, students will learn about the generic
problems and conceptual issues associated with various aspects of risk management. This
material informs much of the design and use of tools, techniques and processes considered in
later modules.

Self-assessment: Students will have the opportunity to test their newly acquired knowledge
and understanding as they progress through the module. Embedded within the summary of
each unit are one or two relevant examination questions to consider. Examination questions
expect students to draw knowledge from various parts of the syllabus. Students are therefore

Module One: Principles of Risk

advised not to seriously attempt examination questions until they have completed the study for
the entire module.

Learning more about it: Students will be directed to learn more about the principles and
concepts.

Formal assessment: A three hour examination will assess students‟ acquired knowledge and
understanding.

6 Module learning materials

Students need to study a variety of learning materials for this module. Required reading is
listed below and within each module unit. Students are encouraged to read widely around the
subject, as examiners are looking for breadth of study and knowledge. The Diploma is set at a
postgraduate level and, as such, students are expected to contribute material from their own
experience and demonstrate an awareness of current risk management events and
developments.

6.1 Pre-reading for the module

Committee of Sponsoring Organizations of the Treadway Commission (2004).Enterprise Risk

Management — Integrated Framework Executive Summary

Hopkin. P (2010) Fundamentals of Risk Management, London, Kogan Page, Chapters 1 to 6

at least and possibly also 7-18

IRM/AIRMIC/ALARM (2002) - Risk Management Standard.

IRM/AIRMIC/ALARM (2010) - A structured approach to Enterprise Risk Management (ERM)

and the requirements of ISO 31000

6.2 Core module reading list

Adams, J, Risk management is not rocket science: it is much more complicated, Public Risk
Forum, May 2007

Adams, J, (2001) Risk, Routledge, Oxford, Chapters 2 and 3

Anderson, R, Risk Management & Corporate Governance, OECD

Andersen, T J, Strategic Risk Management: Outlining the Contours of the „New Risk
Management‟ Paradigm, Public Risk Forum, May 2007

Bernstein, P L, The New Religion of Risk Management, Harvard Business Review, March
1996

Gigerenzer,G, Statistical Illiteracy Endemic in Healthcare, in Risk Management Professional,

March 2011, p39

IRM/AIRMIC/ALARM (2002) A Risk Management Standard, IRM, AIRMIC, ALARM

Kloman, F, A short history of risk management: 1900-2002, Risk Management Reports, 2002
Module One: Principles of Risk
© IRM September 2011 8
Module Handbook: Principles of Risk

Leslie, A, Capricious Fate and Human Folly in Strategic Risk, June 2008, p9-10

Leslie, A, „Everything Changes, Nothing Changes‟ in Strategic Risk, January 2009, p28-29

McNeil, A J, Frey, R & Embrechts, P, Quantitative Risk Management: Concepts, Techniques,

and Tools, Princeton University Press, 2005, Chapter 1

Piper, A, Risk Society, in Internal Audit and Business Risk, January 2007, p14-17

Power, M, The Risk Management of Everything, Demos, 2004

Ross, J F, The Polar Bear Strategy: Reflections on Risk in Modern Life, Perseus Books, 1999.
Preface and Chapter 1

ShopMart Case Study, 2007

Skinner, N, It‟s in Our Hands, in Strategic Risk, March 2010, p30

Slovic, P, Fischhoff, B and Lichtenstein, S, Facts vs. fears: understanding perceived risk,
Societal Risk Assessment: How Safe is Safe Enough?, (Schwing and Albers, eds.) Plenum
Press, 1980

Strategic Risk, Alarmed and Dangerous, April 2011, p21-23

Strategic Risk Report, Against All Odds, May 2011

Tabak, J, Probability & Statistics: The Science of Uncertainty, The History of Mathematics
Series, Facts on File Publishing, 2004, Chapters 1, 6 and 7

Taleb, N N, The Black Swan: The Impact of the Highly Improbable, Random House, 2007,
Prologue and Chapter 1

The Economist Intelligence Unit, Fall Guys: Risk Management in the Front Line, a report from
the Economist Intelligence Unit, sponsored by ACE and KPMG, 2010

Tversky, A, and Kahneman, D, Judgment under uncertainty: heuristics and biases, Science,
1974, vol. 185, pp 1124-1131

Ward, S, (2005) Risk management organisation and context, Witherbys, London, Chapters 1

Williams, C A, Smith, M L, and Young, P C, Risk Management and Insurance, 8th edition,
McGraw-Hill Book Company, 1998, Chapters 1, 2, and 3

Yates, H, Navigating the Downturn, in Risk Management Professional, September 2009, p20-
21

Young, P C, Enterprise Risk Management: Another Perspective, Risk & Insurance, July 2001.

6.3 Important note about reading materials and reading expectations

“What am I required to read?” This is a question commonly asked by Diploma students, and it
is important that they understand the IRM‟s position on this matter.
Module One: Principles of Risk
© IRM September 2011 9
Module Handbook: Principles of Risk

Students will note that there are two reading lists, pre-reading and core reading. IRM
anticipates that most students will have some previous knowledge of core risk management
principles. However, we acknowledge that some students may have very limited knowledge,
while for others the knowledge they have may need to be brought up to date. In either case,
IRM recommends students begin the Module with a little pre-reading to get them up to the
minimum standards required. This matter is further set out in Unit 1.

Students will also notice that the module handbooks list only required reading and do not
include recommended reading lists. Required reading is self-evident: the texts that are listed
must be read. Failure to do so virtually guarantees that the student will fail the examination.
However, IRM also expects students to read and study beyond the required reading list.
Relevant reading and studying can include business websites, business sections of
newspapers and listening carefully to news bulletins and documentaries to gather an
appreciation of emerging and developing risk events, which students can then apply to some
of the required readings in an examination setting. Students should also look from time to time
in IRM‟s On-line Resource Centre (ORC), for up-to-date developments in risk management.

The structure of the examinations and the marking scheme include recognition of additional
reading and research. In other words, part of the mark a student obtains will be based upon
evidence that he/she has gone beyond the required readings and brought other perspectives
and material into his/her exam responses. It is difficult to imagine that a student could receive
the highest marks without including evidence of additional study.

Module One: Principles of Risk

7 Unit 1: What you should know: what you will learn

The purpose of this unit is to get students started with the Diploma programme and –
specifically – to get started with Module One.

As previously explained, the Diploma is designed with an important underlying assumption –

that students are not newcomers to the field of risk management. In other words, they have
work experience in the field, academic training in the subject or have successfully completed
IRM‟s International Certificate in Risk Management.

At the very least, it is assumed that students have factual and descriptive knowledge of risk
management, and should be able to:

1. Define and describe key terms like risk, uncertainty, risk management, risk analysis
and control, and risk financing.
2. Describe the basic elements of effective risk management programmes.
3. Demonstrate basic knowledge of a range of risk management tools, including
insurance, health and safety programmes, loss control measures, risk registers, risk
audit reports and so on.
4. Delineate basic decision making approaches in risk management.

5. Be aware of overarching challenges facing risk managers, such as effective

programme implementation, risk communication, budgeting and the general
management principles that underlie effective management, and emerging external
standards and legal expectations for risk management practice.

6. Show a basic ability to solve common risk management problems, such as selection of
an insurance broker, development of a risk management report and management of a
risk identification process.

What is not expected of students is a deeper understanding of principles, concepts and the
technical substance of risk management. This distinction can be expressed by saying that a
student‟s prior knowledge is assumed to be based on the “what” of risk management, whereas
the Diploma is more geared toward the “why” of risk management.

The recommended reading for Unit 1 therefore covers what IRM considers to be required pre-
existing knowledge as well as readings which focus on the future – the student‟s road ahead.
These readings highlight the fact that the Diploma subject matter is intentionally designed to
focus on underlying issues, critical thinking and creative or advanced practice. In other words,
the Diploma is set to move students from being possessors of basic knowledge to a position
where they can rightly say they are becoming professionals in the field.

Module One: Principles of Risk

7.1 Unit 1 Pre-reading

Students with limited knowledge of the key concepts of Risk and Risk Management should
read:

1. Hopkin. P (2010) Fundamentals of Risk Management, London, Kogan Page, Chapters

1 to 6

All students should also review the following:

1. IRM/AIRMIC/ALARM (2002) Risk Management Standard.

2. Committee of Sponsoring Organizations of the Treadway Commission
(2004).Enterprise Risk Management — Integrated Framework Executive Summary
3. IRM/AIRMIC/ALARM (2010) - A structured approach to Enterprise Risk
Management (ERM) and the requirements of ISO 31000

These readings will enable students to:

a) Briefly retrace what IRM considers the terrain of a student‟s prior knowledge
b) Re-familiarise themselves with basic terminology and ideas.

One theme that will emerge frequently throughout the Diploma is the recent emergence of an
“environment of external expectations”. This phrase has come to refer to a range of standards,
best practice recommendations, audit rules, laws, market guidelines and even legal decisions
that have collectively come to define the modern requirements of risk management. In this
light, the Risk Management Standards offer glimpses at the nature of external expectations
and encourages students to consider the possible implications.

7.2 Unit 1 Core reading materials

1. Young, P, C, Enterprise Risk Management: Another Perspective, Risk & Insurance July
2001

Offers a rather quick overview of the general direction of modern risk management and
a look at the issues littering the field today.

2. Bernstein, P L, “The New Religion of Risk Management”, Harvard Business Review,

March 1996.

Provides students with a hint of a dramatic story that will unfold in the Diploma – the
debate over the actual meaning of “risk.” Historically, the risk management field has
tended to define risk solely through its statistical or mathematical nature, which is
appropriate in many settings. Modern practices, however, have recognised some
limitations in that definition and, further, have identified value in a broader and more
integrative sense. Bernstein sets the stage by exploring the question: has probability
theory become the religion of risk manager?

3. Andersen, T J, “Strategic Risk Management: Outlining the Contours of the „New Risk
Management‟ Paradigm”, Public Risk Forum, May 2007

Provides a glimpse of an important development in the field of modern risk

management: the connecting of risk management with governance and strategy.

Module One: Principles of Risk

7.3 Unit 1 Self-assessment

Students will be ready to move to Unit 2 when they can confidently answer the following study
questions.

1. Prepare a general two-to-three paragraph summary of the IRM/AIRMIC/ALARM A

structured approach to Enterprise Risk Management (ERM) and the requirements of
ISO 31000. Students will encounter other standards throughout the Diploma
programme, but this particular standard a) is highly influential in the UK and other
countries, and b) serves to consolidate a basic understanding of modern risk
management practices.

2. Young presents a basic introduction to the concept of enterprise risk

management(ERM), which is the most influential idea governing modern risk
management practices today. Be able to summarise the ERM concept and cite at least
one or two issues identified as present in the modern risk management world.
Compare and contrast Young‟s view with the more recent COSO ERM Framework

3. Bernstein introduces some key issues associated with modern thinking on the subject
of risk. Explain Bernstein‟s argument about risk management becoming a “new
religion”.

4. As part of your review of the fundamentals of risk management, try also to summarise
your views of about the relationship between risk management, organisational strategy
and governance.

