Risk and risk management – an overview quickly explained

Always wanted to take a risk? Are you even a bit of a risk manager and your life also offers you internal jobs like risk management? Do you consciously take risks? Daily or even hourly? In the article Risk and Risk Management you will learn all the important terms. You find this too unexciting? Then you can certainly explain the difference between causality and correlation. Otherwise this post will help you.

Definition of risk

What does risk actually mean? Is it the unpredictability of possibilities in the future? Deviating from planned goals? Can’t risks also be positive (e.g. represent opportunities)? Or are risks only negative (dangers)? Is it perhaps ultimately just a matter of focusing on the deviations?

Risks can be divided into two dimensions: The final dimension describes the impact or the result of the risk (e.g. the result “bankruptcy”). In addition to the final dimension, there is the causal dimension, which considers the various risks that lead to the final dimension (e.g. operational risk).

Risk management decisions and information

Every day we make a multitude of decisions. In science, the “Homo Oeconomicus” was designed, which also represents the starting point of the normative-descriptive approach . The homo oeconomicus constantly strives for utility maximization (highest utility), is subject to the self-interest axiom (utility only for oneself, a total egoist) and has a rational characteristic (with regard to a goal, the optimal alternative is selected). There is no homo oeconomicus on planet earth. The scientific construct is for research only. Just as a guide. As a model.

But what does the decision-making behavior of people on earth look like? Actually quite simple. According to feelings, experiences and the level of information. The latter can be perfect and imperfect. Therefore, one speaks of decisions under certainty (perfect information) and decisions under uncertainty (imperfect information). The two following examples are intended to define perfect and imperfect information and the term decision in more detail.

Decision under safety with perfect information

The result of the addition of 5 and 3 is sought. In this case, complete information is available. You know that it is an addition of two given (in the specification) numbers. The selection (decision) of the right result (which can be said and calculated with certainty) from several possibilities is therefore easy. It is a decision under security.

Decision under uncertainty with imperfect information

You see a 46% discount on a chocolate bar in a supermarket brochure. You need this for your son in three weeks. Should this chocolate (on sale) now be bought or not? This is a decision made under uncertainty. You don’t know whether the chocolate will be offered cheaper in another supermarket in the next 3 weeks. You don’t even know if this is the cheapest offer among all supermarkets. You still know the average reference price. This would provide information as to whether 46% of the original instead price is cheap at all. So you have to make a decision with imperfect information here.

Perfect VS imperfect information

As the two examples above demonstrated, we make most decisions under uncertainty and with imperfect information. This is the norm, since no one has all the information at a given point in time (as well as looking ahead) (perhaps in the future the (intelligent) cloud or analytical computer-aided thinking). Decisions under security tend to be the exception and only exist in completely delimitable and closed systems.

decision model

Decisions can be made using the decision model. In addition to the decision maker, this provides a decision field with a space for action and a result. The target system will always maximize utility. This means that by performing the action, the utility is maximized.

Decision model under certainty with perfect information

The following is an example of a decision under certainty with perfect information. We start from the above example with the addition of 5 and 3 and . You can choose between the result 8 and 6.

ActionResult
6 tickedMinus in exercise book
8 tickedPlus in exercise book
Nothing tickedMinus in the exercise book, message to the parents
Both tickedrepetition of the task

Decision model under uncertainty with imperfect information

When decisions are made under uncertainty, the result is not known. A further distinction can be made between risk and uncertainty. In the case of a risk, the probability distribution of the possible environmental conditions is known, while in the case of uncertainty, this probability function is not known.

Now let’s assume that the student gets money from his grandmother for the above example. This is not only dependent on his decision, but also on the state of mind of the grandmother. He has analyzed this over the last few years and found the following: 50% in a good mood, 40% in a normal mood and 10% in a bad mood. Now he can set up the following matrix.

Actionenvironmental conditions
Good mood (50%)Normal mood (40%)Bad mood (10%)
6 ticked5€5€0€
8 ticked20€15€10€
Nothing ticked5€0€0€
Both ticked0€0€0€

The expected value and the optimal alternative course of action can be calculated using the matrix above. Of course, the best action is to choose the right answer. Let’s assume, however, that this is linked to learning success. If the probability function is not known, then one speaks of uncertainty. Such decisions are no longer based on the expected value, but with Laplace (highest mean of all environmental states), Maximin (highest value of all minimal possibilities), Maximax (maximum value of all maximal possibilities), Hurwicz (maximum value times parameter value plus minimum value times (1-parameter value) where parameter value between 0 and 1) or Savage-Niehans (regret matrix – how much is lost in the worst case – works however on the columns, here the maximum of the rows is then selected and finally the minimum of the column) solved.

Distributions related to risk management

This chapter discusses distributions in more detail. However, this is only about an overview and the parameters of distributions and not about a special distribution or the definition of distributions.

stochastic process

A stochastic process is a random process. The path corresponds to the sequence of realizations of the random variables determining the process.

