Okay, how? From CA12 Sept 06: "Set out a possible structure for analysing the risks of a financial product provider". Could you phrase that any more vaguely? Do they want a general structure for a risk analysis process? Do they want a general structure for the whole risk identification/analysis/management process? Do they want a discussion of how risk analysis would be incorporated into project, product and higher level management? In fact they seem to have wanted a classification of the types of risk that a financial product provider faces, which was the least likely of the options that occurred to me. For 4 marks, trying everything relevant would not be an option. Not that I'm scared or anything ... :-( L