Risk Aggregation Guidelines

Questions and Answers

What is the primary consideration when aggregating risk according to the guidelines?

Focusing on easily measurable risks

Only aggregating similar types of data and numbers (correct)

Utilizing different metrics for aggregation

Obscuring actionable details

Why should risk information not be aggregated to the extent of obscuring actionable details?

To avoid considering enterprise-level risks

To make the reporting process simpler

To focus on easily measurable risks

To ensure the root cause of risk is visible (correct)

In what way should risk be aggregated according to the guidelines?

By focusing on easily measurable risks

By considering enterprise-level risks only

By multiple dimensions such as department, business unit, or types of risk (correct)

By obscuring actionable details

What should be the focus when aggregating risk according to the guidelines?

Aggregating real, relevant risk

Why is it important to aggregate risk at the enterprise level according to the guidelines?

To consider all other risks that the enterprise needs to manage