Summary

This document discusses the core concepts of risk management, including risk types, management strategies, and practical applications in various contexts. The text delves into property loss exposures, liability issues, personnel risks, and other crucial aspects of managing risks within an organization.

Full Transcript

Risk Management Study online at https://quizlet.com/_50ulc8 1. Risk Uncertainty about whether a loss will occur. That said, it consists of two key elements: uncertainty and loss. 2. Risk Manage- Process to best handle uncer...

Risk Management Study online at https://quizlet.com/_50ulc8 1. Risk Uncertainty about whether a loss will occur. That said, it consists of two key elements: uncertainty and loss. 2. Risk Manage- Process to best handle uncertainty about whether losses ment will occur. Trying to decrease the frequency or severity of losses, and/or paying for those losses that occur despite an indi- vidual's or business' best efforts. Traditional risk management has concentrated primarily on Hazard 3. Enterprise Risk Emphasizes the interrelationship of risks from many dif- Management ferent sources and a coordinated strategy to manage risks, and it assesses and treats risks to maximize value to the organization's stakeholders. 4. Pure Risk A pure risk can result only in a loss or no loss, so it presents no opportunity for gain. For example, the owner of an apartment building faces the risk of a fire loss. The building will either burn or not burn. If it burns, the owner will suffer a financial loss. If the building does not burn, the owner's financial condition is unchanged. Neither out- come would produce a gain Hazard risks and operational risks 5. Speculative Risk A speculative risk can result in loss, no loss, or gain. Distinguishing between pure and speculative risks is im- portant because they must often be managed differently. For example, the apartment owner faces pure risk from fire, wind, and injuries sustained on the property, and he also faces the speculative risk that the market value of the building will increase or decrease during the year. The pure risk can usually be well managed by purchasing insurance, and the speculative risk might be managed by maintaining the property to enhance its resale value. 1 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 Example: Purchasing stock 6. Property Loss The loss can be to real property, such as land, trees, Exposures buildings, or other structures (such as the factory building or homeowner's garage in our examples), or personal property, which includes contents such as computers, rugs, equipment, and furniture. These are assets exposed to a property loss. 7. Liability Loss Ex- Liability means that an individual or organization is legally posures responsible (or liable) for the injury or damage suffered by another person or organization. For example, the or- ganization that experienced the revenue and reputational loss from its product recall has a liability loss exposure stemming from the real or potential damage or injury its products could cause. 8. Personnel Loss A personnel loss exposure is the possibility of a loss Exposures caused by a key (or seemingly irreplaceable) employee, usually an owner or manager, who possesses special skills or knowledge vital to the organization. The organiza- tion would suffer financial setbacks if this individual died, but other causes of loss include disability, retirement, resignation, or layoff. Example: A lawsuit or claim. 9. Benefits of Risk Reducing costs Management Increasing capital Promoting intelligent risk taking Maximizing profitability Complying with legal and regulatory requirements 10. Steps in the 1. Identifying loss exposures Risk Manage- 2. Analyzing loss exposures ment Process 3. Examining the feasibility of risk management 4. tech- niques 4. Selecting the appropriate risk management techniques 5. Implementing the selected risk management tech- 2 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 niques 6. Monitoring results and revising the risk management program 11. Identifying Loss Loss exposures may be identified by reviewing internal Exposures information such as historical (or past) losses, inspection reports, compliance reports, and risk assessment check- lists. Outside experts such as auditors, accountants, or other risk control consultants may also assist with risk identification. 12. Analyzing Loss 1. Loss frequency—number of losses (such as property Exposures damage, liability claims, or employee thefts) within a spe- cific time period 2. Loss severity—amount, in dollars, of a loss for a spe- cific occurrence 3. Total dollar losses—total dollar amount of losses for all occurrences during a specific time period 4. Timing—when losses occur and when loss payments are made 13. Examining the 1. Risk Control Feasibility of Measures to prevent or reduce losses. Risk Manage- ment Techniques 2. Risk Financing Purchasing insurance, helps pay for losses that do occur. 14. Selecting the Financial considerations are important in evaluating and Appropriate selecting risk management techniques. The forecasted Risk losses are used to determine the types and limits of Management insurance and the appropriate deductibles for the orga- Techniques nization. Nonfinancial considerations include the ability of the or- ganization to continue operations after a loss, the safety and welfare of customers and employees, and the orga- nization's reputation. 3 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 15. Implementing 1. Risk financing techniques are typically implemented the Selected by a risk management professional, whereas risk control Risk techniques are usually implemented by operations man- Management agers. Techniques 2. Risk control implementation involves communicating techniques, as well as providing necessary training or resources, to the appropriate operations managers—and often to other employees as well. 16. Monitoring Re- Circumstances may develop that require revision to a risk sults and Revis- management program, such as new loss exposures (after ing the Risk Man- a merger or an acquisition) or new developments in exist- agement Pro- ing loss exposures (such as a product defect resulting in gram liability). 17. Various tools 1. Loss histories and methods can 2. Checklists be used to iden- 3. Audits tify and analyze 4. Computer software an organization's 5. Team approaches risks, such as 6. Flowcharts and organizational charts these: 7. Personal inspections 8. Company documents or records 9. Risk registers 10. Risk maps 11. Root cause analysis 18. The Primary 1. Avoid the risk Techniques for 2. Modify the risk Treating Loss 3. Transfer the risk Exposures 4. Retain the risk 19. Risk Control 1. Avoid the Risk Techniques Avoiding a risk is the most complete but often the least practical of risk management techniques. Someone can eliminate the possibility of loss by choosing not to own an asset or engage in an activity that could result in a loss. 4 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 2. Modify the Risk Loss-prevention techniques reduce the frequency of a particular loss. 20. Risk Financing 1. Retain the Risk Techniques Retention means that individuals or organizations plan to generate the funds to pay for losses themselves. For an organization that has the capacity to do so, this can amount to a simple accounting transaction or more so- phisticated techniques with tax or investment implica- tions. 2. Transfer the Risk A risk financing transfer shifts financial responsibility for losses from one party to another through a contract. 