Maged
Member
Could you help in providing comparison with example for each category.
Risk Measures vs Risk Controls vs Risk Factors
- Thread starter Maged
- Start date
Hi @Maged , thats a question which is very wide in its scope.
Risk Measures are those Mathematical models that we use to give a quantity to Risk, think of it as something that assigns a value to Risk, for example, VaR , Expected Shortfall are risk measures. Risk measures are also assigned various groups based on their nature, example, ES is a coherent risk measure while VaR is not. Also in this category are things like Parametric risk measures that depend upon a given parameter(variable) in their computation, Spectral Risk Measures that assign a weight to ES ( a simplistic generalization )
Risk Factors are those that cause Risks. In fact they expose an organization to various Risks, making them vulnerable to any one of huge variety of Risks grouped under Market, Credit, Operational and Liquidity Risks. For example, Interest Rate is a Risk factor being a source of Market Risk (as in pricing of Bonds) as well as Credit Risks. So are Foreign exchange rates (Market Risks)
In fact there are various Risk Measures that are used to measure these different kinds of Risks taking account of these Risk Factors. For example, CVaR, CVA's are risk measures for Credit Risks; LVaR though a measure for Liquidity Risk, is taken as one for Operational Risk as liquidity is an essential part of operations.
Risk Controls ( The exact place where this appears escapes my mind now ), however, based on my reading of GARP materials, one can call it as procedures and processes instituted to prevent and possibly minimize damage if a Risk factor is way too much predominant or a Risk Measure computes way too much actual/notional loss. Note the last point, most Risk measures are measures of the future-notional losses. If actual loss does occur as from the financial statements, then these Controls are instituted to prevent their recurrence or minimize their damage.
Example: In Auditing we are taught internal controls, having 'two pairs of eyes' for a given transaction is an example, this prevents collusion and fraud, another example would be to automate processes to prevent manual activity and embezzlement altogether ( This seems to be the current trend in companies, though I am not a fan of it ).
Take the Flash Crash, the possibility of an algorithm going berserk is an operational Risk Factor ( it causes both Market and Operational Risks like loss of reputation ), The risk control to prevent it is to have two programmers check the same
Sorry if I missed a lot of things, but the topic is very wide in its scope
Risk Measures are those Mathematical models that we use to give a quantity to Risk, think of it as something that assigns a value to Risk, for example, VaR , Expected Shortfall are risk measures. Risk measures are also assigned various groups based on their nature, example, ES is a coherent risk measure while VaR is not. Also in this category are things like Parametric risk measures that depend upon a given parameter(variable) in their computation, Spectral Risk Measures that assign a weight to ES ( a simplistic generalization )
Risk Factors are those that cause Risks. In fact they expose an organization to various Risks, making them vulnerable to any one of huge variety of Risks grouped under Market, Credit, Operational and Liquidity Risks. For example, Interest Rate is a Risk factor being a source of Market Risk (as in pricing of Bonds) as well as Credit Risks. So are Foreign exchange rates (Market Risks)
In fact there are various Risk Measures that are used to measure these different kinds of Risks taking account of these Risk Factors. For example, CVaR, CVA's are risk measures for Credit Risks; LVaR though a measure for Liquidity Risk, is taken as one for Operational Risk as liquidity is an essential part of operations.
Risk Controls ( The exact place where this appears escapes my mind now ), however, based on my reading of GARP materials, one can call it as procedures and processes instituted to prevent and possibly minimize damage if a Risk factor is way too much predominant or a Risk Measure computes way too much actual/notional loss. Note the last point, most Risk measures are measures of the future-notional losses. If actual loss does occur as from the financial statements, then these Controls are instituted to prevent their recurrence or minimize their damage.
Example: In Auditing we are taught internal controls, having 'two pairs of eyes' for a given transaction is an example, this prevents collusion and fraud, another example would be to automate processes to prevent manual activity and embezzlement altogether ( This seems to be the current trend in companies, though I am not a fan of it ).
Take the Flash Crash, the possibility of an algorithm going berserk is an operational Risk Factor ( it causes both Market and Operational Risks like loss of reputation ), The risk control to prevent it is to have two programmers check the same
Sorry if I missed a lot of things, but the topic is very wide in its scope
Similar threads
