Insurance and Risk

Management
Group Members
 Risk

 The Ali
Riaz possibility or chance of loss or injury; the property or
BT-04-01
person exposed to damage or injury; an insurance
 Waqar Farooqi
company's uncertaintyBT-04-47
regarding the ultimate amount of
any claim payment (underwriting risk) or uncertainty
regarding the timing of claim payments (timing risk), or
both.
 Types of Risk
Subjective Risk
Psychological uncertainty which stems from the
individual mental attitude or state of mind. It could be
measure by different psychological test .The degrees of
subjective risk depend upon the attitude of the person who
perceived the risk.

E.g. A person who knows that there is only one chance in

a million that a loss will occur may still worry while
another would not.
 Types of Risk(cont..)

Objective Risk
The relative variation of actual from expected loss. In
dealing with objective risk we are concerned maily with the
range of variability of economic losses about of some most
probable loss in a group large enough to analyze
significantly in a statically sense.

Objective risk = (Actual loss – Expected loss) / Expected

loss
 Law of Large Numbers
 

A basic law that states that as the number of exposure units

increases the more certain it is that actual loss experience will
equal to expected loss experience.

Examples:
 Chinese Traders
 Insurance Companies
 Managing Objective and Subjective Risk
C. Managing objective risk

• Assuming the risk or retention

• Combination of objects subject to risk
• Risk transfer or shifting
• Loss control or prevention
• Risk avoidance

• Managing subjective risk

• Search for information

• Group discussion
• Training and education
 Managing Objective Risk

Assuming the risk or retention

 Planned Risk Retention Often called self-insurance in

which firms or individuals decides to pay losses out of currently
available funds (rainy day funds)

Unplanned Risk Retention exists when a person does not

recognize a risk exists and unwittingly believes that no loss
could occur.
 Managing Objective Risk(cont..)

Combination of objects subject to risk

The system of handling risk that usually involves the use of large
numbers.

Examples:
 Chinese Merchants
 Commercial insurance companies
 Managing Objective Risk(cont..)

Risk transfer or shifting

One individual pays another to assume a risk that the

transferor desires to escape. The risk bearer or transferee
assumes the risk for a price.
 Managing Objective Risk(cont..)

Loss control or prevention

It usually reduces the degree of risk, people may worry

less when they are ridding in a large automobile, which
is less susceptible to crushing during a collision.
 Managing Objective Risk(cont..)

Risk avoidance
Closely related to loss control is the method of
avoidance of the possibility of loss in the first place, thus
avoiding the risk?
A person who has a high aversion toward risk may avoid
entering a certain business at all.
 Managing Subjective Risk

Search for information

A risk averting person may be more willing to accept risk
once there is a better understanding of uncertainties, because
with better knowledge one is likely to perceive less risk in a
situation.
A risk taking person may be willing to assume event greater risks
they formerly rejected and at a reduced premiums
 Managing Subjective Risk(cont..)

Group discussion
Perceived subjective risk decline after group discussion and
bolder and quicker action may result.

Training and education

Education in risk and insurance might improve the
efficiency with which insurance is employed by making the user
a more sophisticated buyer.
 Degree Of Risk

The uncertainty that can arise from a given set of circumstances;

the probability that actual experience will differ from what is
anticipated.
 Degree of Risk in Subjective Risk

The high degree of subjective risk exists when a person

experiences great mental uncertainness as to the frequency of
occurrence of some event that make cause a loss, and as to the
amount or severity of the possible loss.

• High subjective risk produces conservative conduct

• Low subjective risk produces less conservative conduct
 Degree of Risk in Objective Risk

Objective risk varies according to the probable variation of actual

from expected loss.
If the variation is high, the risk will be high and if the variation is
low the risk will be low.
 Hazard and Perils
Peril

The contingency that may cause a loss. Perils for an automobile

are collision, fire and for a building is fire etc.

Hazard

A condition or situation that creates or increases the probability

of loss from a peril, such as unsafe or unclean conditions, cheap
or flammable building materials for building and fog, icy streets,
congested roads etc for an automobile.
 Types of Hazards
 

Physical hazard
Moral hazard
Morale hazard
Physical Hazard

A hazard that results from material, structural, and physical

characteristics of an object that increases the probability or
severity of loss from given perils.