7.4 Unit 1 Previous examination questions

June 2011: Question 1

You are the Chief Risk Officer in a large multinational organisation composed of a diverse
range of separate businesses. The director of one of those business units writes: “Risk
Management is the activity which so often places barriers in the way of business ideas
because it always focuses on what could go wrong.”

As a student of the IRM‟s International Diploma in Risk Management you recall an article by T
J Andersen which states that „Strategic Risk Management is more than trying to avoid
downside losses,‟ and it should be as much about „exploiting opportunities arising from
changing market conditions.‟

a) Discuss how risk management can be as much about managing both the
upside and downside of risk, illustrating your discussion with relevant examples.
(40 marks)

b) Explain the challenges the Risk Management profession has in overcoming

client‟s traditional opinions over the perceived role of risk management.
(30 marks)

c) Identify and justify practical ways in which the Chief Risk Officer might
overcome those challenges.
(30 marks)

Module One: Principles of Risk

June 2011: Question 5

Longbred Ltd is a medium sized unquoted private company, which produces special branded
Scottish biscuits for sale around the European Union, but which has experienced a recent
decline in sales because of the weak state of the European economy. The Chief Executive has
been worried that Longbred operates a rather reactive approach to risk management and he
complains that he wastes a lot of time managing unexpected problems. He recently read a
newspaper report that in the future Enterprise Risk Management (ERM) could become a
critical tool to achieve organizational objectives and improve the maturity of risk management
(Stephen Ward describes six dimensions to Risk Management Development). He cannot
understand how ERM could add value and he is sceptical about the costs of implementing
such a scheme. He plans to meet with you to discuss this matter. It may be helpful to you and
to the Chief Executive to have a set of notes which covers key points relating to ERM.
Prepare this set of notes in three sections as follows:

a) Define and explain ERM.

(35 marks)

b) Explain how implementing ERM in Longbred Ltd could help it to develop a

more mature and well developed approach to Risk Management.
(30 marks)

c) Provide guidance upon how you could help to reassure the Chief Executive
that the ERM project would provide good value for money for Longbred Ltd.
(35 marks)

June 2009: Question 4

a) Your manager has heard that there are several Risk Standards. You have been
asked to set out the pros and cons of following different standards.
Compare and contrast at least three current and relevant standards.
(60 marks)

b) Explain which standard you would recommend your organisation should adopt
and why.
(40 marks)

Module One: Principles of Risk

8 Unit 2: Risk: an introduction

What is risk? While early risk managers and scholars contemplated this question, it is probably
fair to say that historical risk management principles and practices focused on a mainly
pragmatic answer. Since formal risk management practices centred on managing what are
called “insurable risks”, the definition tended to be influenced by the idea that risk had
something to do with the economic impact of fortuitous losses.

Later, with the advent of what is called “financial risk management”, the concept of risk
became associated with the modelling of probabilities related to the performance of financial
instruments – for example, variability in the sums that might be gained or lost through various
investment management techniques.

In both instances, the concept of risk came to be closely associated with theories and
practices arising from statistics and mathematics and with economics and finance. Simply put,
from a management perspective, risk came to be seen as a numerical or quantitative
phenomenon. Indeed, this orientation still casts a very long shadow over risk management
today. Taken to the extreme, we can even find individuals who argue that there is a single
number that might summarise an organisation‟s risk.

The business of risk measurement, whether it is manifested in pricing insurance or options and
derivatives, is huge and quite advanced. Specialists in these fields have shown both that there
is a demand for highly sophisticated statistical analyses of risk and that – on balance – such
experts produce reasonably good results.

Outside the field of risk management, the concept of risk has, of course, been considered for
hundreds of years. And in these broader settings, the quantitative view of risk does not appear
with the same regularity. Certainly, in scientific fields such as physics, engineering, chemistry,
and medicine, risk and uncertainty tend to be framed as statistical phenomena. But in the
liberal arts and social science fields, risk and uncertainty can be looked at quite differently, as
the following two illustrations demonstrate. First, the ancient Greeks considered random,
fortuitous events as evidence of the capricious acts of the gods. Second, legal scholars in
Europe during the Middle Ages viewed risk and uncertainty as “incomplete truths” and over
time established legal methods and procedures to add together incomplete truths to reach
“certainty”.

As the field of risk management has broadened, and as this expectation has pressured
organisations to integrate risk management practices, the limitations of both quantitative and
non-quantitative approaches to risk have become apparent. In general, the dynamic in the risk
management world since the mid-1990s has been characterised by an effort to adapt more
quantitative risk management approaches to accommodate the fact that our understanding of
risk is highly influenced both by human psychology and perception and by culture and social
systems.

Module One: Principles of Risk

Units 3 and 4 explore these developments. For now, Unit 2 provides students with a historical
perspective on the meaning of risk.

1. Williams, Smith and Young, Risk Management and Insurance (1998) Chapter 1
provides a basic review of key concepts, terms and principles that underlie most of the
thinking associated with risk and its management today. This reading should be partly
a refresher for students, but may very well introduce some new concepts and
perspectives.

2. Taleb, The Black Swan: The Impact of the Highly Improbable (2007), Prologue and
Chapter 1 provide a very provocative view of risk and draws our attention to a different
way of thinking about unusual and random events. Importantly for Unit 2, the author
directly wrestles with the difficulties in applying quantitative analysis to risks – even
risks that are commonly evaluated in highly quantitative ways.

3. Tabak, Probability and Statistics: The Science of Uncertainty (2004) Chapter 1

provides a short historical perspective on the concept of risk, reminding us that our
understanding of risk is relatively new and is based on some underlying assumptions
that largely are ignored by managers today.

4. Ross, The Polar Bear Strategy: Reflections on Risk in Modern Life (1999) Preface and
Chapter 1 offer an accessible discussion of risk and its management, with a particular
emphasis on its meaning for the general public. Students should be aware that an
important divide exists between “experts” and “non-experts” when it comes to risk. An
important long-term implication is that the communication of technical risk information
is fraught with difficulties, especially to lay or non-technical audiences.

5. Leslie, Capricious Fate and Human Folly (2008) considers the way that the concept of
risk has passed through the generations over hundreds of years, and it considers the
way that many organizations fail to heed the lessons from the past

6. Against All Odds (2011) provides a fascinating, up to date analysis of the range of risks
that countries, sectors, industries, organizations and individuals are likely to have to
face in both the present and in future years. One of the questions that arise from the
multitude of possible risks that we might face in the years to come is to know, which
risks will occur and which ones won‟t. How can the risk manager help the organization
find answers to these questions before it is too late? One possible answer is through
horizon scanning – looking ahead to try to detect early signs of change before it is too
late. Such discernment would be an example of how good risk management can be
used for strategic competitive advantages – true upside risk management.

Module One: Principles of Risk

8.1 Unit 2 Reading materials

Williams, C A, Smith, M L, and Young, P C, Risk Management and Insurance, 8th edition,
McGraw-Hill Book Company, 1998, Chapter 1

Taleb, N N, The Black Swan: The Impact of the Highly Improbable, Random House, 2007,
Prologue and Chapter 1

Tabak, J, Probability and Statistics: The Science of Uncertainty, The History of Mathematics
Series, Facts on File Publishing, 2004. Chapter 1

Ross, J F, The Polar Bear Strategy: Reflections on Risk in Modern Life, Perseus Books, 1999,
Preface and Chapter 1.

Leslie, A, Capricious Fate and Human Folly in Strategic Risk, June 2008, p9-10

Against All Odds, Strategic Risk Report, May 2011

8.2 Unit 2 Self-assessment

Students will be ready to move to Unit 3 when they can confidently answer the following
questions.

1. Williams, Smith and Young provide a basic review/introduction to key terms and
concepts. Be sure you can confidently define:
risk
uncertainty
pure and speculative risks
diversifiable and non-diversifiable risks, and
adverse selection and moral hazard

2. The definitions above are not without controversy. In particular, though the Diploma
takes a general view that risk itself is value-neutral and can produce either good or bad
outcomes, many in the field today view risk as a negative phenomenon. That is, they
use the term only to situations where bad possible outcomes occur – fires, accidents
and so on. Be sure you can articulate your view on this critical term and can defend
your particular position.

3. Taleb and Ross offer two interesting insights into the challenge of understanding risk.

Be sure you can explain Taleb‟s argument about the difficulty in quantifying
risks – even risks that supposedly are quantifiable.

Reflect on the implications of Ross‟s writings with respect to the possible

differences between “expert” and “non-expert” views of risk. This task is not
clearly and directly derivable from the reading. Students will have to think about
the possible differences between expert and non-expert views and possible
implications of those differences.

4. Tabak offers a historical view of the subject of risk. Trace briefly the development of the
idea of “randomness”.

Module One: Principles of Risk

5. In the „Against All Odds‟ report, students should become aware not only of the wide
range of risks that businesses will face, but also of the complex interdependencies of
risk events in the increased globalized world of the present decade. Consider how
some of these interdependencies can affect your organisation.

8.3 Unit 2 Previous examination questions

June 2011: Question 3

In his discussion of „black swans‟, Nassim Nicholas Taleb argues that many business
failures are caused not by what we know, but by what we did not expect or predict.

a) Describe the nature of black swan events in the business world, providing
examples where necessary to make your meaning clear.
(20 marks)

b) Explain how black swan events might typically be analyzed and evaluated and
(in effect) ignored by organisations.
(45 marks)

c) As a risk manager, identify strategies that you might employ to persuade the
Board of an organization to become more interested in the awareness and
management of black swans, particularly given the limited resources available
to manage risks in today‟s financially challenged times.
(35 marks)

June 2009: Question 5

a) Most organisations assess risks by reference to likelihood and impact.

Discuss what is meant by these terms.
(30 marks)

b) Many risks may have different types of impact. Suggest three different impacts
for two risks and explain how you might provide assistance to people in your
organisation to assess those impacts.
(30 marks)

c) Explain the difference between gross (or inherent) risk and net (or residual)
risk. Using two examples explain why this difference is important and when it
might be irrelevant.
(40 marks)

Module One: Principles of Risk

9 Unit 3: A modern understanding of risk: Part 1

Module One emphasises the idea of a modern understanding of risk. This should not suggest
that the concepts and principles that support the modern view are modern themselves. Most
are not. Rather, the phrase “a modern understanding” is used here to reference views that
began to coalesce in the early 1990s and continue developing today. Indeed, it probably is
more accurate to say that the modern view of risk is really an integration and development of
previously separate and historical views of risk.

Why has this happened? Later in Module One (and throughout the entire Diploma) students
will come to understand that the overarching dynamic of risk management since the 1990s has
been integration. This means that the general movement of the field has been from narrow,
technical specialisms, such as insurance buying and credit risk management, to an
organisation-wide, comprehensive approach to managing all organisational risks in
accordance with overall organisation goals and purposes. This dynamic has compelled
scholars and practitioners to think about risk and uncertainty in broader and more integrative
ways.

Unit 2 presents some of the historical antecedents and perspectives of a modern approach to
risk and its management. Units 3 and 4 carry the investigation further.

In Unit 3, risk is examined from both psychological and cultural perspectives. The overall
argument developed here is that, while risk may be an objective phenomenon of an uncertain
world (it will rain tomorrow or it will not), it is also fundamentally a social and psychological
construction. It is a way for the human mind to organise its understanding of a non-certain
world. As will be seen, thousands of years of biological and psychological development, along
with social changes, have strongly influenced how individuals and societies look at risk and
uncertainty. They continue to frame our understanding of risk today.