21. How Do In- The most appropriate risk management techniques with dividuals Se- which to treat loss exposures are those that support and lect Risk Man- reinforce, rather than prevent or undermine, achievement agement Treat- of a personal objective. ments? For most individuals, risk financing is handled by insur- ance, with insurance professionals suggesting appropri- ate limits, coverages, endorsements, and other options 22. How Do Or- Organizations analyze their losses by frequency and ganizations Se- severity. The frequency of losses is the number of losses lect Risk Man- that occur within a specified period. The severity of a loss agement Treat- is the amount of a loss, typically measured in dollars. ments? Severity can be used to describe the size of an individ- ual loss or a group of losses. Generally, high-severity losses are low frequency (rarely occurring), with a high risk of uncertainty. Similarly, low-severity losses are many times more frequent, and thus more predictable, with less risk of uncertainty. Many organizations choose to transfer their high-severity losses and retain (or manage) their low-severity one Sometimes organizations experience losses that are 5 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 characterized by both low severity and low frequency. Those losses are usually of little financial consequence. Organizations also could experience losses character- ized by both high severity and high frequency. These loss- es are likely to be difficult to transfer and may bankrupt an organization 23. Why Is Risk Mon- Monitoring a program helps ensure that it does what it itored? was designed to do and at the expected level. By observ- ing and assessing risks and their treatment over time, new loss exposures may be more easily identified and incorporated into the existing program. 24. How Is Risk Mon- Internal controls are the processes an organization uses itored? to systematically review its operations and monitor com- pliance with its own values, standards, and objectives. Employees can support the risk management effort by reporting problems, proposing solutions, adhering to re- quired rules, and supporting a culture of effective risk management. Risk-based auditing prioritizes the use of an organiza- tion's limited internal audit resources in the areas that pose the greatest risk to the organization, emphasizing three principles: --Auditing to the business objectives --Focusing on the materiality of the risk, or the chance of affecting desired outcomes --Identifying threats to the achievement of the business goals and objectives 25. How Is Risk Re- An organization's policy and procedures documentation ported? such as safety manuals, training plans, and data privacy protection plans help employees and departments con- sistently adhere to established standards. 26. Risk Manage- The Risk Management Department's vision may involve ment and Orga- providing insurance and risk management solutions so 6 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 nizational Align- that losses can be controlled or contained and those ment customers will be satisfied with the products they receive. 27. Risk Manage- Common objectives for risk management are balancing ment Objectives risk and reward and supporting decision making. 28. Risk Manage- 1. Tolerable uncertainty ment Goals 2. Legal and regulatory compliance 3. Survival 4. Business continuity 5. Earnings stability 6. Profitability and growth 7. Social responsibility 8. Economy of risk management operations 29. Board Respon- 1. Strategic risks that arise from trends in the economy sibilities for and society, such as changes in the political climate in a Risk Manage- particular country or in the competitive environment ment Oversight 2. Operational risks that arise from people, processes, systems, or controls, such as information technology risk and management oversight 3. Financial risks that arise from the effect of market forces on financial assets or liabilities, such as changes in interest rates 30. Risk Manage- 1. Risk committees may be formed to oversee routine ment Reporting risk management processes within business units and to and Communica- compile risk information for the board. tion 2. An audit committee is tasked with ensuring that the or- ganization is in compliance with its stated internal proce- dures as well as with regulatory and legal requirements. As such, this committee provides risk management-relat- ed information to the board, similar to a risk committee. 3. The difference between the two is that a risk committee is meant to create policy, while an audit committee is more attuned to assessing adherence to policy. 7 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 31. Underwriting Underwriting is the process of deciding which accounts are acceptable (selecting who can be insured), pricing coverage, determining policy terms and conditions, and monitoring those decisions. A successful underwriting function ensures that the applicants who are selected receive the level of coverage that sufficiently reflects their loss exposures (conditions or situations that present the possibility of loss) at a reasonable and adequate price 32. Purpose of Un- The primary purpose of underwriting is to help an insurer derwriting develop and maintain a growing, profitable book of busi- ness. To do this, the underwriting function must minimize adverse selection, ensure adequate policyholders' sur- plus, and enforce underwriting guidelines 33. Minimize Ad- Underwriters are insurers' guard against adverse selec- verse Selection tion, which is the tendency of people most likely to expe- rience loss to be the most likely to purchase insurance. 34. Ensure Ade- Without capacity, an insurer cannot develop and main- quate Policy- tain a growing, profitable book of business. Capacity is holders' Surplus the amount of business an insurer can write based on regulatory guidelines and the insurer's own voluntary constraints. As it increases, the insurer can write more policies. 35. Enforce Under- Underwriting ensures that accepted applicants meet un- writing Guide- derwriting guidelines, or guides, which specify the attrib- lines utes of an account that underwriters should look for before offering coverage. 36. Book of busi- A group of policies with a common characteristic, such as ness territory or type of coverage, or all policies written by a particular insurer or agency. 37. Line Underwrit- 1. Selecting insureds ers 2. Classifying and pricing accounts 3. Recommending or providing coverage 4. Managing a book of business 8 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 5. Supporting producers and insureds 6. Supporting the achievement of the insurer's marketing objectives 38. Staff Underwrit- 1. Researching the market ers 2. Formulating underwriting policy, or philosophy 3. Revising underwriting guidelines 4. Evaluating loss experience 5. Researching and developing coverage forms 6. Reviewing rates 7. Arranging reinsurance 8. Assisting others with complex accounts 9. Conducting underwriting audits 10. Educating and training 39. Underwriting A guide to individual and aggregate policy selection that policy supports an insurer's mission statement. 40. What Essen- Successful underwriters possess a wide range of knowl- tial Knowledge edge about insurance, such as principles and practices, Do Underwriters the relationship between loss exposures and pricing, how Need? insurers calculate insurance rates, and how to analyze losses. They also know to find useful internal and external sources of information to support the underwriting de- cision and have a comprehensive understanding of the products, pricing, underwriting policies, strategies, and capacity of their insurer. Successful underwriters also keep an eye on the compe- tition and assess which market segments are profitable and how relevant economic trends may affect their target markets 41. What Essential 1. Research and analytical skills Skills Do Under- 2. Decision-making skills writers Need? 3. Communication skills 4. Active listening skills 5. Influence and persuasion skills 9 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 6. Negotiation skills 7. Time management and organizational skills 42. Steps in 1. Evaluate the Submission the underwriting 2. Develop Underwriting Alternatives process and the 3. Select an Underwriting Alternative purpose of each. 4. Determine an Appropriate Premium 5. Implement the Underwriting Decision 6. Monitor Underwriting Decisions 43. Evaluate the The first step in the underwriting process is evaluating Submission a submission's loss exposures and associated hazards. Underwriters try to understand the activities, operations, and character of each applicant. This requires a lot of information, and to be efficient, underwriters must weigh the need for information against the cost of obtaining it. 44. Develop Under- After evaluating a submission, an underwriter may accept writing Alterna- or reject the submission or offer an alternative. Underwrit- tives ers add value by making counteroffers, which allow them to accept submissions with certain modifications, such as these: 1. Require risk control measures 2. Modify the premium 3. Amend policy terms and conditions 45. Select an Under- An underwriter must evaluate each underwriting alterna- writing Alterna- tive carefully and select the best one under the circum- tive stances. In some cases, the underwriter has no choice but to reject a submission; however, rejections produce neither premium nor commission, only expense. There- fore, underwriters try to make submissions acceptable whenever possible. 