(Risk Management cont.)

Types of risk (3)

i) upside (some examples include product or service innovation, technology as an accelerator, market expansion, etc; need to be handle by
    - identifying the appropriate business model to manage the risk, if it occurs
    - establishing guidelines around risk appetite and tolerances
    - identifying potential impacts and outcomes from a possible risk event, ie pros and cons
    - monitor all aspects of key risk indicators, ie go beyond transactional and operational data to consider external factors)

ii) outside (involves risks prompted by outside events, ie out of the organisations control; impact can be positive and/or negative; examples include competition (from inside and/or outside the industry), geopolitical risks, legislation, natural disasters, etc
"...Addressing them requires an approach that facilitates the identification and mitigation of their impact through scenario analysis and stress testing. This will help determine whether an organisation has sufficient resources to shield itself from the full force of external events. this requires the extensive monitoring of the market place, your competitors and emerging trends and technology that can involve collating opinions a variety of stakeholders..."
Camms, 2023)

iii) downsize (involves internal risks can emerge within an organisation that can be controlled, eliminated or avoided; some examples include cyber security, fraud, accident, system failures, regulatory non-compliance, etc
"...The control framework to focus on preventable risk and provide structured monitoring of the threat level of those risks..."
Camms, 2023)