Unit 4 provides a more traditional treatment of risk from a management perspective, focusing
on its quantitative dimensions.

In order to move students toward a reasonably solid understanding of the psycho-cultural

dimensions of risk, the following reading is required:

1) Adams, Risk (2001), Chapter 2 offers a highly accessible introduction to the influence
of culture and human psychology on perception of risk and, indeed, on risk itself.

2) Adams, Risk (2001), Chapter 3 presents a more detailed view of risk perception on our
understanding of risk.

3) Tversky and Kahneman, “Judgment under uncertainty: heuristics and biases” (1974)
offer students some of the most challenging material in the entire Diploma programme.
Considered the leading thinkers on risk perception, the authors set out and summarise
their extensive work in the study of human behaviour under conditions of uncertainty.

4) Slovic, Fischhoff and Lichtenstein, “Facts vs. fears: understanding perceived risk”
(1980) complete the challenging reading in Unit 3 with an interesting exploration of
basic human emotions and their influence on perception of risk.

Module One: Principles of Risk

5) The Alarmed and Dangerous (2011) article provides a short, but most up to date
discussion of the top factors that affect risk perception and how the quantitative
aspects of risk assessment can actually lead to a complete mis-perception of the real
level of risk people face. In some respects therefore, it forms a bridge between Unit 3
and Unit 4

9.1 Unit 3 Reading materials

Adams, J, (2001) Risk, Routledge, Oxford, Chapters 2 and 3

Tversky, A, and Kahneman, D, Judgment under uncertainty: heuristics and biases, Science,
1974, vol. 185, pp 1124-1131

Slovic, P, Fischhoff, B and Lichtenstein, S, “Facts vs. fears: understanding perceived risk”,
Societal Risk Assessment: How Safe is Safe Enough? (Schwing and Albers, eds), Plenum
Press, 1980.

Alarmed and Dangerous, in Strategic Risk, April 2011, p21-23

9.2 Unit 3 Self-assessment

Students will be ready to move to Unit 4 when they can confidently answer the following study
questions.

1) Adams provides a good introduction to many of the ideas that arise from both
psychology and anthropology. Put simply, risk is partly a matter of perception, and
human psychology and culture highly influence perception. Using Adams as a guide,
provide a summary of his main points on this matter. How might understanding these
influences help you better manage risks?

2) Tversky and Kahneman present students with a real intellectual challenge since their
work is very academic in nature. However, they are towering influences in the
development of our modern view of risk. Every Diploma student should be aware of
them.

For self-assessment purposes, be sure you understand the meaning of the term
“heuristic”.
Define/explain the representativeness heuristic.
Define/explain the availability heuristic.
Define/explain the meaning of adjustment and anchoring.
To help you to consolidate your understanding of these concepts, try to identify
practical examples of them.

Module One: Principles of Risk

3) Slovic et al also are key figures in the study of risk perception – especially Slovic. In
some respects, this reading is an “application” of the Tversky and Kahneman work, and
students will find concepts revisited and examined in greater detail. Students should
attempt to summarise the basic thesis of this reading and to specifically consider:

The implication of this material on the challenge of communicating risk related

information.
How specific heuristics affect our perception of risks.
How overconfidence influences judgment of risk.

4) From the „Alarmed and Dangerous‟ article, students should attempt to have some
understanding of the ten factors that affect risk perception and as risk managers, they
should try to consider how to manage the natural bias that people have in terms of their
assessment of risk within the work environment. Can risk managers also face the risk
of bringing psychological biases into the work they do – how can the risk manager
remain objective in all that he/she does?

9.3 Unit 3 Previous examination question

June 2009: Question 2

Academic research tells us that perceptions of risk depend on whether the perceived
benefits of taking the risk outweigh the perceived dangers.

a) Explain this concept by reference to at least two examples

(30 marks)

b) Adams outlines four views of risk depending on an individual‟s perception of

how society is organised and whether human nature is collectivist or
individualist. Explain the four views and provide an example of each.
(40 marks)

c) What impact might differing perceptions have on the way individuals identify
and assess risk in an organisation?
(15 marks)

d) What does this tell us about the pros and cons of risk workshops in
organisations?
(15 marks)

Module One: Principles of Risk

10 Unit 4: A modern understanding of risk: Part 2

Unit 4 continues the discussion about risk and its meaning. Module Three: Risk Decisions,
provides a highly detailed exposition of decision theory which substantially rests on
statistical/mathematical and financial frameworks. Unit 4 serves two purposes: first, scene-
setting, and second, consciously connecting the material from Unit 3 with the quantitative side
of risk.

It is almost axiomatic in management today to say that risk is a matter of mathematical

probabilities. Finance and economics literature – indeed, many of the central theories
themselves – are based upon basic principles of mathematics and (particularly) probability.
“You can‟t manage what you can‟t measure” is a familiar summary of much of the professional
literature today.

If Unit 3 has accomplished its purposes, students should approach the material in Unit 4 with
some perspective on the challenge of measuring risk and uncertainty. While it is tempting to
focus on the technical aspects of gathering data, cleaning and organising it, and then
subjecting it to rigorous analysis, the preceding unit should remind students that human beings
are doing the gathering, organising and analysing, and that the decisions they make can be
unconsciously influenced by any number of biases and external effects.

“Objective” analysis is, in the minds of most scholars, almost impossible –such is the influence
of cultural filters and psychological factors. Risk managers can lament this fact, but recognition
that these factors must be identified and managed as well as possible is likely to be the more
constructive approach.

Having noted the pervasive influence of non-quantitative factors, professional risk managers
today must have a good understanding of mathematical, financial and economic perspectives.
There may be limits, but quantitative tools can support sound critical thinking and help
managers make better decisions.

In order to advance the discussion of risk, students should read the following:

1) Tabak (2004), Chapters 6 and 7 present a very accessible introduction to probability as

a mathematical discipline. While a detailed investigation of the uses of probability
analysis is deferred until Module Three, this reading lays a simple foundation for
understanding the mathematician‟s perspective on risk.

2) Williams, Smith and Young (1998) Chapter 3 offers a reasonably accessible

introduction to a highly complicated subject, the economics/finance view of risk –
particularly risk as it impacts organisations. This discussion does not presuppose that
students have knowledge of modern finance or economics, but it should help them
become aware of the basics of that perspective. The material also anticipates the main
themes of Modules Two, Four, and Five.

3) Gigerenzer, (2011), concisely summarises how a quantitative approach to risk analysis

could be abused by taking advantage of people‟s natural illiteracy in statistical analysis.
He focuses his article on the healthcare sector, although the concerns could easily be
generalised.

Module One: Principles of Risk

10.1 Unit 4 Reading materials

Williams, C A, Smith, M L, and Young, P C, Risk Management and Insurance, 8th edition,
McGraw-Hill Book Company, 1998, Chapter 3

Tabak, J, Probability & Statistics: The Science of Uncertainty, The History of Mathematics
Series, Facts on File Publishing, 2004. Chapters 6 and 7

Gigerenzer,G, Statistical Illiteracy Endemic in Healthcare, in Risk Management Professional,

March 2011, p39

10.2 Unit 4 Self-assessment

Students will be ready to move to Unit 5 when they can confidently answer the following study
questions.

1) Tabak provides a basic introduction to probability theory. Students should be sure they
can confidently explain:
A brief history of the concept of probability
Identifying real world applications/uses of probability theory, and the practical
strengths and weaknesses of application.

2) Williams, Smith and Young provide a fairly wide ranging discussion of the meaning of
risk in organisational settings. Importantly, they tie together the related issues of risk
and risk management. Drawing on economic and financial theory, they offer an
explanation of why organisations should care about risk and why they should practise
risk management. Students should be able to:

Briefly explain the concept of utility.

Summarise why corporations buy insurance, and extend that summary to
explain why corporations practise risk management.
Briefly describe the “agency” problem that exists between owners and
managers of firms.
Form their own view of the strengths and weaknesses of the Williams, Smith
and Young view.

3) From the short article by Gigerenzer, students should be able to consider how to look
for situations in which the statistics of likelihood and impact could be abused for both
political as well as innocent reasons, and how the misuse of statistics could result in a
loss of reputation for the risk profession.

Module One: Principles of Risk

10.3 Unit 4 Previous examination questions

June 2009: Question 3

a) Discuss the benefits of probability theory in helping to „measure‟ risks and

also explain the limitations.
(30 marks)

b) Explain what is meant by “uncertainty”

(20 marks)

c) “Unless you can measure it, you cannot manage it.” Discuss this saying in
the context of your answers above.
(50 marks)

June 2010: Question 3

a) Some people argue that the most important part of risk management is „getting
the numbers right‟. In your view what are the most important numbers,
quantitative techniques and probabilistic approaches for modern risk
management, and why?

(30 marks)

b) Some people argue that risk management is all about “getting the culture right”.
In your view what are the most important aspects of a risk culture in an
organisation, and why?

(30 marks)

c) Which is more important, numbers, process or culture, in developing risk

management within an organisation? Give reasons for your answer.
(40 marks)

Module One: Principles of Risk

11 Unit 5: Risk issues, problems and challenges

It is important for students to have an early indication of a range of issues, problems and
challenges that confront the risk manager today. Many of these reappear throughout the
Diploma and serve as a catalyst for serious investigation of their meaning and – perhaps –
their resolution.

Unit 5 presents introductions to and discussions of three important topics related to the
underlying concept of risk. The topics explored here are:

1) The concept of a “risk society”.

2) Is risk really a manageable thing?

3) What have been the most significant impacts on the risk profession as a result of
recent economic and political events, such as the „Credit Crunch‟ and subsequent
recession?

Piper‟s 2007 paper neatly summarizes the ideas of the risk society for an audience of internal
auditors and risk managers. This general idea is then taken further by Power, who, in 2004,
considers that risk management has taken on the purpose of a defensive mechanism, in which
organisations spend increasing resources, even in these economically challenging times, on
defending themselves for political rather than value for money reasons. He argues that such
defences are invested in because of an increasingly litigious society in which we live, but also
because of an increasingly aggressive media and an over-responsive political system. It
begins to question whether risk is truly a manageable thing.

Meanwhile, Anderson‟s 2009 OECD paper attempts to consider the underlying causes of the
global financial crisis of 2007-08, which lead to the 2009 recession in most western countries.
It again concludes that the problem was at least in part a problem of society, built on the
foundations of greed and a general view in society and particularly in the governance of the
financial services sector that risk was being disregarded or not understood.

Yates then asks, given that the recession is here, what are the challenges facing risk
managers to justify being kept on. It identifies five ways in which risk managers can prove their
value.

11.1 Unit 5 Reading materials

Anderson, R, Risk Management & Corporate Governance, OECD, 2009

Piper, A, Risk Society, in Internal Audit and Business Risk, January 2007, p14-17

Power, M, The Risk Management of Everything, Demos, 2004

Yates, H, Navigating the Downturn, in Risk Management Professional, September 2009, p20-21

Module One: Principles of Risk

11.2 Unit 5 Self-assessment

Students will be ready to move to Unit 6 when they can confidently answer the following study
questions.