46. Determine an Ap- Pricing, or determining the policy premium (commonly propriate Premi- called rating), is an important activity performed by the um underwriting department and is one of the conditions an underwriter can influence when deciding whether to accept an applicant for insurance. 10 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 47. Implement the 1. Communicating the decision to the producer Underwriting De- 2. Issuing any required documents cision 3. Recording information about the applicant and policy 48. Monitor Under- So what happens after an underwriting decision is im- writing Deci- plemented? Underwriters do more than select which ac- sions counts to accept or renew. They also must continually monitor their decisions to make sure that satisfactory results are achieved. Underwriters do this by monitoring claims activity for significant or unique losses; being alert to policy change requests (such as adding a new location to a property policy or a new driver to an auto policy) that could significantly alter the loss exposures; and reviewing the results of risk control and safety inspections and pre- mium audits that can reveal information about new loss exposures, additional hazards, or operations. 49. Expert sys- Computer software programs that supplement the un- tems, or knowl- derwriting decision-making process. These systems ask edge-based sys- for the information necessary to make an underwriting tems decision, ensuring that no information is overlooked. 50. Hazard A condition that increases the frequency or severity of a loss. 51. Premium audit Methodical examination of a policyholder's operations, records, and books of account to determine the actual exposure units and premium for insurance coverages already provided. 52. Telematics The use of technological devices to transmit data via wireless communication and GPS tracking. 53. Predictive mod- A process in which historical data based on behaviors eling and events is blended with multiple variables and used to construct models of anticipated future outcomes 54. Catastrophe A type of computer program that estimates losses from model future potential catastrophic events. 11 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 55. Rating plan A set of directions that specify criteria of the exposure base, the exposure unit, and rate per exposure unit to determine premiums for a particular line of insurance. 56. The Combined A combined ratio of less than 100 means that the insurer Ratio is making a profit from underwriting insurance. A com- bined ratio of more than 100 means the insurer is not making an underwriting profit. 57. Nonfinancial 1. Selection Measures Used 2. Product or line of business mix to Monitor 3. Pricing Underwriting 4. Retention ratio Results 5. Hit ratio 6. Customer service 7. Premium volume 58. Retention ratio The retention ratio is the percentage of expiring policies that an insurer renews. Insurers pay attention to this ratio because retaining policies is more profitable than acquiring new business because most of, if not all, the underwriting investigation work has been completed for existing policies. Also, a low retention rate most likely indicates a problem with the insurer's service, such as customer dissatisfaction with the claims service. 59. Hit ratio The hit ratio, or success ratio, determines how well under- writers are meeting sales goals by comparing the number of policies written with applications that have been quot- ed. This ratio is important to monitor because it provides information about the insurer's competitiveness in the current insurance market. 60. Underwriting cy- A cyclical pattern of insurance pricing in which a soft cle market (low rates, relaxed underwriting, and underwriting 12 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 losses) is eventually followed by a hard market (high rates, restrictive underwriting, and underwriting gains) before the pattern again repeats itself. 61. What Are the Per- 1. The driver sonal Auto Lia- 2. Vehicle use bility Underwrit- 3. Safety features ing Considera- tions? 62. What Are the Per- 1. Vehicle size sonal Auto Phys- 2. Vehicle type ical Damage Un- 3. Vehicle equipment derwriting Con- 4. Vehicle age and condition siderations? 63. Where Does Per- 1. Driver records sonal Auto Un- 2. Loss histories derwriting Infor- 3. Financial reports mation Come From? 64. Telematics The use of technological devices in vehicles with wireless communication and GPS tracking that transmit data to businesses or government agencies; some return infor- mation for the driver 65. What Are 1. Vehicle size and weight the Commercial 2. Vehicle use Auto Liability Un- 3. Radius of operation derwriting Con- 4. Special industry classifications siderations? 66. What Are 1. Age and value the Commercial 2. Use and maintenance Auto Physical 3. Concentration of vehicles Damage Under- writing Consid- erations? 13 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 67. Rating The process of applying an applicable rate and rating plan to a particular exposure and performing any other necessary calculations to determine the policy premium for that exposure. 68. Moral hazard A condition that increases the likelihood that a person will intentionally cause or exaggerate a loss. 69. What Informa- Underwriters examine crucial pieces of information in a tion Does the property application such as these: Application Pro- vide? 1. Loss history 2. COPE (construction, occupancy, protection, and exter- nal exposures) elements 3. Property values 70. What Informa- To further assess the quality of a property account, an tion Do Supple- underwriter also considers supplemental sources of infor- mental Sources mation, such as these: Provide? 1. Risk management program 2. Financial statements and reports 3. Risk control reports 4. Property-valuation guides 71. Loss run A report detailing an insured's history of claims that have occurred over a specific period, valued as of a specific date. 72. COPE Four interdependent elements that are analyzed by com- mercial property underwriters when evaluating submis- sions for property insurance; construction, occupancy, protection, and external exposures. 73. Morale hazard A condition of carelessness or indifference that increases (attitudinal haz- the frequency or severity of loss. ard) 74. The construction (type of materials and design) of the covered building is the most important element of COPE 14 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 Why Is Construc- because construction characteristics directly determine tion an Important the building's ability to withstand damage and protect its Consideration? contents An underwriter analyzes several construction features to determine a building's resistance to damage from fire and other causes of loss 1. Frame 2. Masonry 3. Noncombustible 4. Fire-resistive 75. Why Is Occupan- Occupancy, the second element in the COPE model, re- cy an Important lates to how a building is used. This is another prime con- Consideration? sideration in property underwriting because the activities and operations conducted within the building introduce hazards that can affect an account's loss frequency and severity. 