Hello I am a bit confused by the terminology of those two expressions. Let's take as an example Q5(i) from X18 paper one ( 201809 spare subject) The question is : Describe how a general insurance company can manage the risks arising from major flooding within its insurance portfolio and operations The answer mention the following points: - purchase/build a model to identify risk - underwriting (accept with standard, refuse risk ect...) - charge appropriate premium, offer discount - diversification - ways to reduce the impact from flooding (warning, reinsurance,contract with contractors...) - ect... What answers should I not give from below if the question was : "Describe how a general insurance company can mitigate the risks arising from major flooding within its insurance portfolio and operations"
Hi Yohav, It's good you have underlined the key word in the question. The question says "how a general insurance company can manage the risks", so the examiners expect you to talk about risk management. By definition, we know that Risk management can be described as the process of ensuring that the risks to which an organisation is exposed are the risks to which it thinks it is exposed and to which it is prepared to be exposed. The key aim of risk management is to protect an organisation against adverse experience that could result in it being unable to meet its liabilities. The management of risk, here of the insurer would involve of the following (I have included the reasons also): risk identification; via the use of a model to identify risks risk classification; Given the question mentions "within its insurance portfolio", the insurer is likely to use underwriting when assessing risks. risk measurement; Based on the above, the insurer will know whether to accept/decline/partially accept the risks. risk control/risk financing; Appropriate risk control measures are discussed for e.g. reinsurance and so on risk monitoring; how within the insurance company can it monitor the risks, for e.g. crisis management training, loss adjusters and so on... If the question would be only to "mitigate", then your answer would only be the risk control part and you would have perhaps talked about risk controls/transfer (MURDA) IMO. Hope this answers your question.
Thanks. Now the nuance is less fuzzy. I think we can summarize in that way: Risk mitigation is a part and Risk management process which is a part of Risk governance application.
Hi Yohav, Risk Governance refers to the overarching processes and mechanisms by which decisions about risks are taken and implemented within an organisation. The Risk Management process forms part of the governance and as you mentioned risk mitigation forms part of it. Hope this sheds some light. Best of luck in your studies.
