Difference between revisions of "Risk Tolerance"
(→Other Material) |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
'''Resilience''' the ability to recover from an unexpected problem. | '''Resilience''' the ability to recover from an unexpected problem. | ||
| + | |||
| + | '''Efficiency''' the opposite of Resilience. | ||
| + | |||
| + | '''Complacency''' the belief that if you have not been successfully attacked in the last year that you will not be in the coming year either. In other word risk tolerance will become greater every year that you are not successfully attacked. | ||
'''Time Frame''' the amount of time for which a risk calculation is made. If the probably of devastating cyber-attack is 1 % per month, that works out to 3 % per quarter, 12% per year (number rounded for simplicity). As it can be seen if an executive needs to get a good quarterly result to earn a bonus, she has little incentive to spend money to reduce risk with a low near-term probability. | '''Time Frame''' the amount of time for which a risk calculation is made. If the probably of devastating cyber-attack is 1 % per month, that works out to 3 % per quarter, 12% per year (number rounded for simplicity). As it can be seen if an executive needs to get a good quarterly result to earn a bonus, she has little incentive to spend money to reduce risk with a low near-term probability. | ||
| + | |||
| + | ==Risk Taking== | ||
| + | Successful risk takers are good at [[Risk Analysis]]<ref>Nate Silver (2024) ''On the Edge'' ISBN 9781594204128</ref><blockquote>they are Bayesians, comfortable quantifying their intuitions an working with incomplete information.</blockquote> | ||
| + | |||
==References== | ==References== | ||
| − | + | <references /> | |
===Other Material=== | ===Other Material=== | ||
* The wiki page on [[Privacy Risk]] shares some content with this page as privacy risk is becoming a significant factor in [[Conduct Risk]]. | * The wiki page on [[Privacy Risk]] shares some content with this page as privacy risk is becoming a significant factor in [[Conduct Risk]]. | ||
| + | * The wiki page on [[Bayesian Identity Proofing]] | ||
* The wiki page on [[Privacy Tolerance]] speaks to a particular area where [[Conduct Risk]] can help select an appropriate acceptance level for risk. | * The wiki page on [[Privacy Tolerance]] speaks to a particular area where [[Conduct Risk]] can help select an appropriate acceptance level for risk. | ||
Latest revision as of 16:47, 10 February 2025
Full Title or Meme
The amount of risk an entity is willing to take to earn a reward.
Taxonomy
Risk Appetite the level of uncertainty a company is willing to assume given the corresponding reward associated with the risk. A company with a high-risk appetite would be a company accepting more uncertainty for a higher reward, while a company with a low-risk appetite would seek less uncertainty, for which it would accept a lower return.
Resilience the ability to recover from an unexpected problem.
Efficiency the opposite of Resilience.
Complacency the belief that if you have not been successfully attacked in the last year that you will not be in the coming year either. In other word risk tolerance will become greater every year that you are not successfully attacked.
Time Frame the amount of time for which a risk calculation is made. If the probably of devastating cyber-attack is 1 % per month, that works out to 3 % per quarter, 12% per year (number rounded for simplicity). As it can be seen if an executive needs to get a good quarterly result to earn a bonus, she has little incentive to spend money to reduce risk with a low near-term probability.
Risk Taking
Successful risk takers are good at Risk Analysis[1]they are Bayesians, comfortable quantifying their intuitions an working with incomplete information.
References
- ↑ Nate Silver (2024) On the Edge ISBN 9781594204128
Other Material
- The wiki page on Privacy Risk shares some content with this page as privacy risk is becoming a significant factor in Conduct Risk.
- The wiki page on Bayesian Identity Proofing
- The wiki page on Privacy Tolerance speaks to a particular area where Conduct Risk can help select an appropriate acceptance level for risk.