1) Explain the meaning of risk society. What is your view of this concept, and what is its
potential relevance to the study of risk management?

2) Be able to explain Power‟s view of the challenge of managing risk in a way that truly
adds value to an organisation, rather than being used for political and/or potentially
unethical reasons.

3) Understand the many risk related reasons behind the catastrophic failures in the
leadership of financial institutions and in particular whether you feel there is a
possibility of similar disasters in years to come (e.g. through sovereign debt problems).
What challenges emerge for Chief Risk Officers in terms of being able to raise their
profile in order to prevent future risk-based disasters of this form? Quite simply,
students should be able to state their opinion about whether or not risk is manageable.

11.3 Unit 5 Previous examination questions

June 2010: Question 5

a) Bernstein and Power both make powerful arguments that risk management is
becoming a pervasive and all-encompassing approach to life. Outline briefly the
key points of their arguments.
(30 marks)

b) Using the example of the 2008 banking crisis, some would argue that risk
management has failed to live up to its promises. Present the argument for this
point of view.

(30 marks)

c) How would you explain, in the light of your answers to parts (a) and (b) above,
the importance of risk management to your organisation?
(40 marks)

June 2010: Question 6

The Walker Report talks about Board Risk Committees, the US Securities and
Exchange Commission talks about Risk Oversight Committees. If you were given a
free hand and a blank sheet of paper, what would you expect either of these two
committees to do, and why?

(100 marks)

June 2009: Question 6

The financial crisis has demonstrated once and for all that risk management is an utter
waste of time and resources, distracting management‟s attention from where it should
really be focused. Discuss.
(100 marks)
Module One: Principles of Risk
© IRM September 2011 26
Module Handbook: Principles of Risk

12 Unit 6: Risk: an application

Unit 6 offers students an opportunity to consolidate and organise their own thinking about the
subjects of risk, uncertainty and some of the affiliated concepts presented previously.

Read the ShopMart case study. This story is a rather prosaic small business case study and,
in most respects, does not offer the reader much in the way of drama. This is by design, as
one of the central themes is the ordinariness of much risk as a feature of life and – more to the
point here – of life in organisations. Further, the story allows students to begin to see one of
the more central challenges of effective risk management, which is the interconnection of risks
within an organisation. The human mind may tend to compartmentalise risks, but
organisations do not encounter risks that way.

After reading the case study, go to the self-assessment section and attempt to answer the
questions and complete the tasks.

12.1 Unit 6 Reading materials

ShopMart Case Study, 2007

12.2 Unit 6 Self-assessment

Students will be ready to move to Unit 7 when they can confidently answer the following case
study questions.

As a first effort in critical thinking, the ShopMart case study is highly detailed yet undramatic.
There are no crises, no unexpected turns of events and no headline-grabbing scandals or
situations. This actually suits the purposes of the exercise as the point is not to fixate on
solving a critical problem, but rather to contemplate risk in the context of an ordinary
organisational setting.

The abundance of detail and information serves a purpose, too, but mainly in the sense of
forcing students to cut through the clutter and to think about the underlying risk issues. Often,
the detailed information is what needs analysis (square footage, losses, events), and certainly
one should not ignore that detail. However, this case is intended to serve as an exercise for:

a) Consolidating students‟ thinking about the information presented in the previous

units

b) Joining this new knowledge with their prior knowledge, and

c) Attempting to get beneath the surface of the facts to understand risk in

organisational settings.

1) Why is the history of ShopMart important for understanding present risk management
needs? Can you identify a risk, for example, that might otherwise be avoided, but
which for some reason must be retained and faced.

Module One: Principles of Risk

2) Consider the readings on the psychology and culture of risk. Are you able to discern
any evidence of a “view of risk” within the management team? For example, can you
see evidence of:

Whether ShopMart is a risk taking or risk averse organisation, or

Blind spots where risk may be present to outsiders but is perhaps not seen by
management?
What are the “risk awareness” issues as you see them?

3) Considering the information presented which is factual, statistical and financial, do you
think that it is adequate to make risk management decisions? Even if you judge the
information to be adequate, what would be your concerns?

4) Although Module Two delves deeply into the subject of risk and organisations, what do
you see as the main risks faced by ShopMart? Don‟t limit your thinking to the tangible
risks, such as warehouses fires or injuries to employees. Be mindful that risks might be
“cognitive”. For example, the absence of information might be judged to be quite an
important issue for the firm.

12.3 Unit 6 Previous examination questions

June 2011: Question 6

You are a risk management consultant who has been called in to help the owner of a
company manufacturing and distributing gifts. The company employs 10 people and is
located in a remote mountainous national park in Europe. The company wants to
expand further, but the bank manager refused to provide a loan because it felt that the
company did not have any meaningful approach about managing its risks. You have
already discovered that:
Last year‟s accounts show sales of €5m, profit of €0.5m and a cash balance of
€50,000, all of which are slightly improved on the previous year.
In one large building it makes gifts (small pottery, glass products). Most of the
products are made by hand and it buys raw materials from one local supplier.
All of the finished goods are stored in an old building nearby.
Last year it began importing and selling other gifts (small wooden ornaments)
from Kenya and Uganda. The African products are managed by an import-
export company based in Kenya and normally take two months to arrive.
It sells the gifts by mail order, through an internet catalogue. After it receives a
credit card payment, the products are gift-wrapped and driven to the nearest
town to be mailed to the more distant customers or driven to local customers.

Corporate Aim: to be the best choice for high quality tourist giftware in the region.

Module One: Principles of Risk

You are also provided with an analysis of the company‟s secondary objectives
(tabulated below):

1. To maintain and grow clients, thus increase sales

2. To open a shop to sell direct to tourist visitors. This will supplement internet
sales
3. To increase sales prices on goods
4. To reduce purchase prices and other running costs
5. To ensure a strong cash balance
6. To deliver goods on time
7. To protect the company‟s assets (buildings, computers, cars, stores etc)
8. To have a good information system for operating performance management
and decision making purposes
9. To employ high quality, well trained local people in a safe environment
10. To build the company's reputation

a) Evaluate the company‟s Corporate Aim and the appropriateness of its set of
secondary objectives.
(30 marks)

b) Identify three key risks facing the company and propose a strategy the owner
may employ to assure the bank manager that the company is serious about
managing its key risks.
(40 marks)

c) Explain how the owner‟s personal background could result in an irrational

approach to enterprise risk management in this company.
(30 marks)

Module One: Principles of Risk

13 Unit 7: A short history of risk management

In developing a view of risk, the earlier units have hinted at the evolutionary dynamic of risk
management. The remaining units of this module and of the entire Diploma are geared toward
modern principles and practices, so perhaps a small interlude is warranted here to look back
at the history of risk management.

……and God created the World in seven days

….. and God created life, the animals, the plants
animals had an instinct to survive in a world full of risk
animals good at surviving this risk lived, animals that were not as good died
….and God created Adam and Eve as the first humans
humans excelled over other animals in adapting to and overcoming their survival risks.
They prospered
but some humans were better at managing survival risks than others – the good
humans survived and prospered
other humans that were not so good died or became slaves.

From this simple storyline we can see that risk and the management of risk has been possibly
the key feature of the whole theory of evolution, both for humans and more fundamentally for
life. The simple storyline also provides a clear demonstration of the upside and the downside
of risk. The storyline explains why

Humans increasingly rationalised events down to

o Chance
o Fate
o Religious and superstitious explanations

Which lead to responses to risk that exist right to the present day
o Why do soccer players have their special boots, or put on their left sock first?
o Why do people throw salt over their shoulder or worry if they break a mirror?
o Why in China is 8 a lucky number and 4 a number with a bad omen?
o Why should we have fish on a Friday?

Which in turn lead to…

o The rise of charlatans who could exploit people‟s fears
o The rise of charlatans who could tempt people to seek unattainable opportunity
o The power of religious leaders who had the right to call upon divinity to bring
about good or bad. Excommunicated merchants would find his contracts were
invalid
o The wealthy enhanced their reputation in this world and mitigated the risk of not
being able to enter heaven in the next world by pious acts of religion, giving
alms to the poor and endowing the church with works of art (maybe an early
form of Corporate Social Responsibility?)

But there was another significant trend…

o Knowledge of cause and effect (as people experience & understand better their
environment – initially from the passing down of stories and then from first
written records)
o Turning mystery & superstition into uncertain uncertainty and then into known
uncertainty (ENLIGHTENMENT), which moved on into being able to measure
risk for the first time.

Module One: Principles of Risk

There is great value in looking at the past. Not only can it provide insight into the
developmental dynamic of the field, it provides important guidance in understanding why the
modern world appears as it does.

For example, rarely does a risk manager find him/herself in a position where a risk
management programme can be started with a blank sheet of paper. Programmes, problems,
benefits and, indeed, the risks themselves are inherited, and it is useful to understand that
most of these factors exist for a reason. At some time, someone made a decision (or didn‟t!),
and the result is the organisational structure, cluster of risks, bureaucratic resistance or
successful programme encountered today. Historical reasons may no longer be valid, but the
decision to dismantle or change programmes should at least be informed by an understanding
of the historical context.

Therefore, the history of risk management does not just present students with an impersonal
story about past developments. It may offer insights that explain the actual landscape they
encounter in their everyday jobs. It also leads ultimately to the development of the Risk
Management standards, which are a key entry point into this module.

Key risk events of the new Millennium to date:

2000 The Year 2K bug didn‟t bite

2001 The 9-11 attack – increased focus on terrorism risks and Continuity
planning
2001- The failure of Enron, Worldcom, Andersen & Sarbanes Oxley Act
02
2003 SARS and start of Avian flu pandemic fears

2003 The Iraq war began

2004 Sumatran Earthquake and Tsunami

2005 The 7-7 attack

2007 The first sub-prime defaults, Northern Rock crisis

2007 Taleb‟s Black Swans

2008 The worst financial crisis since the 1930s

2009 Recession in the Developed World and a whole new risk landscape

2010 The stirring of the Arab Spring and the start of public sector austerity

2011 The Japanese Earthquake and Tsunami

2012- The Sovereign Debt Financial Crisis leads to a second world

13? Economic Crisis?

Module One: Principles of Risk

In order to provide a reasonably comprehensive historical view, students should read the
following.

1) Kloman, “A short history of risk management: 1900-2002” (2002) offers an introductory

historical perspective on key developments in the history of risk management since
1900. Though the material skims the surface of a very complex subject, it serves a
good and useful role in orienting students toward key events in the history of the field.

2) McNeil, Frey, & Embrechts, Quantitative Risk Management: Concepts, Techniques,

and Tools Chapter 1 provides students with a perspective on historical developments
from the financial risk management point of view.

3) Williams, Smith and Young, Risk Management and Insurance, Chapter 2 (1998) offers
a more substantive view of the history of traditional risk management practices and
gives some insights into the dawning of the modern scene. As it was written at the turn
of the new century, it anticipates many of the issues discussed in Unit 8 and thus
serves as a good transition from this unit to the next.