A distinction is made between discrete and continuous random variables. Discrete variables can only take on single discrete values. The cube serves as a good example. It can only accept the numbers 1 to 6. The number 1.5 is therefore not possible. As a result, the expression is also not possible. A continuous variable, on the other hand, can take on any value, which can always be further subdivided. A measurement with the ruler can always be further refined, first in dm, then in cm, mm, … etc. can be examined. The expression is not limited to certain numbers, but can assume any value (between limits – a length, for example, cannot be negative).

probability function

The probability function indicates the probability of the occurrence of each possible realization of a discretely distributed random variable . If the die is fair, the probability function states that each possible realization (the numbers 1 to 6) occurs with a probability of 1/6 each. There are exactly six possible realizations and no values in between. The realizations here can only be the natural numbers from 1 to 6. This means that the 100 probability of a fair throw can be divided by the number of realizations (here 6). So the result is 1/3.

distribution function

The distribution function differs from the probability function in that it does not give the value of one realization but of a sum of realizations. This is usually specified with a maximum (maximum) realization value. For example: What is the probability that a fair die will have a maximum value of 3 (i.e. 1, 2 or 3).

density function

If it is not a discrete, but rather a continuously distributed random variable, we speak of the density function. There is no probability for individual values, since they do not actually occur. An example: Is there 1 or is it 1.1? Is it 1.1 or rather 1.01? Is it 1.01 or is it 1.001? And this goes on forever – so the probability of occurrence is 0 (converging to zero) given the infinite possibilities. The density function can be calculated using integrals. The distribution function, on the other hand, applies not only to discrete but also to continuous variables (since it is always the cumulative probability at a point). As an example for a continuous variable: What is the probability that the measured length is at least 3 cm or more?

Parameters of distributions

Every distribution has certain parameters that can also be used to determine the distribution. These parameters are, for example, the position parameter, the scattering parameter, the skewness and the curvature. The location provides information about the center and, depending on the type of data, is the expected value, the modal value or the median. With the variance or the standard deviation statements can be made about the scatter around the center (how far is the deviation from the center). The skewness, on the other hand, corresponds to the third moment of a distribution. Skewness can be symmetrical, right-skewed, or left-skewed. The kurtosis (fourth moment) can correspond to a normal distribution (at 3), a leptokurtic distribution (fat tails and high peak) or a platokurtic distribution (< 3). Usually, however, the excess kurtosis (excess kurtosis) is calculated. In this case, the value 0 corresponds to a normal distribution.

quantiles of distributions

Quantiles of continuous random variables are calculated using the density or distribution function. Quantiles describe the value of a random variable that is not exceeded with the probability of the value of the quantile. The 25% quantile describes the value of the random variable that will not be exceeded with a 25% probability. Quantiles do not always have a unique solution. For this reason, the lower quantile is always assumed.

Covariance VS Correlation VS Causality

The covariance describes the common deviation of two random numbers from the expected value. The covariance can take any value. The correlation, on the other hand, is a coefficient that only takes on values between -1 and +1. If the value is 0, there is no correlation and the two random variables are considered independent of each other. The closer the value is to the absolute value of 1, the stronger the correlation. However, causality cannot be inferred from correlation. In many cases it is therefore a matter of spurious correlation, with a third unknown variable triggering this correlation.

FAQ – Risk and Risk Management

What is risk?

Risk refers to the possibility that an event will occur that may have undesirable effects or be harmful. In general, risk is a measure of the uncertainty or likelihood that a specific threat or event will occur and adversely affect a business or person.

What is risk management?

Risk management refers to the process by which companies or individuals assess, manage and control their risks. The goal of risk management is to reduce or minimize risk to an acceptable level. It also includes actions taken to minimize the impact of risk on the business or the individual.

What types of risks are there?

There are different types of risk that can affect a company or an individual. Some of the most common types of risk are:

Financial risks: e.g. market risk, credit risk, liquidity risk, currency risk
Operational risks: e.g. risks related to processes, people, technology or infrastructure
Reputation risks: e.g. loss of image or loss of trust
Compliance risks: e.g. violation of laws, rules or regulations
Strategic risks: e.g. changes in the market environment, competition, technology development

How to manage risks?

Risk management methods can vary among companies and individuals depending on their size, industry and risk profile. Some of the common risk management methods are:

Risk identification: assessment and analysis of risks that may arise from business activities.
Risk Assessment: Assessing the magnitude and impact of a risk on the business or person.
Risk avoidance: Avoiding risks by restructuring or terminating certain business activities.
Risk Mitigation: Implementing controls to mitigate risks or reduce their impact.
Risk transfer: Transfer of risk to insurers or through contracts with business partners.
Risk Acceptance: Accepting the risk and developing a plan to manage or minimize the impact.

Why is risk management important?

Risk management is important to protect the business or individual from unexpected events that may affect financial condition, reputation or well-being. It also helps maximize opportunities and benefits by ensuring that risk is reduced to an acceptable level and business activities can be conducted effectively and efficiently.