76. Why Is Protec- Protection, the third element of the COPE model, consists tion an Important of the risk management techniques used to reduce the Consideration? frequency or severity of a loss by fire. When underwriters analyze the effectiveness of a submission's protection, they focus on public fire protection and private fire pro- tection efforts. 77. Why Is External An external exposure, the fourth element of the COPE Exposure an Im- model, is a loss exposure outside the area owned or con- portant Consid- trolled by the insured. Because this source of loss can be eration? significant (a fire, for example, in one building can spread to surrounding buildings), underwriters analyze the loss exposures posed by immediate neighboring properties or the surrounding area. 78. Fire division A section of a structure so well protected that fire cannot spread from that section to another, or vice versa. 79. Public fire pro- Fire protection equipment and services made available tection through governmental authority to all properties within a defined area. 15 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 80. Private fire pro- Measures taken by property owners to protect their as- tection sets from loss by fire. 81. How Are Resi- Because property owners have an active duty to exercise dential Loss Ex- care for an invited visitor's safety, underwriters should posures Evaluat- know which hazards could increase the chance of a lia- ed? bility loss from invited guests. Applications and question- naires for personal liability insurance should be carefully evaluated to look for issues that can increase potential loss frequency and severity, such as poor housekeeping and maintenance of a premise or an unfenced pool. 82. How Are Occu- Personal insurance applications often include questions pational Loss Ex- about the applicant's occupation or employment. One posures Evaluat- reason to ask such questions is to determine whether the ed? applicant is operating a business from his or her home or participating in professional activities from home, such as daycare services or volunteer work. 83. How Are Person- Personal liability loss exposures include sports and other al Activity Loss personal activities. These can often be identified through Exposures Eval- a supplemental application or questionnaire. uated? 84. How Are Spe- Many individuals and families have liability loss exposures cial Personal Li- in addition to those commonly associated with a resi- ability Loss Ex- dence. Underwriters pay particular attention to special posures Evaluat- personal liability loss exposures related to these: ed? --Swimming pools and hot tubs --Trampolines --Firearms --Animals --Farms --Dwellings rented to others 85. Negligent en- The act of leaving a dangerous article with a person who trustment the lender knows, or should know, is likely to use it in an unreasonably risky manner. 16 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 86. How Are Premis- 1. Extent of public exposure es and Oper- 2. Physical hazards ations Liability 3. Contractors and subcontractors Loss Exposures Evaluated? 87. How Are Prod- Completed operations loss exposures include construc- ucts and Com- tion, service, repair, and maintenance activities. The char- pleted Opera- acteristic that distinguishes completed operations loss tions Liability exposures from products loss exposures is the insured's Loss Exposures completed work, which can cause injury or damage. Evaluated? These types of loss exposures are typically found with service businesses. Because activities or operations (par- ticularly those off premises) are the basis for underwrit- ing, underwriters examine the applicant's quality of work, technical knowledge and skill, and reputation with cus- tomers. 88. How Are Person- Personal and advertising injuries, such as loss of rep- al and Advertis- utation, humiliation, and economic loss, can result from ing Injury Lia- a number of offenses, including false arrest, wrongful bility Loss Ex- eviction, slander, libel, invasion of privacy, and copyright posures Evaluat- infringement. Liability for personal and advertising injury ed? is a commonly covered commercial loss exposure (but it can be omitted if the insured does not want to buy it). Underwriters will typically evaluate an account's personal and advertising injury loss exposures only if such losses are likely to occur. 89. How Are Medical Medical payments coverage pays necessary medical ex- Payments Loss penses for anyone injured while on the insured's prop- Exposures Eval- erty or because of the insured's activities, regardless of uated? whether the insured was at fault. 90. Real property Tangible property consisting of land, all structures perma- (realty) nently attached to the land, and whatever is growing on the land. 91. Physical hazard 17 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 A tangible characteristic of property, persons, or opera- tions that tends to increase the frequency or severity of loss. 92. Personal Um- An umbrella policy provides an additional level of pro- brella Underwrit- tection for large liability losses by adding to the liability ing limits above existing policies. It might also cover claims that underlying policies do not cover at all. As an example, consider Andrew, who has liability lim- its of $300,000 on his homeowners policy and personal umbrella coverage for $1 million. A guest who trips and falls on Andrew's sidewalk subsequently sues him, and the judgment against Andrew is for $500,000. Andrew's homeowners policy provides coverage up to its $300,000 limit, and the umbrella policy pays the $200,000 excess to bring the total to $500,000. 93. Why Do Under- A personal umbrella policy requires a certain amount of writers Analyze underlying coverage. So one of the first things an under- Underlying Cov- writer does after receiving an application for umbrella cov- erage? erage is check whether the underlying requirements are met. For example, a $1 million umbrella policy may require the insured to maintain liability coverage of $300,000 on the underlying homeowners policy and $300,000 on the underlying auto policy. 94. How Do Un- When analyzing an umbrella application, the same derwriters Identi- sources of information are used to help identify traditional fy Umbrella Loss personal loss exposures: the application, motor vehicle Exposures? records, inspection reports, and other policy files 1. Underlying policies 2. Checklists and questionnaires 3. Financial statements 4. Personal inspections 95. How Do Under- Underwriters often use predictive modeling to help de- writers Estimate termine liability loss potential. They also rely on their knowledge and experience, always keeping in mind that 18 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 the Potential for the potential for large liability losses is present for anyone Large Losses? who owns property or drives a car, as well as by unusual or unforeseen situations, such as a person's dog biting a neighbor. 96. Predictive mod- A process in which historical data based on behaviors eling and events is blended with multiple variables and used to construct models of anticipated future outcomes. 97. How Is Eligibility The underwriter typically refers to underwriting guidelines Analyzed? (underwriting guide) that list eligible and ineligible types of operations. 98. What Key Ele- Underwriters should also consider coverage limits and ments of Under- deductibles when reviewing underlying policies. Each in- lying Insurance surer has its own minimum requirements for the under- Are Analyzed? lying limits of liability, and underwriters can require even higher limits (and deductibles) for certain loss exposures Another underwriting element to consider is the under- lying insurer. Some insurers will only provide umbrella or excess coverage over their own primary policies or if they are the primary insurer for the predominant loss exposures (usually general liability). 