Examples:
Dry forests-hazard for fir
Earth faults-hazard for earthquake
Icebergs -hazard for ocean shipping
Moral Hazard

A moral hazard stems from mental attitude of the insured.

Because of the indifference to loss or owning to an outright
desire for the loss to occur, the individual either brings about
personal loss or intentionally does nothing to prevent its
occurrence.

Example:
ü An insured fails to repair faulty wiring, believing it is less
expensive to pay insurance premiums than to pay an electrician.
Morale Hazard

The morale hazard includes the mental attitude that characterizes

an accident-prone person. Even though an individual does not
consciously want a loss, there may be a sub-conscious desire for
loss.
The psychologists would probably diagnose the cause of
excessive and repeated accidents as a sub conscious problem of
morale.
 Static Risk vs. Dynamic Risk

Static Risk
A risk that arises from the normal course of business activities and does not
involve changes in the environment or technology. Static risk can only result in a
loss.
Examples:
ü Fire
ü Windstorm
ü death

Dynamic Risk
A risk that arises from the continuous change that exists in the business or
economic environment or in technology. Dynamic risk can produce a gain (or
savings) as well as a loss (or expenses).
Examples:
ü Urban Unrest
ü Increasing complex technology
Greater legal liability due to changing attitude of courts
 Pure Risk vs. Speculative Risk
Pure Risk
A risk involving the probability or possibility of loss with no
chance for gain. A pure risk is generally insurable.
Example:
A loss to one’s property due to fire, flood windstorm or any other
peril.

Speculative Risk
A risk for which it is uncertain as to whether the final outcome will
be a gain or loss. Generally, speculative risks cannot be insured.
Example:
Gambling
 Insurance
 
A contract whereby one person (insurer) agrees to indemnify or
guarantee another (insured) against loss caused by a specified cause
or future contingency in return for the present payment of premium.
Types of Risks on the Basis of Insurable or Non- Insurable

Risks Insurable Commercially

Property risk
Personal risk
Legal liability risk

Risks Non-Insurable Commercially

Market risk
Political risk
Production risk
 Risks Insurable Commercially

A. Property risk – the uncertainty surrounding the occurrence of

loss to property from perils the cause;

1. Direct loss of property

2. Loss of property indirectly
 Risks Insurable Commercially(cont..)

Personal risk- the uncertainty surrounding the occurrence of

loss of life or income due to:
1. Premature death
2. Physical disability
3. Old age
4. Unemployment
 Risks Insurable Commercially(cont..)

Legal liability risk- the uncertainty surrounding the occurrence of

loss due to negligent behavior resulting in injuring to persons arising
out of:

1. The use of automobile

2. The occupancy of building
3. Employment
4. The manufacture of product
5. Professional misconduct
 Risks Non-Insurable Commercially

Market risk- factor that may result in loss to property or income

such as:

1. Price change, seasonal or cyclical

2. Consumer indifference
3. Style change
4. Competition offered by better product
 Risks Non-Insurable Commercially(cont..)

Political risk- the uncertainty surrounding the occurrence of:

1. over throw of the government or war

2. Restriction imposed on free trade
3. Unreasonable or punitive taxation
4. Restrictions on free exchange of currencies
 Risks Non-Insurable Commercially(cont..)

Production risk- the uncertainty surrounding the occurrence of:

1. Failure of machinery to function economically

2. Failure to solve technical problem
3. Exhaustion of raw material resources
4. Strikes, absenteeism, labor unrest
 Insurance vs. Gambling
 
Insurance may appear to be a contract under which there is a
possibility for the insurance company to pay to a given party a
great deal more than it has receive in premium.

• In insurance one party shifts its risk to another i.e.

insurance occur after the realization of risk.

• On the other hand, Gambling creates a new risk where none

existing before.

