UNIT-II : EVALUATION OF RISK

Risk evaluation attempts to define what the estimated risk actually means to people concerned
with or affected by the risk. A large part of this evaluation will be the consideration of how
people perceive risks.

RISK MEASUREMENT

https://www.wallstreetmojo.com/risk-measurement/

https://www.investopedia.com/terms/r/riskmeasures.asp

Risk measurement refers to evaluating and quantifying potential loss associated with a decision,
action, or investment. It aims at prioritizing the severity of potential consequences of any action
and accordingly planning the resource allocation for maximizing return while taking a
calculative risk.​
​
Measuring risk is crucial for individuals and firms in various fields for to following reasons:
– Informed decision-making;
– Proper resource allocation;
– Financial stability and sustainability;
– Strategic planning;
– Legal and regulatory compliance;
– Foster innovation through calculated risks; and
– Ascertaining insurance premiums and rates.

Methods

The choice of risk measurement method depends on the nature of the risk being measured and
the available data. Different situations may require different approaches or a combination of
methods for a comprehensive risk assessment.

There are several methods used to measure investment risk, as follows:

1. Alpha (α)
Definition:​
Alpha measures the performance of an investment relative to a benchmark index. A positive
alpha indicates that the investment outperformed the benchmark, while a negative alpha shows
underperformance.

Example:

Suppose an investment fund gives a return of 12% over a year, while its benchmark, the S&P
500, provides a return of 10%. The alpha for the fund can be calculated as:

Alpha=Fund Return−Benchmark Return=12%−10%=2%

Interpretation:

●​ Positive Alpha (+2%): The fund outperformed the market by 2%.

●​ Negative Alpha: If the fund returned 8% while the S&P 500 returned 10%, the alpha
would be -2%, meaning the fund underperformed by 2%.

2. Beta (β)

Definition:​
Beta measures the volatility or systematic risk of a fund in comparison to the market or the
selected benchmark index. A beta of one indicates the fund is expected to move in conjunction
with the benchmark. Betas below one are considered less volatile than the benchmark, while
those over one are considered more volatile than the benchmark.

Beta measures the volatility (systematic risk) of an investment relative to the market.

●​ Beta = 1: The investment moves with the market.

●​ Beta < 1: Less volatile (moves less than the market).
●​ Beta > 1: More volatile (moves more than the market).
Example:

Imagine a technology stock with a beta of 1.5 compared to the S&P 500.

●​ If the S&P 500 increases by 10%, the technology stock is expected to increase by 15%
(10% × 1.5).
●​ If the S&P 500 decreases by 10%, the technology stock might decrease by 15%.

Interpretation:

●​ High Beta (1.5): This stock is more volatile; it gains more during market upswings but
also loses more during downturns.
●​ Low Beta (0.8): A utility stock might have a beta of 0.8, meaning if the market rises by
10%, the utility stock may rise by 8%.

3. R-Squared (R²)

Definition:​
R-Squared measures the percentage of an investment's movement attributable to movements in
its benchmark index. An R-squared value represents the correlation between the examined
investment and its associated benchmark. For example, an R-squared value of 95 would be
considered to have a high correlation, while an R-squared value of 50 may be considered low.
The U.S. Treasury Bill functions as a benchmark for fixed-income securities, while the S&P 500
Index functions as a benchmark for equities.

Investors use R-squared to determine whether an investment's performance is closely tied

to the market or if other factors are driving its returns.

R-squared measures the percentage of a fund's movements explained by its benchmark. It ranges
from 0 to 100%.

●​ R² close to 100: High correlation with the benchmark.

●​ R² closer to 0: Low correlation.
Example:

●​ Fund A has an R-squared value of 95 with the S&P 500. This means 95% of the fund’s
movements can be explained by the movements of the S&P 500.
●​ Fund B has an R-squared of 50. This indicates that only 50% of its movements are
explained by the benchmark.

Interpretation:

●​ High R² (95): The fund closely tracks the S&P 500.

●​ Low R² (50): The fund has significant deviations from the benchmark, possibly due to
unique investing strategies.