99. Why Are Losses An underwriter needs a thorough understanding of the Analyzed? insured's operations to identify loss exposures and deter- mine whether the existing loss experience is appropriate for the insured's operations. Because umbrella and excess liability underwriting is fo- cused primarily on the potential for a large, catastrophic claim, loss severity, rather than frequency, is the primary underwriting concern. Underwriters also look at catastrophe loss exposures. 100. How Can Rein- An insurer will transfer some of its risk to another insurer surance Play a through a contractual agreement. This process is called Role? reinsurance. 19 / 20 Risk Management Study online at https://quizlet.com/_50ulc8 101. Underwriting A written manual that communicates an insurer's un- guidelines derwriting policy and that specifies the attributes of an (underwriting account that an insurer is willing to insure. guide) 102. Facultative rein- Reinsurance of individual loss exposures in which the surance primary insurer chooses which loss exposures to submit to the reinsurer, and the reinsurer can accept or reject any loss exposures submitted. 20 / 20 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 1. Risk The likelihood that a threat will occur. - = Threat X Vulnerability X Loss 2. Vulnerability Any weakness in a system or process that could lead to harm. 3. Threat Potential danger caused by exploiting a vulnerability 4. Threat Agent The agent that will expose the vulnerability and cause harm 5. Consequence Resulting harm that the organisation could receive. 6. Risk manage- The process of assessing risk, reducing it to an acceptable ment level and implementing controls to maintain that minimal level of risk. Can be broken down tot he following parts: 1: Risk analysis 2: Prioritisation 3: Response 4: Monitoring and measuring 7. GRC Governance, Risk Management and Compliance 8. Risk Analysis The security management process for addressing any risk or economic damages that affect an organisation and are ascertained in various phases. An ongoing activity that involves periodic reviews along with special reviews around significantly changed processes. The ultimate goal is to produce an actionable report that management can use for risk mitigation. 9. Risk Analysis 1: Asset identification and valuation Phases 2: Vulnerability Identification 3: Threat Assessment 4: Risk Assessment 5: Financial Impact Evaluation 10. Asset Valuation The practice of determining an assets worth to an organ- isation. 1: What effort was required to develop or obtain it? 1/7 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 2: What does it cost to maintain and protect it? 3: How much loss in operational functionality will be sus- tained if the asset is misplaced or damaged 4: What would it cost to replace? 5: What enemies might pay for it? 6: What liability penalties might occur if the asset is com- promised? 11. Asset Manage- A system that contains a detailed record of corporate ment System property and similar assets. Asset management system places a value based on accounting principles. 12. Accounting Sys- Asset information in general accounting system. tem 13. Insurance Valua- Insurers accept the risk of loss for the assets they insure tion and perform an analysis of the risk associated with the policies they issue. 14. Qualitative Valua- Word based description of the value of your assets tion 15. Vulnerabiltiy Ar- 1: Physical Structure eas 2: Electrical 3: Software 4: Network 5: Personnel 6: Hardware 7: Documentation 8: Process 16. Threats 1: Natural Disasters 2: Man Made Disasters (arson, power outages, mistakes, etc) 17. CRAMM "CCTA Risk analysis and management method, disci- plined and staged approach looking at both technical and non-technical aspects of security" 18. FMEA Failure Modes and Effect Analysis 2/7 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 19. FRAP Faciltated Risk Analysis Process 20. OCTAVE Operationally Critical Threat, Asset and Vulnerability Eval- uation 21. SOMAP Security Officers Management and Analysis Project 22. Qualitative As- An asset valuation approach that uses categorical or sessment non-numeric values rather than absolute numerical mea- sures 23. Delphi Method Qualitative assessment of risk involving questioning a panel of independent experts to obtain asset value fore- casts. A facilitator collects and summarises those fore- casts. 24. Quantitative Numerical based extimate on the historical occurences of Method incidents and the likelihood of risk re-occurance. 25. ARO Annual Rate of Occurance - Percentage factor that estimates the number of times an identified event or threat will occur within a year. - ARO = Event number / Years 26. EF Exposure Factor - The potential percentage of loss to an asset if a threat is realised - EF = loss value / Asset Value - EF = Loss Value / AV 27. SLE Single Loss Expectancy - The impact of the event - Multiply the Exposure Factor by the Asset Value - SLE = EF * AV 28. AV Asset Value 29. ALE Annualised Loss Expectancy - Expected loss from each identified threat on an annual 3/7 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 basis. - ALE = ARO * SLE 30. Risk Prioritisa- 1: Perform risk analysis on an individual basis tion 2: List the risks discovered through analysis 3: Determin the probability of occurance 4: Prioritise risks by probability level and focus on high probability risks 31. Risk Avoidance Maybe cancel the activity or move the equipment so the risk doesn't occur at all. 32. Risk Mitigation Complete an action to reduce the likilihood of occurance 33. Risk Transfer Transfer all or part of the risk to a third-party - e.g. insur- ance, hosting provider etc. 34. Risk Acceptance If implementing the control costs more than the value o the equipment, we may accept the risk. 35. Risk Rejection Refusal to accept that a risk exists. 36. Residual Risks Risks that are not worth directly addressing but instead aew covered by disaster recovery 37. Risk Controls Risk mitigation - controls are designed to eliminate or reduce risks. They must be: 1: Cost Effective 2: Reduce Risk 3: Practical 38. Administrative Security controls implemented over a broad area. e.g. Controls personnel security, risk management, training, monitoring, user and password management, and permission man- agement. 39. Physical Con- Used to limit an individual's physical access to protected trols information or facilities. E.g. locks, doors, fences... 40. 4/7 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 Technical Con- Also called logical controls and are implemented in the trols computing environment. Often foundi n Operating Sys- tems, application programs, database frameworks, fire- walls etc. 41. Directive Control Specifies expecetd employee behavior and often takes the form of policies and guidelines. E.G. acceptable use policy 42. Deterrent Control Discourages individuals from violating security policies because of the effort to circumvent it or the negative consequences of doing so. e.g. CCTV monitoring could be a deterrent, especially if loss of employment is the penalty 43. Preventative Stops a security incident. E.g. Background screenings etc. Control 44. Compensating Implemented when the system cannot provide protection Control required by policy in order to mitigate the risk down to an acceptable level. E.G if a smaller site hasn't the equipment to follow policy, an acceptable agreed exceptional process can be followed. 45. Detective Control Alerts the security professional to the attempted security violation 46. Corrective Con- Responds to the Security violoation to reduce or ocm- trol pletely eliminate the impact. E.G. Escorting unauthorised person offsite 47. Recovery Con- used to return the system to an operational state after a trol failure to protect the CIA triad. Changing seperation of du- ties after an employee unexpectedly leaves the company is an example of a recovery control. 48. Residual Risk the risk that remains after controls are put in place. 49. Controls gap The amount of risk that your countermeasures do not cover. expressed as a % 50. Assessment 5/7 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 Helps to determine the validity, effectiveness and quality of the controls. 