Understanding Risk Appetite & Tolerance
A clear definition and measure of risk tolerance should be the core of every risk program, but most approaches are “squishy” at best, and certainly fall short of a defined methodology.
Gauging Risk
When you help an organization to define it’s risk appetite, you’re really trying to understand the organization’s attitude towards risk and codify what makes them uncomfortable … and maybe to the point of jeopardizing the viability of the organization to survive. This typically includes many conversations with senior leaders.
- Risk Appetite – a target level of loss exposure that the organization views as acceptable, given business objectives and resources
- Risk Tolerance – the degree of variance from the organization’s risk appetite that the organization is willing to tolerate
- Risk Capacity – the ability to take on risk exposure
- Risk Attitude – a chosen response to uncertainties that could have a positive or negative effect on objectives, and the degree of pain felt when experiencing a loss
Examples
Risk attitudes may include: risk aversion, risk seeking, or risk neutral.