Assignment 7: Internal Controls and Operational Risks

What is risk appetite?

Amount of risk an organization is willing to take on in order to achieve an anticipated result or return.

What is risk tolerance?

The amount of uncertainty an organization is prepared to accept in total or more narrowly within a certain business unit, a particular risk category or for a specific initiative. (Used with permission of RIMS.)

What is internal controls?

A system or process that an organization uses to achieve its operational goals, internal and external financial reporting goals, or legal and regulatory compliance goals.

focused on the accuracy of bookkeeping, but they gradually expanded toward financial audits and accounting accuracy.

What is management controls?

A system of specified standards or objectives against which an organization’s management measures performance.

What is control environment?

The degree of importance a board of directors and management place on their organization’s internal control system and their related actions.

What is preventive controls?

Controls designed to prevent errors or inconsistencies.

What is detective controls?

Controls designed to detect errors or inconsistencies after they have occurred.

What is Frameworks?

an approach to project planning and execution in which portions of the project are divided by requirements or problem statements and addressed separately, but in a way that will integrate.

What is COBIT?

Control Objectives for Information and Related Technology

framework that would enable organizations to communicate about their IT-related needs, strategies, and governance.

identifies gaps between the actions of operations and the controls put in place by risk management, but also it helps identify opportunities for improvement in those two areas

main methods to help control operational risks is to provide an organizational structure that ensures IT initiatives are aligned with the organization’s overall goals

What is operational risk?

Any possibility of loss arising from people, processes, systems, or external events.

What is phising?

A fraudulent email scheme by which an unauthorized party tricks email recipients into clicking on a link, thereby unwittingly exposing their personal or confidential information to the sender.

What is capital markets?

A financial market in which long-term securities are traded.

What is insurance linked securities

A financial instrument whose value is primarily driven by insurance and/or reinsurance loss events.

What is special purpose vehicle?

A facility established for the purpose of purchasing income-producing assets from an organization, holding title to them, and then using those assets to collateralize securities that will be sold to investors.

What is blockchain?

A distributed digital ledger that facilitates secure transactions without the need for a third party.d

What is basis risk?

The risk that the amount the organization receives to offset its losses may be greater than or less than its actual losses.

What are three actors of securitization?

• The organization transferring risk

• The investors who take on the risk

• The special purpose vehicle (SPV)

What are parametric triggers?

operate along this same philosophy by linking the execution of a contract to a predetermined parameter or metric related to the subject of the contract, often via a blockchain

What is objective trigger?

measurement that determines the value of an insurance-related capital market product based on a parameter that is not within the control of the organization transferring the risk