51. Continuous im- ongoing effort to optimise policies and processes in order provement to identify and mitigate potential risks before they affect the organisation. 52. Deming Cycle Continuous Improvement Cycle: 1: Plan - Identify a policy or process with an oportunity for change, identify objective and make a plan 2: Do - Put the change into effect on a small scale 3: Check - analysie the results of the change 4: Act - Either implement the change on a wider scale or keep existing process in plce, depending ont he result of the Check phase. 53. Risk Manage- Ensures the risks are appropriately identified and handled ment Frame- eithin the context of : works 1: The natire of the risks faced by the organistaion 2: the organistaions risk tolerance 3: The resources available to manage risks 4: The organistaiuons culture. 54. Common Risk - Risk IT Framework - ISACA Frameworks - ISO31000 - Enterprise Risk Management - Integrated Framework (COSO) - Risk Management Framework (NIST) 55. Guidelines for - Construct your risk management program around a Implementing process of analysis, prioritisation, response, and monitor- Risk ing and measuring Management - Integrate Risk Management into larger framework of governance, risk management and compliance (GRC) to simplify and improve all three processes - Follow the phases of the Risk Analasys Process to identify the impact of risk to your organisation - Comprehensively identify all your assets that are susep- tible to risk - Place value on you assets using one or more valuation 6/7 Domain 1 - Risk Management Study online at https://quizlet.com/_av88l4 methods - Identify how each asset is vulnerable - Identify the threats to each vulnerable asset - Asset risk using Qualitative or Qantitative langusge, depending on the context of the risk and the nusiness needs of your organisation - Prioritise risks so larger risks are addressed more quick- ly and thoroughly then smaller ones - Respond to risk in different ways depending on context: - Avoid risks that are very likely and may have huge impact - Mitigate risks that are likely but will not necessarily have a great impact - Transfer risks that are unlikely but will have a large financial impact - Accept risks that are unliekly and will have a minor impact, or ones that are simply not cost-effective. - Select risk based controls based on their cost effective- ness, practicality and efficacy in reducing risk - Consider resideual risk as a way to review the efficacy of your controls - Proactively monitor and measure the effectiveness of risk response techniques and managent processes - Continuously improve upon your risk management pro- gram through a cyclical process of discovery, awareness, prioritisation and control implrementation 7/7 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 1. What is NIOSH's three step process for con- 1. Identify the hazard ducting occupational risk assessments? 2. Assess the exposure-re- sponse relationship 3. Characterize the workplace risk. 2. What is a Dynamic Risk Assessment? Those that are constantly on- going. 3. What is a Generic Risk Assessment? Used as baselines or general applications to help expedite the process or to provide a foundation on which to build. 4. Assessment Method Qualitative vs quantitative 5. Assessment Application Generic vs specific vs dynam- ic 6. All risk assessments follow the following 1. Identify the hazard or risk general steps: 2. Decide or determine who could be affected 3. Assess or evaluate how they might be affected 4. Record the results or find- ings 5. Review the results on a re- curring basis 7. How many steps are in the EPA Human Four Health Risk Assessment? 8. What are the steps in the EPA Human Health 1. Hazard Identification Risk Assessment? 2. Dose-Response Assess- ment 3. Exposure Assessment 4. Risk Characterization 9. According to ANSI/ASSP/ISO 31000, the 1. an integral part of manage- risk management process should be: ment 1/6 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 2. embedded in the culture and practices 3. tailored to the business processes of the organization 10. What is ISO 31000? Risk Management Guidelines 11. What is ISO 19011? Guidelines for auditing man- agement systems 12. What is ISO 45001? Occupational Health and Safety Management Systems 13. What is ISO 14000? Environmental Management 14. What kind of consequences have the great- Soon, certain, and positive est impact on employee behavior? consequences 15. Modern management theory recognizes Both positive or negative that consequences must be positive or neg- ative? 16. Modern management theory recognizes Both, immediate or future that consequences must be immediate or future? 17. Modern management theory recognizes Both, certain or uncertain that consequences must be certain or un- certain? 18. Modern management theory recognizes A very powerful motivator that consequences must be a very powerful motivator, or a less powerful motivator? 19. Risk is defined as a combination of Severity and Probability _______________ and ________________. 20. ___________ is the plaintiff's failure to exer- Contributory Negligence cise reasonable care for their safety. 2/6 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 21. ____________ is defined by OSHA as "one Competent Person who is capable of identifying existing or predictable hazards in the surroundings or working conditions which are unsanitary, hazardous, or dangerous to employees and who has the authorization to take prompt corrective measures to eliminate them. 22. Anytime changes are introduced in the Change Analysis workplace, this type of analysis should be done: ______________________ 23. Risk remaining after risk treatment is Residual Risk termed: _______________ 24. Residual risk can contain unidentified risk retained risk and can also be termed: _____________ 25. What is a Pareto analysis chart used for? Ranking in the order of sever- ity or frequency. 26. According to ISO 19011, what are the seven - Integrity principles for auditing? - Fair presentation - Confidentiality - Due professional care - Independence - Evidence-based approach - Risk-based approach 27. What is "Pure Risk"? a risk that presents the chance of loss but no oppor- tunity for gain 28. What a person can do after recuperating Whole person theory from an injury and determined and subtract- ed from what they could do before the injury is called: ______________ 29. _____ is the benefit associated with wage Indemnity replacemenet. 3/6 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 30. ______ refers to when the employee is Wage loss theory awarded a percentage of the difference be- tween the wages earned and the wages that could have been earned had the injury not occurred. 31. _____ is a comprehensive report that iden- A life care plan tifies a persons medical condition and on- going care requirements including financial needs and expenses after suffering an oc- cupation injury/illness. 32. According to ISO 45001, what are the six 1. plan, establish, implement, elements of an audit process: and maintain and audit pro- gram 2. define the audit criteria and scope of audit 3. Select the auditors 4. Ensure the results of the audits are reported to relevant managers 5. Take action to address non- conformities 6. Retain documented infor- mation 33. What is the insurance that is for low proba- Catastrophe insurance bility, high-cost events? 34. What is the insurance between a primary Reinsurance insurer and secondary insurer where the secondary agrees to cover all or part of the losses of the primary insurer? 35. What is the portion of risk or amount of Retrocession insurance the company chooses not to re- tain? 36. 4/6 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 The Human Factors Theory by David Yates - Overload says when quantifying accident causes, - Inappropriate Worker Re- there are three broad categories: sponse - Inappropriate Activities 37. What is Vicarious Liability? Assigns liability for an injury to a person who did not cause the injury but who has a par- ticular legal relationship to the person who did act negligent- ly. 38. Who is responsible for conducting an Inci- The front-line supervisor. dent Investigation? 