• After the gamble each party become subject to a new risk

of losing money.
 Requisites of Insurable Risk

We can classify the requisites of insurable risk under two general

heading:

The insurer’s standpoint

The insured’s standpoint

 The insurer’s standpoint
1. The objective must be sufficient number and quality to allow a
reasonably close calculation of probable loss.

2. The loss, should it occur, must be accidental and unintentional

in nature from the viewpoint of insured.

3. The loss, when it occurs, must be capable of being determined

and measured.

4. The insured object should not be subject simultaneous

destruction i.e. catastrophic hazard should be minimal.
 The Insured’s Standpoint

1. That the potential loss must be severe enough to cause

financial hardship.

2. That the probability of loss must not be too high.

Riaz Ali BT-04-01
Practical Demonstration
Risk Management
Risk Management
 Risk management is the human activity
which integrates recognition of risk, risk
assessment, developing strategies to
manage it, and mitigation of risk using
managerial resources.
Traditional Risk Management
 Some traditional risk managements are
focused on risks stemming from physical
or legal causes.
Exemples:
 Natural disasters or fires
 Accidents
 Deaths
Objective of Risk Management
Objective of risk management is to:
Reduce different risks related to a preselected domain
to the level accepted by society. It may refer to
numerous types of threats caused by environment,
technology, humans, organizations and politics.
On the other hand it involves all means available for
humans, or in particular, for a risk management entity
(person, staff, organization).
Risk Management Process
 Steps of Risk Management Process

1. Recognition of risk
2. Risk Assessment
3. Developing Strategies to Manage it
4. Mitigation of risk using managerial resources
5. Implementation
6. Review and Evaluation Risk Management Plan
Some Explanations
 Which Risk Should be Handeld First?
Risk = Probability of Occurrence* Loss of the event
 Risks with the greatest loss and the greatest probability of occuring
should be handled first.
 Risks with lower loss and lower probability of occurrence are
handled in descending order.
 Intangible Risk Management
A risk that has a 100% probability of occurring but is ignored by
the organization due to a lack of identification ability.
 Deficient knowledge-Knowledge risk
 Ineffective collaboration-Relationship risk
Some Explanations Con’t

 Opportunity Cost
Resources spent on risk management could have
been spent on more profitable activities.
Steps of Risk Management Process

 Step 1. Identification
Risks are about events that, when triggered, cause
problems.
 Source of Risk/Problem
 Risk/Problem
Identification Con’ t
Risk Source Analysis
Source of Risk may be internal or external to the
system that is the target of risk management.
 Stakeholders of a project
 Employees of a company
 The weather over an airport

Risk Analysis
Risks are related to identified actual threats from
any source to the organization.
 The threat of losing money
 The threat of abuse of privacy information
 The threat of accidents and casualties
Common Risk Identification
Methods
1. Objective-based risk identification
Any event that may endanger achieving an objective
partly or completely is identified as risk.
Example:
 Weather over an airport
2. Scenario-based risk identification
 Different scenarios are created.
 The scenarios may be the alternative ways to achieve an
objective.
 Any event that triggers an undesired scenario alternative
is identified as risk.
Example:
Common Risk Identification
Methods Con’t
3. Taxonomy-based risk identification
The taxonomy is a breakdown of possible risk sources.
 A questionnaire is compiled Based on the taxonomy and
knowledge of best practices.
 The answers to the questions reveal risks.

1. Employees
2. Suppliers
3. Government
4. Common-risk Checking
 Lists with known risks are available.
 Each risk in the list can be checked for application to
a particular situation.
Common Risk Identification
Methods Con’t
5. Risk Charting
This method combines the above approaches by listing:
 Resources at risk.
 Threats to those resources.
 Consequences it is wished to avoid.
Creating a matrix under these headings enables a variety of
approaches.
7. One can begin with resources and consider the threats they are
exposed to and the consequences of each.
8. One can start with the threats and examine which resources they
would affect.
9. One can begin with the consequences and determine which
combination of threats and resources would be involved to bring
them about.
 1. One can begin with resources and consider the threats
they are exposed to and the consequences of each.

Sources
Production Threat 1 Threat 2 Threat 3
Consequence Consequence Consequence

Channel distribution
Threat 1 Threat 2 Threat 3
Consequence Consequence Consequence

Supply Threat 1 Threat 1 Threat 1

Consequence Consequence Consequence
 2. One can start with the threats and examine
which resources they would affect.
Threats
Fire Source 1 Source 2 Source 3
Consequence Consequence Consequence

Theft Source 1 Source 2 Source 3

Consequence Consequence Consequence

Damage Source 1 Source 2 Source 3

Consequence Consequence Consequence
3. One can begin with the consequences and determine which combination
of threats and resources would be involved to bring them about.

Consequences
Causalities Threat 1 Threat 2 Threat 3
Source Source Source
Accidents Threat 1 Threat 2 Threat 3
Source Source Source
Information Threat 1 Threat 2 Threat 3
Stolen
Source Source Source
Step 2. Risk Assessment
 Potential Severity of loss
 Probability of occurrence

Risk = Rate of occurrence* impact of the event

Difficulties:
o Determining the rate of occurrence since statistical information is
not available on all kinds of past incidents.

o Evaluating the severity of the consequences (impact) is often

quite difficult for immaterial assets.
Step 3. Developing Strategies
 Risk Avoidance (Elimination)
 Risk Reduction/Prevention/Control
 Risk Retention
 Risk Transfer (buying insurance)
 Risk Diversification
Developing Strategies Con’t
 Risk Avoidance
Includes not performing an activity that could carry risk.
Example:
 would be not doing the business.

 would be not flying the airplane.

o Not entering a business to avoid the risk of loss also

avoids the possibility of earning profits.
Developing Strategies Con’t
 Risk Prevention/Reduction
Involves methods that reduce the severity of the loss.
Examples:
 People may worry less when they are ridding in a large
automobile, which is less susceptible to crushing during a collision.
 Modern software development methodologies reduce risk by
developing and delivering software incrementally.
 Sprinklers designed to put out a fire to reduce the risk of loss by
fire.
Developing Strategies Con’t
 Risk Retention
Involves accepting the loss when it occurs.
 True self-insurance falls in this category.
 All risks that are not avoided or transferred are retained
by default.
 Risk retention is a viable strategy for small risks where
the cost of insuring against the risk would be greater
over time than the total losses sustained.
 Risks that are so large or catastrophic that they either
cannot be insured against or the premiums would be
infeasible.e.g. War
Developing Strategies Con’t
 Risk Transfer
Means causing another party to accept the risk.
 Contract
Example: Liability among constructors
 Hedging
 Insurance
-Simply by getting insured by some insurance company
 Outsourcing
-Outsource only some of their departmental needs.
Developing Strategies Con’t
 Risk Diversification
Risk may be reduce through diversification.
 Several warehouses in different locations to store goods.
 Mutual funds
 Chinese Traders
Step 4. Create a Risk Mitigation Plan
Mitigation of risks often means selection of Security
Controls.
For example an observed high risk of computer viruses
could be mitigated by acquiring and implementing
antivirus software.
 Risk mitigation needs to be approved by the
appropriate level of management.
 The risk management plan should propose applicable
and effective security controls for managing the risks.
 A good risk management plan should contain a
schedule for control implementation and
responsible persons for those actions.
Step 5. Implementation
Follow all of the planned methods for mitigating the
effect of the risks.
 Purchase insurance policies for the risks that have
been decided to be transferred to an insurer.
 Avoid all risks that can be avoided without sacrificing
the entity's goals.
 Reduce others .
 And retain the rest.
Step 6. Review and Evaluation of the Plan
 Initial risk management plans will never be perfect.
 Risk analysis results and management plans should
be updated periodically.
There are two primary reasons for this:
• To evaluate whether the previously selected security
controls are still applicable and effective
• To evaluate the possible risk level changes in the
business environment.
Example:
Information risks are a good example of rapidly
changing business environment.
Limitations
 If risks are improperly assessed and prioritized, time
can be wasted in dealing with risk of losses that are not
likely to occur.
 Spending too much time assessing and managing
unlikely risks can divert resources that could be used
more profitably.
 Prioritizing too highly the risk management
processes could keep an organization from ever
completing a project or even getting started.