RSK4801/2022

RSK4801 ASSIGNMENT 4 FOR 2022

Instructions:
- Answer ALL the questions.
- Remember to submit your final document in PDF format on myUnisa.
- Draw diagrams where necessary.
- Please use Ariel 12 font and 1.5 line spacing to answer all the questions.
- Include page numbers on the document and answer the questions in
sequence.
- All work should be referenced, including the prescribed textbook, and insert
a reference list at the end of your document. Please do not use Wikipedia as
a reference as this is not an academic source.

Question 1 (5)
Discuss the difference between control appetite, risk appetite and risk tolerance.
Illustrate your answer with examples.

Question 2 (13)
Define the concept of “event” from an operational risk management perspective and
discuss how risk events are used in operational risk management.

Question 3
Briefly discuss business continuity management as a risk control measure. (10)

Question 4 (12)
In the wake of the Covid19 pandemic, many organisations moved to working from
home and going entirely online - this increased cybercrime. Explain and give examples
of people’s vulnerabilities as an operational risk that may result in information security
breaches due to the Covid19 pandemic. Elaborate on the measures the organisation
can take to reduce these vulnerabilities.

Questions 5 (20)
Analyse the figure below to differentiate between risk performance and control
indicators. Use appropriate examples to substantiate your arguments. In addition,
explain the concept of key risk indicators for operational risk management in detail.

1
 RSK4801/2022
Figure: KPIs, KRIs and KCIs

Key Risk Indicator

Change in likelihood or
impact, linked to RCA

Key
Indicators

Key Performance Indicator Key Control Indicator

Change in business Change in design or

performance, linked to performance, linked to RCA

Source: Blunden & Thirwell (2013)

[TOTAL MARKS = 60]

©
UNISA 2022