4) Leslie, „Everything Changes, Nothing Changes‟ (2009) involves a short, two-page look
back to medieval and renaissance Europe to see how business managed risk

13.1 Unit 7 Reading materials

Kloman, F, “A short history of risk management: 1900-2002”, Risk Management Reports, 2002

Leslie, A, „Everything Changes, Nothing Changes‟ in Strategic Risk, January 2009, p28-29

McNeil, A J, Frey, R & Embrechts, P, Quantitative Risk Management: Concepts, Techniques,

and Tools, Princeton University Press, 2005, Chapter 1

Williams, C A, Smith, M L, and Young, P C, Risk Management and Insurance, 8th edition,
McGraw-Hill Book Company, 1998, Chapter 2.

31.2 Unit 7 Self-assessment

Students will be ready to move to Unit 8 when they can confidently answer the following study
questions and activities.

1) Kloman‟s article is very much a timeline without a great deal of detail. Nevertheless,
students should attempt to develop a kind of mental picture of the key
developments in the field over the past 100 years. What are these developments
and when did they occur?

2) For students from a more traditional insurance-buying background in risk

management, the McNeil et al material serves as a bit of an eye opener in as much
as it reveals a kind of parallel universe rich in experience and language that has
grown up with only limited connection to more traditional risk management
approaches. Today, the specialty areas have collided and are now considered an
integrated part of modern risk management practices.

3) Students should attempt to summarise the financial risk management story and
explain key ideas in some detail.
Module One: Principles of Risk
© IRM September 2011 32
Module Handbook: Principles of Risk

4) Williams, Smith and Young make their final appearance in the Diploma by providing
a more detailed history of traditional risk management practices, while also
attempting to integrate the financial risk management story.

5) As students consider the short Leslie article, they should attempt to develop a
history of risk management that they can rely upon as a foundation for further study
on the subject in the Diploma. In doing so, students should attempt to consider this
overriding question: As a modern risk manager, why is it useful to understand
something of the history of Risk Management?

13.3 Unit 7 Previous examination questions

June 2011: Question 2 (note that this question also has relevance to Unit 8)

The Risk Management profession has a history of change and development.

a) Evaluate how the risks faced by organisations in the next ten years are likely to
be in some ways unchanged but in other ways very different from how they
were during the previous ten years.
(60 marks)

b) Consider the skills and qualities that will be required of a Chief Risk Officer and
the risk team to meet the likely demands of the next decade.
(40 marks)

June 2010: Question 4 (note that this question also has relevance to Unit 1)

a) You have just been co-opted onto the committee of your national standards-
setting body. Most of the other members are interested in a particular field (e.g.
Health & Safety, or engineering risks) but you have been asked to provide
some background on the history of Enterprise Risk Management, where it has
come from and what is shaping current thinking. Outline the notes you will use
for this purpose.
(30 marks)

b) Explain what, in your view, an Enterprise Risk Management standard should

include.

(40 marks)

c) Compare your proposals in 4(b) above with at least one other major national or
international standard on risk management. Highlight the differences and
explain how this could be significant to users of the standard.
(30 marks)

Module One: Principles of Risk

14 Unit 8: Risk management: the modern and future scene

In one important sense, the entire Diploma might be entitled “risk management: the modern
and future scene”. So, as with much of Module One, the purpose here is to introduce current
practices and to set the stage for what lies ahead.

The goal of Unit 8 then is to offer students an opportunity to see the present order of things
with respect to risk management practices. The challenge is two-fold; first, to avoid covering
ground over which students have previously travelled, and second, not to go too far into the
details that make up the substance of – particularly – Modules Four and Five. We also
consider the implications for the future of risk management and in particular the challenges
facing Risk Managers in meeting future expectations

In order to do this, students should read the following in the order presented below.

1) Adams (2007) in Risk management is not rocket science; it is much more complicated,
offers a current essay on the challenges of risk management in the modern world. It
succinctly describes the three vitally important concepts of risks perceived directly,
risks perceived through science and virtual risks.

2) Ward (2005) in chapter 1 of Risk management organisation and context, provides an

accessible look at the various directions that might be travelled in developing risk
management in modern organisations. In effect Ward offers a framework for defining
levels of risk management maturity and describing how risk management maturity
might be developed.

3) The Economist Intelligence Unit (2010) in Fall Guys: Risk Management in the Front
Line examines the changing and developing role of risk management in the business
world and examines the views both from risk professionals and their clients. It does this
in a series of six short chapters. Perhaps one of the most striking outcomes appears, in
chapter 1, to indicate that the risk profession still struggles to link risk management with
the overall corporate strategy; a theme which is a neat curtain raiser for the next
module „ Risk in Organisations‟. In effect the message that comes from this reading
supports Ward‟s idea of developing risk management maturity

4) Skinner (2010) in It‟s in Our Hands interviews the IRM‟s Andrew Keeling in this short
article. Keeling provides a nice summary of the challenges facing the risk profession
following the vast changes in economic conditions over the last three years, and lists
the range of skills and competencies that will be needed by Chief Risk Officers in the
decade to come

Taking these four readings together, we should end the module with a note of caution: so
when the Chief Risk Officers finally do their job fantastically well; against all the odds, they
embed risk management throughout the organisation, so that every becomes a competent risk
manager; the big risk is that the organisation thinks that it has matured far enough in risk so
that doesn‟t need the risk manager any more. Alternatively, if the Chief Risk Officer does less
than fantastically well for their business, in these harsher economic times, they may well lose
their job anyway!

Module One: Principles of Risk

18.1 Unit 8 Reading materials

Adams, J, “Risk management is not rocket science; it is much more complicated”, Public Risk
Forum, May 2007, p9-11

Skinner, N, It‟s in Our Hands, in Strategic Risk, March 2010, p30

The Economist Intelligence Unit, Fall Guys: Risk Management in the Front Line, a report from
the Economist Intelligence Unit, sponsored by ACE and KPMG, 2010

Ward, S, (2005) Risk management organisation and context, Witherbys, London, Chapter 1

18.2 Unit 8 Self-assessment

A student should only proceed to preparations for the examination when he or she has
confidently applied the content of the reading material against the following activities.

1) Summarise Adams‟s thesis. Students should reflect on their view of his argument.

2) Ward offers an excellent template for thinking about the practical routes available for
organisational adoption of risk management (Chapter 1). Summarise his framework.

3) The environment of external expectations, as noted previously, is a hugely important

phenomenon in modern risk management. What is the Economist Intelligence Unit‟s
view of the gaps in strategic risk management? Students should attempt to ascertain
issues that underlie the problems of traditionally focusing Risk Management on the
negative activities of business, the difficulties of embedding risk management
throughout the business and how the Chief Risk Officer can build better relations with
the board.

4) Summarise Andrew Keeling‟s arguments on the skills and the competencies needed
for Chief Risk Officers in the years ahead

18.3 Unit 8 Previous examination questions

June 2010: Question 1

a) Swine flu, Avian flu and SARS are all “Virtual Risks”, therefore we do not need
to worry about them. Discuss.
(30 marks)

b) With regard to your own organisation or an organisation of your choice, give two
examples of each of “Directly Discernible” and “Visible Through Science” risks
and explain why they would be categorised as such.
(20 marks)

c) Adams suggests one taxonomy of risks. Describe two other taxonomies that
might be useful in running a risk management programme.
(20 marks)

Module One: Principles of Risk

d) Some commentators argue that using Adams‟ approach to classifying risks helps
them to determine in part the right way to respond to a risk. Discuss this by
reference to practical examples.
(30 marks)

June 2009: Question 1

a) John Adams describes three types of risk: directly discernible, visible through
science and virtual. Explain what he meant by these three descriptions.
(30 marks)

b) Provide an example of each type of risk in a commercial or organisational

environment and explain why it is either directly discernible, visible through
science or virtual.
(20 marks)

c) Could these risks be classified under different definitions in different

organisations? Discuss.
(20 marks)

d) Explain the significance of the type of risk to the determination of an

appropriate risk response by reference to the examples you have provided.
(30 marks)

Module One: Principles of Risk

15 Appendix: Self-assessed, answers, comments and suggestions

Unit 1: What you should know, what you will learn

1) Prepare a general two to three paragraph summary of the IRM/AIRMIC/ALARM A

structured approach to Enterprise Risk Management (ERM) and the requirements
of ISO 31000. Students will encounter other standards throughout the Diploma
programme, but this particular standard

a) is highly influential in the UK and other countries, and

b) serves to consolidate a basic understanding of modern risk
management practices.

The purpose here is to translate the document into a format that works for the student.
However, students should be sure to include:

a) Some summary of the terms and central concepts

b) The risk management framework, and
c) The document‟s vision of the purpose of risk management in organisations.

The main point of this exercise is to get students to think about the purposes of
standards and other external expectations. Is a standard just a “user‟s manual” for
practising risk managers? Are there others (executives, other managers, external
stakeholders) for whom such documents are written? What might such documents be
intending to say to each of the audiences?

A broad theme that emerges in the Diploma is the need to understand the strengths
and weaknesses of the various standards, statements and guidelines that exist. Some
serve as basic checklists – adopting what might be called a rules-based approach (“Do
this, this and this, and you are practising risk management”). Others are principles-
based (“A well risk managed organisation looks like this. What are you doing to operate
in such a manner?”). Some are technical and geared mainly to technical specialists,
while some are seeking a general audience.

Importantly, students should reflect on the intent. Superficially, one could answer, “to
give organisations guidance on effective risk management”, and that would not be
wrong. However, as future modules will show, we need to think about the benefit that
an organisation should derive from effective risk management practice. Does it add
value to the organisation, and if so, how?

Module One: Principles of Risk

2) Young presents a basic introduction to the concept of enterprise risk

management (ERM), which is the most influential idea governing modern risk
management practices today. Be able to summarise the ERM concept and cite at
least one or two “issues” identified as present in the modern risk management
world.

The ERM concept has been variously defined. Central to it are beliefs that:
a) Risk management is driven by policy and that top management has an
obligation to set policy
b) Risk management means the management of all risks in a holistic and
integrated manner, and
c) All managers and employees are risk managers within the scope of their
duties.

Issues and problems today include “championing”, leadership, disputes over key terms
and ideas, and the newness of many practices and principles.

3) Bernstein introduces some key issues associated with modern thinking on the
subject of risk. Explain Bernstein‟s argument about risk management becoming
a “new religion”.

Central to Bernstein‟s view is the idea that people are putting as much faith into the
value of numbers as they previously put into religious beliefs. Consequently, many
important assumptions, issues and limitations are left unexamined and can produce the
same kinds of problems encountered by religious leaders during the Protestant
Reformation. Further, this phenomenon can lead to a kind of rigidity in thinking that
prevents new ideas and evidence from getting the serious attention they probably
deserve.

4) Andersen gives students a good look ahead at many issues that will be explored
in the latter Diploma modules. For now, summarise his view of about the
relationship between risk management, organisational strategy and governance.

Risk management is an integrated aspect of strategy setting and organisational

governance. Since risk and uncertainty are intrinsic to virtually every aspect of our
world, it is important that risk management considerations are a central aspect of how
an organisation sets its goals and pursues them.

Students should be sure here to understand the basic definition of governance, which
essentially refers to those activities that pertain to the managing of the organisational
enterprise. It includes setting rules and policies, managing regulatory and external
requirements, corporate social responsibility, management of ethical and legal
considerations, and stakeholder management.