Difference between beta and R-Squared

Example Comparison

●​ Stock A:
○​ Beta = 1.5 (the stock is 50% more volatile than the market)
○​ R-Squared = 95% (95% of the stock's movements are explained by the market)
●​ Interpretation:​
This stock is highly volatile and closely follows market movements.
●​ Stock B:
○​ Beta = 0.8 (the stock is 20% less volatile than the market)
○​ R-Squared = 50% (only 50% of the stock's movements are explained by the
market)
●​ Interpretation:​
This stock is less volatile, and its price movements are influenced by factors other than
the market.

Summary

●​ Beta measures an investment's volatility relative to the market.

 ●​ R-Squared measures the degree of correlation between an investment and the market.

4. Standard Deviation (σ)

Definition:​
Standard deviation measures the dispersion of data points from the mean (average). In finance,
it represents how much an investment's returns deviate from the expected average return. A
higher standard deviation indicates higher volatility. Measures total volatility of an investment’s
returns and no benchmark involved; analyzes the investment by itself.

Example:

Suppose a mutual fund has the following annual returns over 3 years:

●​ Year 1: 10%
●​ Year 2: 4%
●​ Year 3: 8%

If the mean return is 7%, the standard deviation might be 3%. This indicates that the fund's
returns typically vary by ±3% from the average return.

●​ High Standard Deviation: Greater variability and risk.

●​ Low Standard Deviation: More stable returns and lower risk.

5. Sharpe Ratio

Definition:​
The Sharpe ratio adjusts investment returns by accounting for the risk taken. The Sharpe ratio
measures performance as adjusted by the associated risks. This is done by removing the rate of
return on a risk-free investment, such as a U.S. Treasury Bond, from the experienced rate of
return.
This is then divided by the associated investment’s standard deviation and serves as an indicator
of whether an investment's return is due to wise investing or due to the assumption of excess
risk.

The formula is:

Sharpe Ratio=(Return of Investment−Risk-Free Rate)/Standard Deviation

Example:

●​ Investment Return: 12%

●​ Risk-Free Rate (U.S. Treasury Bond): 2%
●​ Standard Deviation: 8%

Sharpe Ratio=12%−2%​/8%

=10%/8%

=1.25%

Interpretation:

●​ Higher Sharpe Ratio (1.25): Indicates a good return for the risk taken.
●​ Lower Sharpe Ratio (0.5): Indicates that returns might not justify the risk taken.

The Sharpe Ratio is essentially trying to answer the question:

How much excess return am I getting for each unit of risk that I am taking?

●​ The excess return is the return of the investment above the risk-free rate.
●​ Risk is measured using standard deviation, which reflects how much the investment's
returns vary.

Risk Measure What It Measures

+2%: Outperformed by 2%; -2%:

Alpha (α) Performance relative to benchmark
Underperformed by 2%
Beta (β) Volatility relative to market 1.5: More volatile; 0.8: Less volatile

R-Squared (R²) Correlation with benchmark 95: High correlation; 50: Low correlation

Standard Deviation Return variability/volatility 2%: Low volatility; 10%: High volatility

Sharpe Ratio Risk-adjusted return 1.25: Good return per unit of risk

Risk Measurement vs Risk Assessment

Risk measurement and risk assessment are related concepts in the field of risk management, but
they have distinct meanings and significance:

Basis Risk Measurement Risk Assessment

Definition It is the process of employing various Risk assessment is a comprehensive

statistical and mathematical techniques process involving identifying,
and tools to assign numerical values to analyzing, and evaluating risks. It
uncertainties, enabling organizations to includes understanding the context,
understand the magnitude of possible vulnerabilities, threats, and existing
losses. controls.

Purpose Here, it facilitates risk management by They aim to provide a comprehensive

covering a wide range of risks, view of the risks faced by an
considering internal and external organization, including its nature,
factors influencing the organization. origins, and potential consequences.

Key Focus Assigning numerical values to risks for Understanding the overall risk
quantitative analysis landscape, including qualitative and
quantitative aspects
 Methods Various statistical and mathematical Different qualitative and quantitative
techniques such as Beta Coefficient, methods, such as interviews, surveys,
Alpha, Sharpe Ratio, R-squared, and and scenario analysis
Standard Deviation

Outcome Results include numerical values or Provides a complete understanding of

scores representing the quantified overall uncertainties, enabling
impact and probability of loss. organizations to develop effective risk
management strategies

SOURCES AND IMPACT OF COMMON BUSINESS RISK

Market Risk
Market risk is the possibility that an individual or other entity will experience losses due
to factors that affect the overall performance of investments in the financial markets.
The term market risk, also known as systematic risk, refers to the uncertainty associated
with any investment decision. Price volatility often arises due to unanticipated
fluctuations in factors that commonly affect the entire financial market.

