Welcome Guest! To enable all features please Login or Register.



#1 Posted : Tuesday, March 24, 2015 11:54:51 PM(UTC)

Rank: Administration

Groups: Registered, Administrators
Joined: 10/23/2013(UTC)
Posts: 7

RiskWaves is for Risk Managers

In scanning the blogosphere for insights on risk management, it’s impossible to ignore some of the entrenched opinions from consultants accustomed to monopolizing the dialogue on ERM. On one hand, diverse opinions are a sign of a healthy industry. On the other hand, one closed albeit vociferous mind can pollute the market for new ideas and innovation, reminding us how important it is to exercise our intellect for ourselves, even if it doesn't align with the agendas of the loudest voice in the room. This post is to help readers understand why our system takes the drastic step of allowing Risk Managers to multiply likelihood and consequence intervals to produce ranges for a quantitative exposure to risk, and how we blend targeted treatments with the natural benefits of diversified risk in a portfolio.

Why We Do Things the Way We Do

Our solution is not telling you the right philosophy for tackling or analyzing risks, and certainly, our system is not biased towards any specific type of risk or risk analysis method. Our RiskWaves solution handles qualitative risk and quantitative risks, and even goes a step further, letting you classify risks based on controllability and transferability, all to help you achieve consistency and quality in your shared risk management process. There are dozens of ways to model exposures to Risk in our system, and a bevy of treatment options, including user defined options.

In terms of quantitative risks, we offer you the ability to type in your own estimates, make statistically derived estimates (see product briefing for more details), use custom built polynomial formulas for estimates of risk variables, and even develop trend based confidence and prediction intervals using time series analysis. These techniques are common practice among risk analysts. However, our decision to let you handle the probability of likelihood and consequence independently in developing the estimates of your exposures to risk seems to be foreign to some people, so it needs to be addressed.

There are several reasons we chose to make this approach available to you. First, the ability to handle likelihood ranges and consequence ranges separately does not mean you have to. If you wish to combine the likelihood and consequence variables, you are free to do so by making either variable binary. Secondly, from a treatment perspective, being able to estimate likelihood and consequence independently provides you with the ability to more granularly treat your exposures. Your treatments can focus on one aspect (likelihood or consequence), or both aspects of the exposure. For example, if you know for a fact that your exposure is limited to one event, then you can target your treatment solely on the consequence. On the other hand, if your exposure consists of multiple chances of incurring a consequence, you can design a treatment to deal with both the chances as well as the consequence. The latter point is more salient when you are dealing with a likelihood that has a different probability distribution than the consequence. Also, the combination of low and high estimates for likelihood and consequence for an exposure at a given confidence level will generally produce the same results as a simulation at the product of the two confidence levels. Lastly, separately studying likelihood and consequence adds clarity. What use is repeatedly feeding event data into a black box if you still need to break the results apart to communicate to management how the exposure was calculated? Suppose you are given a list with event costs by day, so you put the data into a model and rely on its output. How confident should you be in the results? The list says nothing about how many events occurred each day. It would be tantamount to using a stock's price to forecast the value of a portfolio when the number of shares is constantly changing.

Our Approach Is Not Breaking News to Businesses

Some will argue that modeling risk exposures individually sacrifices the diversification benefit you receive with a Monte-Carlo approach wherein multiple exposures are combined. And this is not only true, it is also by design. RiskWaves is designed to manage not just what exposures will likely amount to (expected scenario), but also what they could amount to (worst case scenario). Simulations are great for forecasting, but provide little consolation to stakeholders when rare events or combinations of events significantly reduce shareholder value. We advocate for containing exposure (ERM) while balancing the risk reward payoffs (RM) using simulation. That said:
  • RiskWaves lets you simulate payoffs for each quantitative treatment to capture average net benefit as well as the net benefit at the common percentile points selecting up to 2,000 turns.
  • Our system also provides a module for you to assign each of your simulation results to a RiskGroup with its own beta to indicate which direction the simulation should move in the context of the overall RiskGroup (normally this will be -1 or +1).
  • RiskWaves RiskGroups lets you to perform aggregate simulations (with up to 2,000 turns) of the various simulation records in each group at various percentiles.
  • You can then download the results to a cube that allows you to analyze the likely aggregate treatment impact and remaining target risk levels by Objective, Risk Source, Risk Category, Entity, Period, Financial Statement Item, and other dimensions.
  • Risk Groups allow you to establish baseline and scenario based ranges for the child simulations which allows you to model risk levels under extremes.]
  • In addition, RiskWaves lets you pair off exposures that you know offset each other in accordance with user defined business rules.

The benefits of Monte-Carlo notwithstanding, business leaders cannot simply tell their bosses that while the big risks are big, they really aren't so bad when we combine them with the risks that haven't materialized. Nor do managers get away with diluting their meaningful exposures with red-herrings designed to conceal failures in execution. Walk into any Fortune 100 operations review and you will more than likely hear the finance people presenting their risks from two dimensions: rate and volume. For example, when talking about revenue, few simply say "we are missing revenue and designing treatments to deal with it". It is broken down to an actionable level. For example, you would hear an explanation of how much of the revenue miss is attributable to gaps in customer counts, and secondly, what portion of the revenue miss is attributable to average revenue per customer. Or you might hear a discussion about average product revenue versus average sales volume. It is almost always done like this for a simple reason; it is a more effective to strategize solutions when they are not framed as a one-dimensional problem, or presented in a chart that has to be deconstructed to identify what the real problem is.

You Decide

What it boils down to is whether you agree with this line of discourse: We planned on selling 1,000 machines at $500 per machine this year for total revenue of $500,000. We are 99% sure we will actually sell between 900 and 1,100 machines at an average price of between $450 and $550. This means we are 99% sure that our worst case scenario for total revenue is $405,000. So our exposure in achieving our target this year, as of today, is $95,000. We are developing contingencies to reduce this exposure as the year unfolds, consisting of new market entry and value added services. We will fund these initiatives through favorable cost variances in our overtime budget, and ensure that the treatments cover any incremental costs.

Looking Forward

A blogger opines that the approach detailed above is dangerous because (a) Risk has a shape, and (b) we misinterpreted ISO 31000. Our argument does not force you to disregard the shape of risk over time, in fact, when you use time series analysis, our system emphasizes the importance of visually inspecting your trend, and provides you with a chart of your data. In terms of ISO 31000, we are fully supportive and we believe, fully aligned with ISO, and will be when it is revised. We encourage ISO to develop their standards based on their own objectives, and not to abandon their history of objective and sound advice to appease special interests.

The ISO has done a splendid job providing framework guidance, definitions, baseline methodologies and process suggestions to the Risk Management community. It is important that the ISO not repeat the mistakes of other comparable professional organizations (to remain un-named), that never met an unappealing concept, and in order to satisfy the multitude of competing constituent competencies, allowed its scope to eclipse its value.

Edited by user Friday, April 10, 2015 8:14:32 PM(UTC)  | Reason: Not specified

Thank You
Risk Control Assoc. Admin
Users browsing this topic
Guest (8916)
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.