When approaching risk financing decisions, the first step is to establish your foundation for risk appetite before taking a deep, analytical dive into a key risk or risks to investigate. (See part one of this series in the January issue and part two last month.)
Finally, by using the “as-is” and unmitigated modeling results, it is possible to arrive at an alternative strategy.
When digesting the results from the graph below, an organization considers three data points that are consistent with the risk management objectives listed earlier, says Keith DeCoster, managing director of Aon Risk Services.
“The first data point is the average total cost of risk, which is the average value of all of the outcomes generated by the model,” says DeCoster. “The second is the risk tolerance breach point, the point at which each of the curves crosses the risk tolerance line (blue line). Finally is tail exposure, which is the average value of the risk beyond a certain confidence level.”
Smart Business spoke with DeCoster about how to use data points to help analyze your company’s strategy.
How can the data points help you analyze your strategy?
When considering these three pieces of information, you can see that the average (or expected value) total cost of an unmitigated strategy is slightly better than the ‘as-is,’ or current, strategy. However, the current strategy breaches risk tolerance levels less often and provides measurable protection against tail exposure.
From these observations, we can conclude that the current strategy does provide value. But why stop here? With the quantitative framework in place, we can now ask whether there is a better risk response strategy that we should consider
In the figure below, the organization considers additional mitigation, which has a cost, to evaluate the potential benefit. The new strategy (gold line) has a lower average total cost of risk, breaches the risk tolerance level less often and provides better protection against tail exposures than the current strategy.
Therefore, we would recommend using capital to implement the new strategy, as the tradeoff is worth it along all three evaluation streams.
Is the risk quantification construct a panacea?
Sometimes it can be, but oftentimes, the quantitative information is combined with other qualitative aspects such as business relationships, market constraints, judgment, etc., to support the decision at hand.
How can you drive value out of your enterprise risk management program?
Our belief is that strategic planning and action need to be supported by an ERM program, and one way to get there is through risk quantification. Risk quantification generates additional information to understand the true nature of a risk or opportunity, and it can allow for various management strategies to be compared on a common and consistent platform in a common language likelihood and impact.
By using a risk quantification framework, decision-makers can be empowered by understanding individual risks in a deeper manner, building a portfolio view of key risks and drivers, and understanding opportunities to improve their organization.
Perhaps equally important is the fact that a structured and well-understood process can be established that is flexible to change as the risk profile and opportunities at hand change.
As a parting thought, we’d like you to go through a little exercise. Think of five important risk or opportunity categories in your organization that are managed with the help of risk quantification, and write these down. Are these models a part of everyday life, and are they valued by the business and risk owners?
Now, think of five important categories that do not leverage risk quantification frameworks to support management decisions but that could, and write these down, as well. Ask yourself why this is the case.
In comparing the two lists, we hope you begin to envision how risk quantification can bring value to your organization.
Keith DeCoster is managing director of Aon Risk Services. Reach him at (317) 237-2400 or Keith_Decoster@aon.com.