Module One: Principles of Risk

Unit 2: Risk: an introduction

1) Williams, Smith and Young provide a basic review/introduction to key terms and
concepts. Be sure you can confidently define
a) risk
b) uncertainty
c) pure and speculative risks
d) diversifiable and non-diversifiable risks, and
e) adverse selection and moral hazard.

Answers are easily found in the reading material, as each term is discussed under a
heading oriented toward the term or concept.

2) The definitions above are not without controversy. In particular, though the
Diploma takes a general view that risk itself is value-neutral and can produce
either good or bad outcomes, many in the field today view risk as a negative
phenomenon. This means that the term only applies to situations where negative
possible outcomes occur – fires, accidents and so on. Be sure you can identify
your view on this critical term and defend your position.

There are a number of ways to approach the controversial aspects of the definitions,
but students should be clear that the central debating point is this: does the concept of
risk include recognition of up-side and down-side possibilities, or does it not? The side
that one takes on this question will greatly influence every aspect of one‟s interpretation
of the purpose and benefit of risk management.

3) Taleb and Ross offer two interesting insights into the challenge of understanding
risk.

a) Be sure you can explain Taleb‟s argument about the difficulty in

quantifying risks – even risks that supposedly are quantifiable.

Taleb‟s central point is that highly unlikely events are issues of great import to risk
managers of all kinds (catastrophes as well as big returns on speculative investments),
but that these events are not amenable to statistical analysis, whereas more “ordinary”
events are. He believes that confidence in statistics gained from measuring ordinary
risks frequently spills into areas where confidence should not be present (the Black
Swans), and he believes this can harm critical thinking about such possible events.

b) Reflect on the implications of Ross‟s writings with respect to the

possible differences between “expert” and “non-expert” views of risk.
This task is not clearly and directly derivable from the reading.
Students will have to think about the possible differences between
expert and non-expert views and possible implications of those
differences.

The issue is more fully discussed in Module Three, but the main point here is to
underscore the fact that there are differences between how experts and non-experts
look at risk. In democratic settings, the gap is not just an intellectually interesting
matter. It influences what can be done about risks and how those actions may be
undertaken.

Module One: Principles of Risk

One of the critical issues to highlight here is that perception and reality may not always
match, but for the risk manager this means that perceptions cannot simply be rejected
out of hand; they must be managed.

4) Tabak offers a historical view of the subject of risk. Trace briefly the
development of the idea of “randomness”.

Before probability existed as a scientific concept, humans created many models for
interpreting their non-certain world. Randomness was variously seen as the result of
capricious gods, natural forces beyond comprehension or fortune. It is somewhat
useful to consider, as Bernstein does in Unit 1, the relationship between beliefs in a
pre-probability world with those in a post-probability world. Bernstein cautions that
there may be more of a linear relationship than one might suppose.

5) In the „Against All Odds‟ report, students should become aware not only of the
wide range of risks that businesses will face, but also of the complex
interdependencies of risk events in the increased globalized world of the present
decade. Consider how some of these interdependencies can affect your
organisation.

A whole section of the report, under the heading, „Now we‟re all in it together‟ highlights
the dangers of the interconnectivity of risks across the globe. Thus risks which
crystallise in Japan can have direct and indirect impacts in Europe and similarly
crystalizing technological risks can have legal implications. So not only do risks
interconnect geographically, they also connect amongst different risk types.

Module One: Principles of Risk

Unit 3: A modern understanding of risk: Part 1

1) Adams provides a good introduction to many of the ideas that arise from both
psychology and anthropology. Put simply, risk is partly a matter of perception,
and human psychology and culture highly influence perception. Using Adams as
a guide, provide a summary of his main points regarding this matter. How might
understanding these influences help you better manage risks?

Students must recognise that risk has both an objective reality (it will rain tomorrow or it
will not) and what might be called a subject reality (perception of the risk, shaped by
psychological factors, cultural factors and other intangibles) that influence our efforts to
manage risk.

Risk compensation is a critical concept, and students should be comfortable not only
explaining but also illustrating it. Risk compensation refers to the circularity of risk and
our response to it. That is, we see a risk and adjust our actions (differently, of course,
and not always consistently with others). Thus, from a risk management standpoint, it
is useful to identify and understand not just a risk but also the likely responses. Adam‟s
“risk thermostat” model is a useful image in conveying the point, and students should
understand it.

The risk measurement challenges discussed by Adams underscore a central question:

“what is being measured?” Adams notes that knowing what we are measuring is
important and difficult because of the interdependent nature of many/most risks.

2) Tversky and Kahneman present students with a real intellectual challenge since
their work is very academic in nature. However, they are recognised as towering
influences in the development of our modern view of risk. Every Diploma student
should be aware of these two individuals.

a) For self-assessment purposes, be sure you understand the meaning of

the term “heuristic”.
b) Define/explain the representativeness heuristic.
c) Define/explain the availability heuristic.
d) Define/explain the meaning of adjustment and anchoring.
e) To help you to consolidate your understanding of these concepts, try
to identify practical examples of them.

The concept of a heuristic is that of a “simple model” or a simplifying way to organise

one‟s understanding of a complex situation. It may also have predictive qualities. The
reading material delineates the various heuristics, and students should be able to
summarise the author‟s definitions.

Notably, each of these heuristics seems to be nearly unconsciously applied by the

decision maker and thus can influence the actual decision making process. Anchoring
is a good illustration of this fact; research has shown that a person‟s initial assessment
of a situation (a risk) has a persistent influence on the interpretation of that risk, even
when it is clearly shown that the initial assessment was wildly inaccurate. This is a
challenge for risk managers – to understand that such influences exist and to take
steps to deal with them.

3) Slovic et al also are key figures in the study of risk perception, especially Slovic.
In some respects this reading is an “application” of the Tversky and Kahneman
work and students will find concepts revisited and examined in greater detail.
Module One: Principles of Risk
© IRM September 2011 41
Module Handbook: Principles of Risk

Students should attempt to summarise the basic thesis of this reading and to
specifically consider:

a) The implication of this material on the challenge of communicating risk

related information.
b) How specific heuristics affect our perception of risks.
c) How overconfidence influences judgment of risk.

Slovic et al present this information in a reasonably straightforward manner, but

students should answer these questions in a manner that is accessible for them.

Having said that, answers for a) should emphasise the importance of anticipating how
audiences are likely to receive risk information and how various influences might affect
their interpretation.

Students should be able to show evidence of heuristics in action and to contemplate

possible measures for addressing their presence. Module Three will present various
ways in which biases can be identified and controlled.

Over-confidence is an important phenomenon, perhaps especially when so-called

experts are involved. However, it is a naturally occurring psychological phenomenon
and risk managers should be conscious that it is a particularly pernicious influence on
assessing and measuring risks.

4) From the „Alarmed and Dangerous’ article, students should attempt to have
some understanding of the ten factors that affect risk perception and as risk
managers, they should try to consider how to manage the natural bias that
people have in terms of their assessment of risk within the work environment.
Can risk managers also face the risk of bringing psychological biases into the
work they do – how can the risk manager remain objective in all that he/she
does?

The article identifies and explains the following ten factors: the media, bias in statistics,
personal experience, entertainment influences, how people see the world from (for
example political backgrounds), the familiarity of the risk, the necessity to live with the
risk, recent risk events, the individual‟s education and the scale of risk.

As a risk manager it is important to be aware of these factors and how they can affect
people and additionally the risk manager can educate individuals within the
organisation on how no-one is immune from these influences in the way they
assessment. Being aware increases the likelihood that people will identify and assess
their risks in an objective, unbiased form.

In the same ways as the CRO needs to communicate to his/her clients on the
psychological and cultural biases in risk perception, he/she also needs to be aware of
his/her own biases as well as those of his/her risk team. It is a vital challenge for risk
managers to view risks in an unbiased and objective manner in order to promote a
consistent attitude to risk across the organisation in line with the risk appetite. Rather
disturbingly, some studies have indicated that people attracted to the Risk
Management profession have a certain bias towards risk because they are trained to
sniff out and worry about what might go wrong – they might be over pessimistic
towards risk taking.

Module One: Principles of Risk

Unit 4: A modern understanding of risk: Part 2

1) Tabak provides a basic introduction to probability theory. Students should be

sure they can confidently:

a) Explain a brief history of the concept of probability, and

b) Identify real world applications/uses of probability theory, and the
practical strengths and weaknesses of application.

There are many ways for students to summarise the concept. The essential
requirement here is to acknowledge the rather narrow sense in which the concept was
framed and studied (games of chance), and its slow, incremental extension into more
practical applications. Limitations are numerous, but include:

a) Difficulties in gathering information

b) Problems in controlling for extraneous influences, and
c) Difficulties in understanding cause/effect relationships.

2) Williams, Smith and Young provide a fairly wide ranging discussion of the
meaning of risk in organisational settings. Importantly, they tie together the
related issues of risk and risk management. Drawing on economic and financial
theory, they offer an explanation of why organisations should care about risk,
and why they should practise risk management. Students should be able to:

a) Briefly explain the concept of utility.

b) Summarise why corporations buy insurance, and extend that summary
to explain why corporations practise risk management.
c) Briefly describe the “agency” problem that exists between owners and
managers of firms.
d) Form their own view of the strengths and weaknesses of the Williams,
Smith and Young view.

This material is, admittedly, challenging for individuals who have not been exposed to
modern finance principles. However, the main objective here is for students to get a
general sense of this theoretically based view of risk.

Students should strive to understand the following basic elements:

I. Generally speaking, organisations prefer certainty over uncertainty, and thus

risk exacts a cost, often called a “deadweight cost”. However, risk can also lead
to higher rewards, so the general idea behind risk management is to reduce the
costs of risk and enhance the potential benefits – all in accordance with the
goals and purposes of the organisation.

II. The argument about why corporations buy insurance is an interesting mental
exercise. In principle, publicly traded companies have “natural insurance”
because shareholders can spread their risks by having a well diversified
investment portfolio. At least in theory, they should be largely indifferent as to
whether any one company has insurance or practises risk management. “If
owners/shareholders of the company don‟t care, why should we?” The material
lays out the arguments for why – in the absence of a theoretical rationale -
organisations in fact do buy insurance and do practise risk management.

Module One: Principles of Risk

III. Although it may seem a technical point, students should reflect on the issue of
“agency”. Many theories of management today struggle with the question that
as managers and owners are often not the same people, how do owners
assure themselves that managers operate in the best interest of owners? Not
only is the issue of agency generally important in management studies, but also
savvy students will recognise that it is a huge “governance risk” as well, and
thus should be managed.

3) From the short article by Gigerenzer, students should be able to consider how to
look for situations in which the statistics of likelihood and impact could be
abused for both political as well as innocent reasons, and how the misuse of
statistics could result in a loss of reputation for the risk profession.

Gigerenzer warns the risk manager to be wary of any quantitative approach to

measuring risk, and especially in measuring the risk reduction that occurs between
inherent risk and residual risk.

Like in most cases of reputation risk, damage only occurs when the stakeholders
affected realise they have been done wrong; thus while the CRO‟s stakeholders are
blissfully ignorant of the misuse of statistics to support political or economic ambition
reputation damage is unlikely.

But ethically, his point indicates the importance of risk managers constantly challenging
the risk statistics being bounded around and converting the figures into a language
which has meaning and clarity to the recipient; which allows them to truly understand
the nature and level of risk they are exposed to both before and after the risk response.

