Applying Risk Scenarios

RESOURCES

Subscribe to updates
First Name*
First
Last Name*
Last
Email*
Company Name*
*
Tick the box to receive updates and resources. By ticking this box, you agree that your contact details will be used by RiskLogix in accordance with our Privacy Policy.
Privacy
CAPTCHA
Phone
This field is for validation purposes and should be left unchanged.

63475

May 26, 2023

Applying risk scenarios – Deterministic or Probabilistic?

In final blog on the topic of scenarios Tony and John explain how best to apply risk scenarios using Operational Risk Software.

Taken from: Mastering Risk Management

There are two main approaches to applying scenarios to risk management data.

These are:

A deterministic approach, which uses a simple and straightforward approach although it is sometimes difficult to relate to reality. It is far less rigorous and relies on assumptions to a much greater extent.
A probabilistic approach, which uses a statistical methodology for modelling risks and controls although is sometimes difficult to understand due to the underlying complex mathematics.

Deterministic approach

This takes the scenarios which have been developed and tests the relevant risk and control self-assessment with the scenario outcomes. The testing is carried out through the analysis of which controls have failed for the scenario to occur and therefore which risks have happened and what is the impact of those risks.

Useful guidance is given in terms of the size of the likely impacts through the impact ranges which were developed during the risk and control self-assessment process. These impact ranges should be considered as guidance only and should not be slavishly adhered to. For example, some controls which mitigate a particular risk may still exist and be operable during a scenario and therefore the impact may be significantly less than is given by the risk’s impact range. However, the upper value of the range should only be exceeded after significant debate, as this will have already been considered and discussed during the risk and control self-assessments.

Having assessed the impacts of the risk events which occur during a scenario, it is possible to calculate (through simple addition) the extra impact of the scenario on the firm’s risk profile. Action can then be taken in terms of a cost-benefit analysis of the controls which were affected by the scenario. This is combined with a review of the firm’s risk appetite in order to determine whether or not control enhancement is required. In addition, the application of the scenario and tests may uncover controls which were previously thought to be adequate and which now require action.

Probabilistic approach

This approach transforms qualitative and subjective risk assessment to monetary values through probabilistic modelling. It uses the same initial step as the deterministic approach, that is the existing risk and control self-assessment is tested with the scenario outcomes in order to determine which controls have failed. The revised, scenario-adjusted risk and control self-assessment is then subjected to risk event occurrence through control failure simulation.

The advantages of this approach are:

A more focused cost-benefit analysis of controls, as the monetary reduction of the risk profile is explicit
A clearer view of risk appetite, again as the monetary value of risks and controls is explicit
The ability to see the monetary impact of the scenario at different explicit confidence levels, rather than simply at one (unarticulated and implicit) level as in the deterministic approach
The sensitivities of different risks are more apparent as their monetary values are available at different confidence levels
Analyses from different risk perspectives following the scenario can be more easily extracted
Access to different confidence levels allows reverse stress testing to be better understood as any scenario can be extended to a level at which the firm is no longer viable.

Summary

Scenarios are all about imagination and not being afraid to think the unthinkable. Indeed, they are totally concerned with the unthinkable. They are not a mathematical exercise but a practical one, aimed at identifying events or, more precisely, combinations of events which could threaten a firm’s objectives and even its existence. As a practical exercise, they are the glue which binds the other elements of the framework together and test whether the risk framework is robust and fit for purpose. If those threats appear, the immediate remedy is a well thought out and fully tested business continuity plan.

This is our final blog on the topic of scenarios.

Mastering Risk Management by Tony Blunden and John Thirlwell is published by FT International. Order your copy here: https://www.pearson.com/en-gb/subject-catalog/p/mastering-risk-management/P200000003761/9781292331317

For more information contact us today on sales@risklogix-solutions.com

Introduction to Risk Scenarios

Risk Scenarios

Introduction to Risk Scenarios

Introduction to Scenarios and when to use them Our next series of blogs are all about scenarios. How and when they are used, how they compare to credit risks, how to develop practical scenarios and how to manage them using operational risk software. Taken from: Mastering Risk Management Scenario analysis is an essential tool for …

Introduction to Risk Scenarios Read More »

Applying Risk Scenarios

RESOURCES

Subscribe to updates

Related Posts

Introduction to Risk Scenarios

Global HQ

RiskLogix Solutions Ltd

Privacy & Security: