1 / 32

Risk Assessments

Risk Assessments. From qualitative to quantitative. Agenda. Introduction Case presentation Introduction to distributions Risk quantification Risk simulation Discussion and wrap-up. About DNV. Purpose: to safeguard life, property and the environment

theophilus
Download Presentation

Risk Assessments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Risk Assessments From qualitative to quantitative

  2. Agenda • Introduction • Case presentation • Introduction to distributions • Risk quantification • Risk simulation • Discussion and wrap-up

  3. About DNV • Purpose: to safeguard life, property and the environment • Independent foundation created in 1864 • Over 9,000 employees working from 300 offices in 100 countries providing: • Assessment, Advisory, Certification, Assurance and Training services • DNV assists organisations in a wide range of sectors to indentify, assess, manage and communicate on risk and sustainability, building sustainable value, resilience and stakeholder trust

  4. Introduction Workshop Introduction Case Quantification Simulation End

  5. Assumptions • You are familiar with thinking about risks • You are comfortable with risk registers • You are familiar with qualitative risk identification and assessment

  6. Why should we quantify risks? • Makes a risk register richer and potentially more nuanced • May simplify discussions relating to risk appetite • Can summarise a risk register into one figure • Simulation results may change priorities 

  7. Why shouldn’t we quantify risks? • Some risks don’t lend themselves to quantification • Reputation risks are notoriously hard to pin down • When too many simplifying assumptions must be made • E.g. Gaussian cupolas and credit default swap pricing • When risks are too diverse • Don’t compare apples to motorcycles 

  8. Quantifying risks

  9. Changing definition of risk • Measurable uncertainty Knight, Frank H. (1971), “Risk, Uncertainty and Profit” (University of Chicago Press), Orig. pub. 1921 • Combination of the probability of occurrence of harm and the severity of that harm Source: ISO/IEC Guide 51:1999 • Combination of the probability of an event and its consequence ISO/IEC Guide 73:2002 • Chance of something happening that will have an impact on objectives AS/NZS 4360:2004 • Effect of uncertainty on objectives ISO 31000:2009

  10. For this workshop session Unwanted event → Negative consequence

  11. Short case description Workshop Introduction Case Quantification Simulation End

  12. Hi-tech corporation Hi-tech corporation is a multi-national company that produces and sells hardware and services on several continents. They pride themselves in a good reputation for corporate governance, social responsibility and good worker practices.

  13. Description Hi-tech corporation use outsourcing and complex supply chains very efficiently They use raw materials and components sourced from all over the world

  14. Market situation is extremely competitive Marketing research has shown that customers in Western countries are willing to pay a premium for Hi-tech corporation’s products Surveys identified their reputation for fairness to employees, and that their products are perceived as having high quality as the main reason for this

  15. Financial performance last year Revenue 3bn 4% increase year on year R&D expenses £80 m After tax profit £500 Launched 4 new products

  16. Qualitative risks

  17. Qualitative help

  18. Risk quantification Workshop Introduction Case Quantification Simulation End

  19. Risk quantification in this model is in two steps • Quantify probability of occurrence • Quantify loss distribution on occurrence

  20. Step One - Assigning probabilities

  21. Step two – Quantify the loss if the unwanted event occurs • Statisticians have spent many years identifying distributions in data sets • Ideally, use historical data to identify impact of risks and fit a distribution

  22. We will simplify – By using the Trigen function • Need three values • P10 • Most likely • P90

  23. How do we quantify using the trigen function? • Imagine 10 outcome scenarios ranging from worst case to best case • Your P10 value is your second best outcome scenario • Your P90 value is your second worst outcome scenario • Most likely is the median, which usually is somewhere in the middle ..

  24. Criticism of the trigen function

  25. Each group will quantify one risk • Assign • P10 • Most likely • P90 Group exercise

  26. Simulation Workshop Introduction Case Quantification Simulation End

  27. Summary of model outputs • Mean value • The average expected loss over the next year • In a humdrum year, we would expect our humdrum loss to be this value • Standard deviation • Quantifies the range of the possible outcomes • The narrower the “better”, as it increases our confidence in the mean value • ±1.96 * Standard deviation • Our 95% confidence band • We are 95% certain our losses will not exceed/be inferior to these thresholds

  28. Did our risk priorities change? • The tornado graphs show correlation between simulated losses related to each risk and total simulated losses • This information is useful with regards to prioritising risk mitigating actions and controls • Our qualitative register suggests we start with mitigating risk 8 – Stolen product designs • What does our model say?

  29. And for those of a statistical persuasion • Fit the aggregate exposure to statistical distributions • If this is consistent over a 10 – 15 year period you may consider using …

  30. Conclusion

  31. Thank you • Please fill in the feedback forms • May your risk management make you sleep well at night

  32. Safeguarding life, property and the environment www.dnv.com

More Related