National Academies Press: OpenBook

Application of Enterprise Risk Management at Airports (2012)

Chapter: Appendix A - Definitions and Acronyms

Get This Book
Unfortunately, this book can't be printed from the OpenBook. If you need to print pages from this book, we recommend downloading it as a PDF.

Visit NAP.edu/10766 to get more information about this book, to buy it in print, or to download it as a free PDF.
« Previous: Section 7 - Continuous Improvement and Sustainability
Page 53
Suggested Citation:"Appendix A - Definitions and Acronyms." National Academies of Sciences, Engineering, and Medicine. 2012. Application of Enterprise Risk Management at Airports. Washington, DC: The National Academies Press. doi: 10.17226/22744.
×
Save
Cancel
Page 53
Page 54
Suggested Citation:"Appendix A - Definitions and Acronyms." National Academies of Sciences, Engineering, and Medicine. 2012. Application of Enterprise Risk Management at Airports. Washington, DC: The National Academies Press. doi: 10.17226/22744.
×
Save
Cancel
Page 54
Page 55
Suggested Citation:"Appendix A - Definitions and Acronyms." National Academies of Sciences, Engineering, and Medicine. 2012. Application of Enterprise Risk Management at Airports. Washington, DC: The National Academies Press. doi: 10.17226/22744.
×
Save
Cancel
Page 55
Page 56
Suggested Citation:"Appendix A - Definitions and Acronyms." National Academies of Sciences, Engineering, and Medicine. 2012. Application of Enterprise Risk Management at Airports. Washington, DC: The National Academies Press. doi: 10.17226/22744.
×
Save
Cancel
Page 56

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

53 Definitions The following terms are used throughout this guidebook: Audit: The process by which procedures and/or documentation is measured against pre-agreed standards. Control: Any management action or intervention that reduces the frequency/probability of a risk occurring and/or reduces its impact if it does occur. Enterprise risk management: A holistic approach and process to identify, prioritize, mitigate, manage, and monitor current and emerging risks in an integrated way across the breadth of the enterprise. Enterprise risk management framework: A series of key components that collectively provide the ERM principles, concepts, processes, terminology, and direction for the delivery of effec- tive ERM to enable the achievement of key strategic/operational objectives. Extreme or catastrophic event: An event of immense proportions that has severe consequences, often damaging a large proportion of the organization’s assets. A very rare event, which results in an extreme loss greater than an unexpected loss. Financial impact: An operating expense that occurs following a risk event, which, as a result of the event, cannot be offset by income and directly affects the financial position of the organi- zation. The realization of an unexpected financial loss. Following an opportunity event, the organization may realize a positive financial benefit. Governance: The system by which organizations are directed and controlled. Boards of directors are responsible for the governance of their organizations. Governance includes the system and structure for defining policies, providing leadership, and managing and coordinating processes and resources to meet an organization’s strategic goals. Hazard: A source of potential harm or a situation with a potential to cause loss. Health and safety: The process by which the well-being of all employees, contractors, visitors, and the public is safeguarded. Inherent risk: A possibility that cannot be managed or transferred away that some human activity or natural event will have an adverse effect on the asset(s) of an organization. This is a risk to which an entity is exposed due to the nature of the environment in which it operates. Definitions and Acronyms A p p e n d i x A

54 Application of enterprise Risk Management at Airports Key control indicator: An indicator that is used to help measure the effectiveness of mitigation measures. These indicators can be used to determine whether mitigation is effective and/or adequate. Likelihood: A measurement of how often an event might occur and how probable it is that the event will occur. Likelihood is often used as a synonym for probability and frequency, especially in a qualitative context where a precise analytical calculation cannot be obtained. Likelihood (assessed as high, medium, or low) can be used in risk assessment as a proxy for probability to assist understanding of the more complex probability measure. Loss: The negative effect of a risk event, which may be financial (such as loss of cash) or non- financial (such as loss of information or goodwill). Mitigation: The action of reducing (if not eliminating) the frequency and/or impacts of a risk by use of controls, contingency, insurance, etc. Opportunity: The positive effect of an event, which may be a financial gain or non-financial, such as enhanced goodwill. Probability: The extent to which an event is likely to occur during a given period of time (it can be measured mathematically by the ratio of potential/actual events to the whole number of cases). Probability can be defined as how likely an event is to occur, expressed as a number between 0 and 1. A probability of 0 means the event will never occur whereas a probability of 1 means that the event will always occur. Qualitative assessment: A form of assessment that analyzes the general structures and systems currently in place. A descriptive methodology, which typically involves risk mapping and risk matrices. These assessments do not involve detailed measurements. Quantitative assessment: A form of assessment that analyzes the actual numbers and values involved. This type of methodology typically applies mathematical and statistical techniques and modeling. Residual risk: The amount of risk or level of risk impact after the existing control environment has been taken into account. Also referred to as net risk. Risk: Risks are uncertain future events that may influence an organization’s ability to achieve its objectives. The term “risk” can be used in three distinct applications: • Risk as exposure: The most common definition of the term. Most people refer to potential negative events such as financial loss, fraud, lawsuits, or threats to meeting objectives as “risks.” In this context, risk management means reducing the probability of a negative event without incurring excessive costs. • Risk as uncertainty: The distribution of all possible outcomes, both positive and negative. In this context, risk management seeks to reduce the variance between anticipated outcomes and actual results. • Risk as opportunity: This is implicit in the concept that a relationship exists between risk and return. The greater the risk, the greater the potential return, and, necessarily, the greater the potential for loss. In this context, managing risk means using techniques to maximize the upside of uncertainty within the constraints of a current operating environment. Risk appetite: The amount of risk, on a broad level, an entity is willing to accept in pursuit of value. Risk appetite reflects the enterprise’s risk management philosophy and, in turn, influ- ences the entity’s culture and operating style.