39. What is the Hierarchy of Controls? 1. Elimination 2. Substitution 3. Engineering Controls 4. Warnings 5. Admin Controls 6. PPE 40. A condition or activity that has the potential Hazard for harm is: 41. _______ is the chance or probability of oc- Risk currence of an injury, loss or a hazard or potential hazard 42. ________ is an event in which a work-re- Incident lated injury, illness or fatality occurred or could have occurred 43. What are the four risk response strategies? Avoidance Transfer Retention Reduction 44. Is a health clinic loss prevention or loss Could be both, depending on reduction? the services provided 5/6 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 45. What consequences are most effective? Soon, certain, and positive 46. The overall process of risk identification, Risk Assessment risk analysis, and risk evaluation is termed: 47. ALARA means: As Low As Reasonably Achievable 48. ALARP means: As low as reasonably practi- cal 49. What are examples of loss control mea- Hazcom training, machine sures? guards, confined space pro- grams, etc. 50. What is the Domino Theory? All accidents are caused by a chain of events. The removal of any chain of events can prevent the accident. 51. What is Petersen's Accident/Incident theo- Causes of accidents/inci- ry? dents are human error and/or system failure. 6/6 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp 1. risk measure of the probability and severity of ad- verse effects 2. uncertainty of risk exposure, consequence, and likelihood con- tribute to the uncertainty of risk 3. Risk Analysis vs. Risk RA is a scientific activity, the result of which is Management an estimate of risk. And is normally conducted before RM. RM must determine whether the risk is accept- able and if not, what methods will be used to reduce the risk to an acceptable level. 4. Hazard Analysis cate- 1) Environmental Issues that create stress gories 2) Inherent properties that create hazards 3) failures of people and materials 5. There are two PRIMA- Risk transfer RY methods for reduc- ing the costs of acci- dents in an organization - prevention (loss control) and financial (cost reduc- tion). Which is a financial method? 6. In behavior-based safety Soon, Certain, and Positive programs, Antecedent-Behav- 'To influence behavior, influence the conse- ior-Consequence (ABC) quences.' You should reinforce safe behavior by Analysis is often used to introducing consequences which are soon, cer- assess why certain tain and positive, eg: give praise straightaway behaviors occur or do not when you see a worker wearing hearing protec- occur in the work setting. tion; and In terms of enforce the rule immediately when you see a consequences, the MOST worker not wearing it. powerful influences are those that are: 1/7 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp 7. Behavior-Based Safety, a tool that can help people examine behaviors the Antecedent-Behav- they want to change, the triggers behind those ior-Consequence Analy- behaviors, and the impact of those behaviors on sis (ABC) model negative or maladaptive patterns 8. When considering a facili- automatic sprinkler system ty fire protection program, which is the BEST tool for minimizing loss of life 9. Behavior-based safety Yes, by using a self-observation protocol systems (BBS) typically use peer-to-peer obser- vation methods to as- sess and measure confor- mance with behavior ex- pectations. Your company operates a fleet of inde- pendent route sales rep- resentatives (drivers) who work alone for most of the day. Will you be able to im- plement a BBS for these drivers? 10. Risk taking behaviors are Low consequence risk influenced by the worker's perception of the risk in- volved. Which is an exam- ple of a risk that people are included to find ac- ceptable? 11. Operating and Support a process to identify hazards and recommend Hazard Analysis risk reduction alternatives in procedurally con- trolled activities during all phases of intended use. 12. Preliminary Hazard Analy- most commonly used systems safety analysis sis (PHA) technique. 2/7 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp a technique used to conduct an initial hazard evaluation that can then be used to make in- formed decisions about the product's design and manufacture. 13. inductive reasoning specific to general i.e. FMEA or FHA or ETA 14. deductive reasoning general to specific i.e. FTA 15. Fault Tree Analysis (FTA) deductive analysis/technique that selects unde- sired outcome (top-level event) and all possible modes of happenings. in a FTA, an undesired event is selected an all possible happenings that can contribute to the event are diagrammed in the form of a tree. The branches are continued until independent events are reached. Probabilities are determined for the independent events and after simplifying the tree, both the probability of the undesired event and the most likely chain of events leading up to it can be computed. 16. Failure Modes and Effects is a bottom up system safety technique (induc- Analysis (FMEA) or tive). Failure Modes, Effects, and Criticality Analysis is a structured approach for finding problems (FMECA) with a process or product. It is not a direct control method. A FMEA is the right systems safety tool to use to analyze a single failure or a single unit failure. Often FMEA is used in conjunction with FTA to evaluate a products safety. Fault tree logic can identity possible failures and a FMEA can be 3/7 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp used to analyze each failure event. 'reliability engineers' are often tasked to perform a FMEA 17. Fault Hazard Analysis follows an inductive reasoning approach to prob- lem solving in that the analysis concentrates primarily on the specific and moves toward the general. the FHA is an expansion of FMEA 18. Common Cause Failure an analysis technique that is used primarily to Analysis evaluate multiple failures that may be caused by a single event or causal factor common to or shared by multiple components. This analysis is looking for failures that can cause multiple "independent" safeguards to fail. 19. When determining the rel- count the number of "AND" gates ative safety of a product using FTA, a quick way to "AND" gates require that all events must occur in evaluate this safety is to: order for the failure to occur therefore, the prob- ability of failure is the product of all the individual input probabilities. 20. Event Tree Analysis (ETA) inductive technique that explores different re- sponses to "challenges". A method for identifying various possible outcomes. the 1st step in an ETA is the "initiating event" 21. Naked Man technique that envisions a "primitive" or unpro- tected system and systematically evaluates the effect of adding various controls through a brain- storming approach. 22. THERP Technique for human error rate prediction, uti- lizes a 6-step process to analyze and control human errors. 4/7 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp provides a means for quantitatively evaluating the contributions of human error to the degrada- tion of product quality. It can be used for human components in systems and can be combined with either FMEA or FTA. 23. Change Analysis technique that provides formal documentation and feedback of safety analyses performed on changes (to the end product) throughout the life cycle. 24. Sneak circuit analysis a technique to determine an unintended energy route that can allow an undesired function to occur, prevent functions from occurring, or ad- versely affect the timing of functions. 25. Monte Carlo Method uses mathematical simulations, chance process- es, and random numbers to determine whether and how frequency the outcome of an event or complex relationship will occur. the MCM of simulation is the name of the method used to analyze complex trees. It requires the use of computer since a reasonably complex tree will require significant calculations to get a reliable answer for the reliability of the main event 26. critical incident technique method of identifying errors and unsafe condi- tions that contribute to both potential and actual injurious accidents within a given population by means of a stratified random sample of partic- ipants and observers selected from within this population. analysis technique where individuals are inter- viewed about accidents, near misses, and haz- ardous conditions 5/7 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp human errors in a system can be detected using this system. 