Module One: Principles of Risk

Unit 5: Risk issues, problems and challenges

1) Explain the meaning of risk society. What is your view of this concept, and what
is its potential relevance to the study of risk management?

There are many ways to discuss this. The recommendation here is for students to
make sure they can discuss the origins of the risk society, which increasingly crosses
borders and is a global thing. People are increasingly the causes and the managers of
risk in all aspects of society. The article also discusses local and global influences. In
other words the risk society can lead to local perceptions of risk caused by local
environments. We should also note how the media‟s reporting of events can influence
the shape of society‟s view of risks and from a practical point of view, how can the risk
manager ensure that his/her organization‟s risk register takes account of the societal
influences?

2) Be able to explain Power‟s view of the challenge of managing risk in a way that
truly adds value to an organisation, rather than being used for political and/or
potentially unethical reasons.

The underlying theme of power‟s article is that risk management is torn between the
purpose of adding value through achieving strategic objectives and being used as a
political tool to avoid the responsibility for blame in society. Paradoxically he takes the
view that the latter approach forms an increasing and „serious risk to society‟. In that
sense, his article forms an extension of the previous paper on the risk society. He
argues that a more demanding society, with individual rights results in greater
defensive action by organizations, including more of a box-ticking compliance culture.

One of Power‟s interesting observations is the question of risk management adding

value to an organization. Adding value for whom? His argument could well be that the
Risk management of everything shifts the added value approach from the customer or
the citizen to that of the protection of the Board by ensuring reputation is maintained.

3) Understand the many risk related reasons behind the catastrophic failures in the
leadership of financial institutions and in particular whether you feel there is a
possibility of similar disasters in years to come (e.g. through sovereign debt
problems). What challenges emerge for Chief Risk Officers in terms of being able
to raise their profile in order to prevent future risk-based disasters of this form?
Quite simply, you should be able to state your opinion about whether or not risk
is manageable.

Richard Anderson‟s paper uncovers and discusses many issues around the
relationship between Corporate Governance, ethics, strategy and risk management
which form the dominant features of modules 2 and 4.

He talks about a whole host of connected reasons and failings by connected parties,
which lay behind the global financial crisis and the onset of recession. Students are
encouraged to take note of these causes, since in effect each of these made the
strategic models adopted by businesses much more open to the crystallization of risk
as soon as economic sentiment began to change.

Module One: Principles of Risk

In particular was the link between governance and performance and Anderson
implicitly questions the weaknesses in society which applauds moderately bad board
behaviour so long as it results in good financial performance, while at the same time
condemning responsible board behaviour if it leads to bad financial performance. How
should the CRO react to the either of these scenarios?

However, as the question implies, the complexities and conflicts of the purposes of
organizations in society can only result in some scepticism about the limits of risk
management, and this serves as a cautionary tale for students proceeding through the
Diploma. Put simply, to apply effective risk management, organisations must first be
absolutely clear in what they want to achieve. This is why the first stage of the
ISO31000 framework is all about objective setting and there is a question on whether
this needs to be the CRO‟s first point in developing any approach to risk management.

Section 6 of Anderson‟s report looks specifically at ethical and other challenges facing
risk management in organisations and how the CRO needs to have an independent
and objective approach in dealing the organisation‟s culture and some of the more
dominant personalities.

Module One: Principles of Risk

Unit 6: Risk: an application

ShopMart case study

1) Why is the history of ShopMart important for understanding present risk

management needs? Can you identify a risk, for example, that might otherwise
be avoided but which for some reason must be retained and faced.

The simple answer is this: since the firm has never practised risk management, there
will be easy challenges (one can start with a blank sheet of paper) and harder
challenges (nothing has ever been managed before, so there may be very tricky
problems).

Also, the changing nature of the organisational structure moving from a family business
to a quasi-publicly owned enterprise would seem to be a hugely important issue. The
nature of ownership interests is changing, and one would assume this would also
change goals and expectations. By implication, this could affect every aspect of how
the firm operates.

Clearly, other points could be made about historical influences.

An example of risks that might present “avoidability issues” could be the interesting
influence of family members‟ interests. If the CEO‟s wife, for example, is interested in
the environment and healthy living, her interest might influence whether certain
activities can or cannot be dropped.

2) Consider the readings on the psychology and culture of risk. Are you able to
discern any evidence of a “view of risk” within the management team? For
example, can you see evidence of:
Whether ShopMart is a risk taking or risk averse organisation or
Blind spots where risk may be present to outsiders but is perhaps not
seen by management?
What are the risk “awareness” issues as you see them?

Many particular points are possible. It seems a fundamental fact is that risk has never
been consciously considered and thus there appears to be no coherent view of risk.
From this basic observation, one might then speculate on whether the business as it
exists is a manifestation of psychological factors. For example, ShopMart is not a
cohesive set of enterprises and thus its present form could be interpreted as evidence
of a rather risk-taking approach.

3) Considering the information presented which is factual, statistical and financial,

do you think that the information is adequate to make risk management
decisions? Even if you judge the information to be adequate, what would be your
concerns?

Although some debate is possible, it really would be difficult to say that there is
adequate statistical and financial information on which to render decisions. To the
student, it may seem that there is a great deal of information, but this perception versus
the reality underscores the difficulty in obtaining adequate information.

On the other hand, the case is a good cautionary tale for students, because they are
often likely to encounter such situations where information is inadequate. Indeed, it
could be said that “quality of information,” or lack thereof, is a fundamental risk issue
for most organisations.
Module One: Principles of Risk
© IRM September 2011 47
Module Handbook: Principles of Risk

4) Although Module Two delves deeply into the subject of risk and organisations,
what do you see as the main risks faced by ShopMart? Don‟t limit your thinking
to the tangible risks, such as fires in warehouses or injuries to employees. Be
mindful that risks might be “cognitive”. For example, the absence of information
might be judged to be quite an important issue for the firm.

Lack of a clearly articulated strategy seems to be a fundamental issue. Lack of

cohesion across segments, or lack of an explanation for the diversity, is also worrying.

The inconsistencies of purpose between the family-owner perspective and the publicly
owned perspective also seem to be a concern.

Other issues could be mentioned, but students should not get fixated on the obvious
surface issues here. Yes, worker safety, customer safety and product safety are
issues. Fundamentally, however, uncertainties about the transition from family
business to “something else”, plus the lack of a clear strategy, are huge influences on
everything else. If it is not certain what the organisation is trying to do, it is impossible
to judge the worth of any particular activity or issue. “Is a risk management measure
good or bad?” We cannot say unless we know the overall purposes and goals of the
organisation.

Module One: Principles of Risk

Unit 7: A short history of risk management

1) Kloman‟s article is very much a timeline without a great deal of detail.

Nevertheless, students should attempt to develop a kind of mental picture of the
key developments in the field over the past 100 years. What are the key
developments and when did they occur?

Many summaries are possible. Perhaps the main point would be that risk management
has historically existed as a technical function – in reality many technical functions.
Recent history has seen these functions beginning to overlap and the start of a view
that risk management is also a “general management” function, which is to say that it is
an integrated aspect of all management.

2) For students from a more traditional insurance-buying background in risk

management, the McNeil et al material reveals a kind of parallel universe rich in
experience and language that has developed with only limited connection to
more traditional risk management approaches. Today, the specialty areas have
collided and are now considered an integrated part of modern risk management
practices. Students should attempt to summarise the financial risk management
story and explain key ideas in some detail.

The key for students is an understanding that financial risk management – while
adhering to a set of principles common to all risk management – has matured in an
environment largely separate from other historical forms of risk management. Thus, the
language is different and the issues may be stated differently. Students should think
about this history in terms of the larger dynamic which is the integration of all technical
aspects of risk management into a more holistic approach.

3) Williams, Smith and Young make their final appearance in the Diploma by
providing a more detailed history of traditional risk management practices, while
also attempting to integrate the financial risk management story. Students
should develop a history of risk management that they can rely upon as a
foundation for further study on the subject in the Diploma.

As with several other self-assessment tasks, the point here is for students to translate
the history into a story that makes sense to them and that they can carry forward.

Module One: Principles of Risk

4) As students consider the short Leslie article, they should attempt to develop a
history of risk management that they can rely upon as a foundation for further
study on the subject in the Diploma. In doing so, students should attempt to
consider this overriding question: As a modern risk manager, why is it useful to
understand something of the history of Risk Management?

We can answer this question with a range of summary bullet points

The scope of risk management has changed to such a degree in recent years
that conventional views of risk have had to be altered.
Historically, risk management has focused on the mathematics of hazard-
based risks or on financial risks. It tended to focus on specific risks rather than
the whole risk universe
You need to understand the history to explain where we are now in Risk
Management and where all this leads for the future. In that sense Unit 7
introduces Unit 8 – the modern & future scene
You will see that our changing world has produced new risks that do not easily
fit into historical frames of reference.
Risk Management Frameworks have developed only since 1999. In a sense,
this is the final chapter of „The History of Risk Management‟

Module One: Principles of Risk

Unit 8: Risk management: the modern and future scene

1) Summarise Adams‟ thesis. Students should reflect on their view of his argument.

Adams‟ view in this article is consistent with his other writings in Module One.
Essentially, he takes the view that risk management is not just a mathematical or by-
the-numbers, technical managerial function. Perceptions, psychology and culture are
important integrated aspects of risk, and thus are important issues for risk managers to
understand and address. In this sense, risk managers are both natural scientists and
social scientists. Neither role is more or less important than the other.

2) Ward offers an excellent template for thinking about the practical routes
available for organisational adoption of risk management (Chapter 1).
Summarise his framework.

The principal point to carry forward from Ward is the notion that organisations will
approach risk management from different directions depending on situations, needs,
organisational structure and risk issues – even leadership personalities and culture.
Thus, a discussion of the history of risk management has to recognise the “situational”
nature of developments within an individual organisation.

Importantly, Ward raises the issue of the uniqueness of risk management within each
organisation and by implication the challenge of finding the proper way forward. The
potential complexity of the challenge might also be identified as a difficult factor.

3) The environment of external expectations, as noted previously, is a hugely

important phenomenon in modern risk management. What is the Economist
Intelligence Unit‟s view of the gaps in strategic risk management? Students
should attempt to ascertain issues that underlie the problems of traditionally
focusing Risk Management on the negative activities of business, the difficulties
of embedding risk management throughout the business and how the Chief Risk
Officer can build better relations with the board

The executive summary points to some of the main gaps that underlie strategic risk
management. It then explores some of the issues deeper in each of the short chapters,
providing interesting empirical evidence to support its arguments. Firstly it looks back
and claims that risk management failed in the years leading up to the financial crisis of
2007-08 and that the response is to increase the risk functions authority and
responsibility, especially in financial services.

It provides evidence to suggest that while senior executives regard strategic risk
management as being very important to business success even now there are very few
businesses that take a strategic approach to risk management, with a particular
weakness in the area of newly emerging risks. Meanwhile Risk Managers are rarely
involved in evaluating major strategic decisions and having an input into strategic
decision making. It further claims that embedding an enterprise wide risk management
culture remains an elusive and difficult concept to achieve in reality.