Credit Risk
Credit risk is the probability of a financial loss resulting from a borrower's failure to
repay a loan. Essentially, credit risk refers to the risk that a lender may not receive the
owed principal and interest, which results in an interruption of cash flows and increased
costs for collection. Lenders can mitigate credit risk by analyzing factors about a
borrower's creditworthiness, such as their current debt load and income.
There are three types of credit risks:
 Credit spread risk which happens because of the volatility in the difference
between investments' interest rates as well as the risk-free return rate.
 Default risk rises when the borrower is unable to make contractual payments.
 Downgrade risk emerging from the downgrades in the risk rating of an issuer.
Liquidity Risk
Liquidity risk refers to the potential difficulty an entity may face in meeting its
short-term financial obligations due to an inability to convert assets into cash without
incurring a substantial loss. This risk is inherent in both financial institutions and
corporations, significantly impacting their operational and financial stability.
Liquidity risk is often characterized by two main aspects: market liquidity risk and
funding liquidity risk. Market liquidity risk is associated with an entity's inability to
execute transactions at prevailing market prices due to insufficient market depth or
disruptions. On the other hand, funding liquidity risk pertains to the inability to obtain
sufficient funding to meet financial obligations.
Liquidity risk arises when an entity, be it a bank, corporation, or individual, faces
difficulty in meeting short-term financial obligations due to a lack of cash or the
inability to convert assets into cash without substantial loss.
Effective management of liquidity risk includes maintaining a portfolio of liquid assets,
rigorous cash flow forecasting, and diversifying funding sources.

Technological Risk
Technology risk refers to any risk of financial loss, disruption or damage to the
reputation of an organization as a result of the failure of its information technology
systems. Technology risk (also known as information technology risk) is a type of
business risk defined as the potential for a technology failure to disrupt a business. A
few common technological risks are as mentioned below:
Cyber attacks
Companies are bombarded with cyber-attacks every day. Perhaps the most common
attack is phishing, where employees receive bogus emails trying to dupe them into
sharing confidential data — often by asking the employee to click on a link that
connects them to an infected website, or by posing as a coworker and asking the target
to send confidential data by email.
Data breaches
Data breaches occur when sensitive information is stolen or leaked to unintended
parties. Breaches can happen from external attacks such as hacks, malware, or phishing
scams. Internal data breaches are also possible due to disgruntled or improperly trained
employees. Regular internal audits of IT environments can help reduce instances of data
breaches.
Old equipment
Keeping software up to date is often as simple as allowing regular or automatic
downloads from the software provider. These updates include patches for new and
developing cyber risks, helping to keep your sensitive information safe.

Legal Risk
Legal risks refer to damage or any loss incurred to a business due to negligence in
compliance with laws related to the business. It can be encountered at any stage of
business proceedings. There may be mistakes due to misunderstanding of laws. Types of
risks such as compliance risk, regulatory risk, operational risk etc. may contribute to the
term ‘legal risk’. The whole reputation of an organization depends upon these risks as
they may result in an immense loss.
Legal risk is when a business fails to comply with regulations or contractual terms. It is
caused by internal errors, flawed processes, and deliberate infractions.

Environmental Risk
Environmental Risk can be defined as the “actual or potential threat of adverse effects
on living organisms and the environment by effluents, emissions, wastes, resource
depletion, etc., arising out of an organization’s activities.” Given the increase in
environmental exposures, the global risk and insurance community would be wise to
evaluate its awareness, vulnerability, preparedness and response in managing emerging
and unforeseen pollution risks.