27. SWOT (Strengths, Weak- is a way to evaluate risks. It is geared more nesses, Opportunities, toward business strategy in general instead of and Threats) analysis specific tasks. It is not a control method. 28. Job Safety Analysis (JSA) measures the inherent risk of each step in a work process and assigns risk levels to each step and ways to minimize the risk. It is a form of administrative control. 29. When presenting justifi- project costs and benefits can be reasonably cations for capital bud- estimated in advance get safety improvements, safety professionals fre- quently use some type of cost-benefit analysis. Cost-benefit analysis re- quires that: 30. Safety benchmarking is a measuring a company's safety program to iden- technique for: tify best practices 31. When implementing a 1) incident frequency JSA program, the factors 2) rate of disabling injuries considering when priori- 3) incident severity potential tizing jobs for analysis in- 3) new jobs clude: 32. Redundant design philos- series ophy include: single parallel double parallel 33. Bathtub Curve the typical failure rate of a product over time. 34. Unfired pressure vessel unfired pressure vessel regulations do NOT ap- ply to unfired pressure vessels which operate at pressures below 15 psi(g) 6/7 Domain 3 - Risk Management Study online at https://quizlet.com/_811pxp 35. Objectives of RM for a - reducing anxiety prior to a loss buisness - meeting responsibilities as a good corporate citizen - continued growth after suffering a loss NOT attracting investment capital 36. Poka-Yoke lean manufacturing technique which focuses on prevention or detection of errors. mistake-proofing methods aimed at designing fail-safe systems that minimize human error 37. Kaizen Japanese term for continuous improvement 38. 5-S effective housekeeping (sort, straighten, scrub, systematize, standardize) 39. Design of experiments A quality technique that helps identify which vari- ables have the most influence on the overall outcome of a process 7/7 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 1. Identify the hazard What is NIOSH's three step process 2. Assess the exposure-response rela- for conducting occupational risk assess- tionship ments? 3. Characterize the workplace risk. Those that are constantly ongoing. What is a Dynamic Risk Assessment? Used as baselines or general applica- tions to help expedite the process or to What is a Generic Risk Assessment? provide a foundation on which to build. Qualitative vs quantitative Assessment Method Generic vs specific vs dynamic Assessment Application 1. Identify the hazard or risk 2. Decide or determine who could be affected 3. Assess or evaluate how they might be All risk assessments follow the following affected general steps: 4. Record the results or findings 5. Review the results on a recurring ba- sis How many steps are in the EPA Human Four Health Risk Assessment? 1. Hazard Identification 2. Dose-Response Assessment What are the steps in the EPA Human 3. Exposure Assessment Health Risk Assessment? 4. Risk Characterization 1. an integral part of management 2. embedded in the culture and practices According to ANSI/ASSP/ISO 31000, 3. tailored to the business processes of the risk management process should be: the organization Risk Management Guidelines What is ISO 31000? Guidelines for auditing management What is ISO 19011? systems Occupational Health and Safety Man- What is ISO 45001? agement Systems Environmental Management What is ISO 14000? 1/5 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 Soon, certain, and positive conse- What kind of consequences have the quences greatest impact on employee behavior? Modern management theory recognizes Both positive or negative that consequences must be positive or negative? Modern management theory recognizes Both, immediate or future that consequences must be immediate or future? Modern management theory recognizes Both, certain or uncertain that consequences must be certain or uncertain? Modern management theory recognizes that consequences must be a very pow- A very powerful motivator erful motivator, or a less powerful moti- vator? Risk is defined as a combi- Severity and Probability nation of _______________ and ________________. ___________ is the plaintiff's failure to Contributory Negligence exercise reasonable care for their safety. ____________ is defined by OSHA as "one who is capable of identifying ex- isting or predictable hazards in the sur- roundings or working conditions which Competent Person are unsanitary, hazardous, or dangerous to employees and who has the autho- rization to take prompt corrective mea- sures to eliminate them. Anytime changes are introduced in the Change Analysis workplace, this type of analysis should be done: ______________________ Risk remaining after risk treatment is Residual Risk termed: _______________ retained risk 2/5 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 Residual risk can contain unidenti- fied risk and can also be termed: _____________ Ranking in the order of severity or fre- What is a Pareto analysis chart used for? quency. - Integrity - Fair presentation - Confidentiality According to ISO 19011, what are the - Due professional care seven principles for auditing? - Independence - Evidence-based approach - Risk-based approach a risk that presents the chance of loss What is "Pure Risk"? but no opportunity for gain What a person can do after recuperating from an injury and determined and sub- Whole person theory tracted from what they could do before the injury is called: ______________ _____ is the benefit associated with Indemnity wage replacemenet. ______ refers to when the employee is awarded a percentage of the differ- Wage loss theory ence between the wages earned and the wages that could have been earned had the injury not occurred. _____ is a comprehensive report that identifies a persons medical condition A life care plan and ongoing care requirements includ- ing financial needs and expenses after suffering an occupation injury/illness. 1. plan, establish, implement, and main- tain and audit program 2. define the audit criteria and scope of According to ISO 45001, what are the six audit elements of an audit process: 3. Select the auditors 4. Ensure the results of the audits are 3/5 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 reported to relevant managers 5. Take action to address nonconformi- ties 6. Retain documented information What is the insurance that is for low prob- Catastrophe insurance ability, high-cost events? What is the insurance between a primary insurer and secondary insurer where the Reinsurance secondary agrees to cover all or part of the losses of the primary insurer? What is the portion of risk or amount of Retrocession insurance the company chooses not to retain? The Human Factors Theory by David - Overload Yates says when quantifying accident - Inappropriate Worker Response causes, there are three broad cate- - Inappropriate Activities gories: Assigns liability for an injury to a person who did not cause the injury but who What is Vicarious Liability? has a particular legal relationship to the person who did act negligently. Who is responsible for conducting an In- The front-line supervisor. cident Investigation? 1. Elimination 2. Substitution 3. Engineering Controls What is the Hierarchy of Controls? 4. Warnings 5. Admin Controls 6. PPE A condition or activity that has the poten- Hazard tial for harm is: _______ is the chance or probability of Risk occurrence of an injury, loss or a hazard or potential hazard 4/5 Domain 3 - Risk Management Study online at https://quizlet.com/_beynn4 ________

Use Quizgecko on...
Browser
Browser