LOS C requires you to:
define risk governance and describe elements of effective risk governance
a. Risk governance is the top-down process that provides guidance for the board, which keeps management actions and organizational goals in alignment.
b. In the process of risk governance, the management:
i. determines the organizational goals and priorities,
ii. sets the organizational risk appetite and tolerance (as to, what risks are acceptable or unacceptable, and that needs to be mitigated),
iii. provides ongoing risk management oversight.
Desirable Properties of Risk Governance System
a. Risk governance system should provide a sense of the worst loss that can be managed.
b. It should provide clear guidance balanced with the execution flexibility.
c. The focus of the risk governance system should be on ‘enterprise risk management and not on the individual divisions within the organization. Thus the focus of the process should be on the objectives, health, and value of the whole organization.
d. There should be a risk management committee under the presence of a Chief Risk Officer (CRO) to overlook the risk governance process.