It describes how this scenario frustrates many risk managers, who actually do desire to
take on a more strategic and enabling role, with less focus purely on controlling
downside risk. Risk managers also feel frustration over the limited desire to invest
further in risk management resources, although economic conditions and cost
constraints have, at least in part, contributed to this difficulty.

Module One: Principles of Risk

While the report finds evidence that risk functions have increased their authority, there
is a fear that when the economy returns to more sustained growth the focus will once
again turn away from risk and return to the focus on growth and return. Therefore a key
challenge facing risk managers is to have the foresight to be able to think how they can
still be relevant when economic conditions change.

Finally given the doubts about the risk expertise in the non-executive directors, the
paper offers guidance on how risk managers can take a greater strategic role in the
business by working more closely with and possibly helping to educate non-executives
in their role of challenging board strategic direction, particularly in the area of risk
oversight.

4) Summarise Andrew Keeling‟s arguments on the skills and the competencies

needed for Chief Risk Officers in the years ahead

Keeling indicates that the role of the CRO is at a crossroads. They can rise to the
challenge of fulfilling a role at strategic level or accept that their task goes no further
than looking at compliance and internal controls. The simple likelihood of more
regulation, as well as the failings over strategic risk management, discussed in Unit 5
and in the EIU paper (above), both provide the opportunity for raising the profile of the
CRO like never before.

But raising the CRO‟s profile requires a range of skills and competencies in at least
three areas:
a) technically in terms of their knowledge and skills in risk management,

b) organisationally in terms of their commercial acumen, knowledge of the

business and strategic vision and finally,

c) behaviourally in terms of their ability to communicate, persuade and inspire

(but at the same time remain independent) at board level and throughout the
organisation, but also in terms of their effective leadership of the risk
function.

The Institute of Risk Management

6 Lloyd‟s Avenue
London EC3N 3AX
Tel: +44 (0)20 7709 9808
email: [email protected]
web: www.theirm.org

Module One: Principles of Risk

The Occult Sciences in Byzantium
90% (10)
The Occult Sciences in Byzantium
234 pages
COVID-19: Remote Work & Wellbeing
92% (12)
COVID-19: Remote Work & Wellbeing
78 pages
(2013) Des Gasper. Development Ethics. What Why How PDF
No ratings yet
(2013) Des Gasper. Development Ethics. What Why How PDF
26 pages
Risk and Organisations: International Diploma in Risk Management
No ratings yet
Risk and Organisations: International Diploma in Risk Management
35 pages
Module 3: Risk Decisions: International Diploma in Risk Management
No ratings yet
Module 3: Risk Decisions: International Diploma in Risk Management
31 pages
Module 4: Risk Leadership: International Diploma in Risk Management
No ratings yet
Module 4: Risk Leadership: International Diploma in Risk Management
43 pages
Risk Management Diploma Syllabus
100% (1)
Risk Management Diploma Syllabus
6 pages
Module 5: Risk Solutions: International Diploma in Risk Management
No ratings yet
Module 5: Risk Solutions: International Diploma in Risk Management
57 pages
Acf 360 Risk Management Module Course Plan 2122
No ratings yet
Acf 360 Risk Management Module Course Plan 2122
29 pages
IRM Blended Learning for Risk Management
No ratings yet
IRM Blended Learning for Risk Management
46 pages
TM 6 Fundamental of Risk Mnagement
No ratings yet
TM 6 Fundamental of Risk Mnagement
23 pages
Erm Syllabus 07 09 22 Final
No ratings yet
Erm Syllabus 07 09 22 Final
46 pages
BF3329: Risk Management: Week 1: Introduction
No ratings yet
BF3329: Risk Management: Week 1: Introduction
21 pages
Risk Management Module Guide
No ratings yet
Risk Management Module Guide
7 pages
Professional Programme in ERM
No ratings yet
Professional Programme in ERM
21 pages
Module A
No ratings yet
Module A
16 pages
Risk Management Merged
No ratings yet
Risk Management Merged
150 pages
Mac3761 Lu15 Risk Management and Governance
No ratings yet
Mac3761 Lu15 Risk Management and Governance
5 pages
Module 4
No ratings yet
Module 4
6 pages
ISO 31000 Risk Management Process: Osama Mohammed Quality & Safety Officer
No ratings yet
ISO 31000 Risk Management Process: Osama Mohammed Quality & Safety Officer
25 pages
BSBPMG632 Student Assessment Tasks - 1
No ratings yet
BSBPMG632 Student Assessment Tasks - 1
73 pages
Fundamentals of Enterprise Risk Management Level 1
No ratings yet
Fundamentals of Enterprise Risk Management Level 1
12 pages
Enterprise Risk Management Syllabus
No ratings yet
Enterprise Risk Management Syllabus
6 pages
Fs Spec September 2023 2
No ratings yet
Fs Spec September 2023 2
45 pages
Regulatory Risk Management Guide
No ratings yet
Regulatory Risk Management Guide
35 pages
Risk Management Module
33% (3)
Risk Management Module
36 pages
Unit 1 - Risk Management
No ratings yet
Unit 1 - Risk Management
51 pages
Business Risk Management Subject Overview
No ratings yet
Business Risk Management Subject Overview
10 pages
RMinBusiness Ch1
No ratings yet
RMinBusiness Ch1
50 pages
Diploma in Risk Management Syllabus 2022
No ratings yet
Diploma in Risk Management Syllabus 2022
4 pages
Week 3 Part2 - Risk Management Process
No ratings yet
Week 3 Part2 - Risk Management Process
29 pages
1.1 Principles of Risk Management
No ratings yet
1.1 Principles of Risk Management
18 pages
IIRSM MRE-Factsheet 2024
No ratings yet
IIRSM MRE-Factsheet 2024
2 pages
Unit 1 - Introduction To Risk Management
No ratings yet
Unit 1 - Introduction To Risk Management
19 pages
Risk Management
No ratings yet
Risk Management
30 pages
Risk Management
No ratings yet
Risk Management
46 pages
BSBOPS504 Topic 1 V1 1220
No ratings yet
BSBOPS504 Topic 1 V1 1220
35 pages
CRMA Learning Unit 3
No ratings yet
CRMA Learning Unit 3
17 pages
Risk Management & Control Module Outline
No ratings yet
Risk Management & Control Module Outline
5 pages
Intro To Risk Management Unit 1
No ratings yet
Intro To Risk Management Unit 1
11 pages
Project Risk Management Hanbook
No ratings yet
Project Risk Management Hanbook
8 pages
Risk Management Course NQF 5
No ratings yet
Risk Management Course NQF 5
6 pages
Ghid Manual Management Risc
No ratings yet
Ghid Manual Management Risc
23 pages
Risk MGT Training Slides
No ratings yet
Risk MGT Training Slides
32 pages
Risk Management Syllabus Update Final July 2021
No ratings yet
Risk Management Syllabus Update Final July 2021
15 pages
BSBRSK501 - Manage Risk
80% (5)
BSBRSK501 - Manage Risk
30 pages
Risk Management Summary Module 1-4
No ratings yet
Risk Management Summary Module 1-4
5 pages
Tutorial Letter 501/4/2019: Aprm04X
No ratings yet
Tutorial Letter 501/4/2019: Aprm04X
18 pages
Erm Certificate Brochure
No ratings yet
Erm Certificate Brochure
16 pages
Risk Management for Undergrads
No ratings yet
Risk Management for Undergrads
10 pages
BUSM117 Week 1 What Is Risk and Crisis Management - Basic Concepts DR 15
No ratings yet
BUSM117 Week 1 What Is Risk and Crisis Management - Basic Concepts DR 15
52 pages
Risk Management
No ratings yet
Risk Management
7 pages
Fundamentals of Enterprise Risk Manageme
No ratings yet
Fundamentals of Enterprise Risk Manageme
64 pages
Risk Management
No ratings yet
Risk Management
107 pages
Introduction To Risk Management
No ratings yet
Introduction To Risk Management
26 pages
Lesson 1 Risk Management Concepts and Principles
No ratings yet
Lesson 1 Risk Management Concepts and Principles
18 pages
Risk Management for BSc Students
No ratings yet
Risk Management for BSc Students
3 pages
BSBOPS403 PowerPoint Slides.v1.0
No ratings yet
BSBOPS403 PowerPoint Slides.v1.0
72 pages
CHEM 155 Introduction FEB 2022
No ratings yet
CHEM 155 Introduction FEB 2022
77 pages
Theory Application On Faye Glenn Abdellah Final
No ratings yet
Theory Application On Faye Glenn Abdellah Final
9 pages
Religion and Politics
No ratings yet
Religion and Politics
8 pages
Einstein Relativity
100% (1)
Einstein Relativity
184 pages
Principles of Business Management
No ratings yet
Principles of Business Management
89 pages
Competency Based Approach
No ratings yet
Competency Based Approach
10 pages
Teaching Assistant Help With Coursework
67% (3)
Teaching Assistant Help With Coursework
4 pages
Concept of State and Nation
100% (1)
Concept of State and Nation
54 pages
01 Readings 1
No ratings yet
01 Readings 1
9 pages
Margaret Newman's Theory Group 5
No ratings yet
Margaret Newman's Theory Group 5
18 pages
Action Theory and The Training Performance Application
No ratings yet
Action Theory and The Training Performance Application
10 pages
Philippine Constitution SOURCE: de Leon Hector
100% (2)
Philippine Constitution SOURCE: de Leon Hector
11 pages
SW Groupwork 2020
No ratings yet
SW Groupwork 2020
8 pages
ПМиИИ ПП ENG
No ratings yet
ПМиИИ ПП ENG
26 pages
Lecture Notes General Surgery 12th Edition Harold Ellis Instant Download
100% (3)
Lecture Notes General Surgery 12th Edition Harold Ellis Instant Download
123 pages
1994 Guba Lincoln Paradigms Quali Research Chapter
No ratings yet
1994 Guba Lincoln Paradigms Quali Research Chapter
14 pages
Brun Explication and Conceptual Engineering
No ratings yet
Brun Explication and Conceptual Engineering
31 pages
Scientific Inquiry and Pseudoscience Quiz
No ratings yet
Scientific Inquiry and Pseudoscience Quiz
23 pages
An Introduction To Cybernetics (Ashby)
100% (2)
An Introduction To Cybernetics (Ashby)
156 pages
7759 Cad-27
No ratings yet
7759 Cad-27
7 pages
Michele Acuto, Simon Curtis Eds. Reassembling International Theory Assemblage Thinking and International Relations
No ratings yet
Michele Acuto, Simon Curtis Eds. Reassembling International Theory Assemblage Thinking and International Relations
157 pages
East Asian Individualism's Roots
No ratings yet
East Asian Individualism's Roots
29 pages
Business Ethics P. 93-104
No ratings yet
Business Ethics P. 93-104
3 pages
Speculations 22
No ratings yet
Speculations 22
176 pages
Business Research Lit Review Guide
No ratings yet
Business Research Lit Review Guide
7 pages
Advocacy Practice For Social Justice 4th Edition Richard Hoefer PDF Download
No ratings yet
Advocacy Practice For Social Justice 4th Edition Richard Hoefer PDF Download
98 pages
English 2 Unit II Module 1 PDF
No ratings yet
English 2 Unit II Module 1 PDF
31 pages