Governance and the entire risk process should take an enterprise risk management
perspective to ensure that the value of the entire enterprise is maximized. For example, a corporate pension fund manager should consider not only the pension assets and liabilities but also the parent corporation's business risk profile. In other words, the focus should be on the organization as a whole.
Useful approaches to ensuring a strong risk governance framework:
- Employ a risk management committee.
- Appoint a chief risk officer.
Risk tolerance, a key element of good risk governance, establishes an organization's risk appetite.
Ascertaining risk tolerance starts from an inside view and an outside view. What shortfalls within an organization would cause the organization to fail to achieve some critical goals? What are the organization's risk drivers? Which risks are acceptable and which are unacceptable? How much risk can the overall organization be exposed to?
Risk tolerance is then formally chosen using a top-level analysis. The organization's goals, expertise in certain areas, and strategies should be considered when determining its risk tolerance. This process should be completed and communicated before
While risk tolerance determines which risks
are acceptable, risk budgeting decides how
to take risks. It is a means of implementing risk tolerance at a strategic level.
Risk budgeting is any means of allocating investments or assets based on their risk characteristics. Single or multiple dimensions of risk can be used. Common single-dimension risk measures are standard deviation, beta, value at risk, and scenario loss. The risk budgeting process forces the firm to consider risk trade-offs. As a result, the firm should choose to invest where the return per unit of risk is the highest.
Some risk budgeting practices:
- Limit the standard deviation of the entire portfolio to within 15%.
- Allocate 10%, 35% and 55% of total capital in T-bills, long-term corporate bonds, and stock market index-linked mutual funds, respectively.
- Use a risk factor approach to allocate assets.