This guide covers the evolution and application of the concept of inherent risk, originally rooted in insurance practices. In the past, underwriters used Maximum Possible Loss (MPL) to assess potential catastrophic losses, focusing on worst-case scenarios. However, this approach was highly theoretical and often unrealistic. Over time, insurers transitioned to Estimated Maximum Loss (EML), which uses probabilistic models and historical data for more accurate risk assessments. This shift highlights the limitations of the inherent risk concept.
In modern risk management, it is crucial to distinguish between inherent risk, current risk, and residual risk. While inherent risk represents the hypothetical risk without any controls, current risk reflects the risk with existing controls, and residual risk projects the future risk after implementing new mitigation measures. Internal auditors often compare inherent risk to current risk, while risk managers focus on current versus residual risk to optimize mitigation efforts.
Ask RAW@AI about this post or just talk about risk management
Check out other risk management books
RISK-ACADEMY offers online courses
Informed Risk Taking
Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!
ISO31000 Integrating Risk Management
Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.
Advanced Risk Governance
This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.