definitions and Acronyms 55 Risk causes: A factor that makes it more probable that a risk event or opportunity may occur and/or can increase the severity of a risk impact. Risk identification: The process of identifying what events, losses, and opportunities can hap- pen; why they might happen; and how. Risk impact: The effect(s) of a risk event, for example financial loss, service failure, reputational damage, people/staff dissatisfaction, regulatory/legal non-compliance, and client relation- ship damage. For opportunities, the effect(s) of the event could include financial gain, service enhancement, and competitive advantage. Risk perception: An individual’s subjective view of risks and opportunities. This view can vary significantly due to differences in assumptions and concepts and the needs, issues, and con- cerns of stakeholders as they relate to the risks or issues under discussion. People tend to naturally lean toward being risk takers or being risk averse. Risk prioritization: The ordering of risks and opportunities into priority order. Risk register: A basic, ongoing working document that captures and describes risks and oppor- tunities as they are identified together with risk accountabilities, actions where required, and review and completion dates. Risk reporting: The provision of relevant, accurate, and timely risk/opportunity information to an organization’s decision makers to provide a picture of the current state/potential future state of the enterprise. Risk tolerance: Risk tolerance is a calculation based on the financial strength of the organiza- tion that indicates how much money the organization can lose before its key performance indicators are affected. While financial measures are quite common, risk tolerance can also be articulated in non-financial measures such as media exposure, downtime, and compliance levels. Risk transfer: A series of techniques describing the various means of addressing risk through insurance and similar products. This includes recent developments such as the securitization of risk and creation of, for example, catastrophe bonds. Risk treatment: The selection and implementation of relevant options for managing risk. There are five key treatments; accept, exploit, avoid, mitigate, and transfer. Stakeholder: An individual, group, or organization that can affect, be affected by, or perceive itself to be affected by a risk. Stakeholders can include customers, shareholders, employees, suppliers, bankers, community groups, unions, etc. Acronyms AIRMIC Association of Insurance and Risk Managers in Commerce ALARM The Public Risk Management Association BCM Business Continuity Management CEO Chief Executive Officer CFO Chief Financial Officer COSO Committee of Sponsoring Organizations of the Treadway Commission ERM Enterprise Risk Management

56 Application of enterprise Risk Management at Airports FERMA Federation of European Risk Management Associations IEC International Electrotechnical Commission IRM Institute of Risk Management ISO International Organization for Standardization KCI Key Control Indicator KPI Key Performance Indicator KRI Key Risk Indicator PDCA Plan-Do-Check-Act RIMS Risk and Insurance Management Society RMIS Risk Management Information System SMS Safety Management System SOX Sarbanes-Oxley SRM Safety Risk Management

Next: Appendix B - Example Maturity Model »
Application of Enterprise Risk Management at Airports Get This Book
×
Application of Enterprise Risk Management at Airports
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

TRB’s Airport Cooperative Research Program (ACRP) Report 74: Application of Enterprise Risk Management at Airports summarizes the principles and benefits of enterprise risk management (ERM) and its application to airports.

The report discusses implementation of the iterative ERM process, including roles and responsibilities from airport governing boards to all staff members.

The project that developed ACRP Report 74 also developed an electronic tool that can be used to support the ERM process by creating a risk score and a risk map that can be used to identify mitigation strategies. The tool is included in CD-ROM format with the print version of the report.

The CD-ROM is also available for download from TRB’s website as an ISO image. Links to the ISO image and instructions for burning a CD-ROM from an ISO image are provided below.

Help on Burning an .ISO CD-ROM Image

Download the .ISO CD-ROM Image

(Warning: This is a large file and may take some time to download using a high-speed connection.)

CD-ROM Disclaimer - This software is offered as is, without warranty or promise of support of any kind either expressed or implied. Under no circumstance will the National Academy of Sciences or the Transportation Research Board (collectively "TRB") be liable for any loss or damage caused by the installation or operation of this product. TRB makes no representation or warranty of any kind, expressed or implied, in fact or in law, including without limitation, the warranty of merchantability or the warranty of fitness for a particular purpose, and shall not in any case be liable for any consequential or special damages.

READ FREE ONLINE

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!