Reputational Risk
Reputational risk is the threat to the profitability or sustainability of a business or other
entity that is caused by unfavorable public perception of the organization or its products
or services.
Reputational risk is a threat or danger to the good name or standing of a business or
entity. Reputational risk can occur in the following ways:
 Directly, as the result of the actions of the company
 Indirectly, due to the actions of an employee or employees
 Tangentially, through other peripheral parties, such as joint venture partners or
suppliers.
Reputational risk is a hidden threat or danger to the good name or standing of a business
or entity and can occur through a variety of ways. The biggest problem with reputational
risk is that it can erupt out of nowhere and without warning. Reputational risk can pose a
threat to the survival of the biggest and best-run companies and has the potential to wipe
out millions or billions of dollars in market capitalization or potential revenues.

Country Risk
Country risk refers to the economic, social, and political conditions and events in a
foreign country that may adversely affect a financial institution's operations.
Country risk refers to the uncertainty associated with investing in a particular country,
and more specifically the degree to which that uncertainty could lead to losses for
investors. This uncertainty can come from any number of factors including, political,
economic, exchange-rate, or technological influences. In particular, country risk denotes
the risk that a foreign government will default on its bonds or other financial
commitments increase transfer risk. In a broader sense, country risk is the degree to
which political and economic unrest affect the securities of issuers doing business in a
particular country.

FINANCIAL RISK
Meaning
Financial risk is the possibility of losing money on an investment or business venture.
Some more common and distinct financial risks include credit risk, liquidity risk, and
operational risk.
Financial risk is a type of danger that can result in the loss of capital to interested parties.
For governments, this can mean they are unable to control monetary policy and default
on bonds or other debt issues. Corporations also face the possibility of default on debt
they undertake but may also experience failure in an undertaking the causes a financial
burden on the business.
Financial markets face financial risk due to various macroeconomic forces, changes to
the market interest rate, and the possibility of default by sectors or large corporations.
Individuals face financial risk when they make decisions that may jeopardize their
income or ability to pay a debt they have assumed.
It is expensive to build a business from the ground up. At some point in any company's
life the business may need to seek outside capital to grow. This need for funding creates
a financial risk to both the business and to any investors or stakeholders invested in the
company.
Financial risk is the risk that a company won't be able to meet its obligations to pay back
its debts. Which in turn could mean that potential investors will lose the money invested
in the company. The more debt a company has, the higher the potential financial risk.

Nature and Importance of Financial Risk

Reduces financial disasters
Every business seeks an upward spike in the revenue and profits graph, no matter what
industry they belong to. However, every business has a set of risks they are likely to
face– planning for these makes the firm less likely to fall prey to losses as an effect of
these risks. Financial risk management in these scenarios could range from the
prevention of unsound investments to putting out products that are unlikely to sell or be
profitable.
Predicts bountiful opportunities
In tandem with reducing financial disasters, financial risk management also aims to
identify what investments, plans, and strategies are going to be most profitable for a
business. This enables firms to act quickly and wisely to capitalize on benefits in good
time– naturally, any profitable investment will also benefit stakeholders. No matter how
quick or drawn out the decision maybe, if it’s financial in nature, the risk management
team was sure to have been involved.
Keeps ahead of the competition
Competition is everything in the market, and one financial stumble can cost a business
dearly. A business with a strong, well-formulated financial risk management plan is
accounting for a multi-player field that is not always level. It’s also preparing in advance
for any stumbling blocks to avoid losing pace and allowing competitors to get ahead.
Assesses internal and external risks
Risks can be internal or external. Some examples of external risks are market
fluctuations, political unsettlement, inflation and deflation, and interest rates among
others. Internal risks include security breaches, non-compliance, and information leaks.
In business, internal risks can largely be controlled by way of
strategies and implementations– however, in that sense, external risks can’t be
controlled and are therefore harder to recover from. It’s always better to prepare for this
uncertainty with a bullet-proof game plan that protects finances come what may.

Evaluation of Financial Risk and Techniques Adopted To Control Financial Risk

Managing financial risk for both individuals and corporations starts by working through
a four-stage process that includes the following steps:
 Identifying potential financial risks
 Analyzing and quantifying the severity of these risks
 Deciding on a strategy to manage these risks
 Monitoring the success of the strategy
There are various risk management strategies available to both individuals, corporations,
and financial institutions.
At the individual level, some financial risk management strategies include:
 Risk avoidance: elimination of activities that can expose the individual to risk; for
example, an individual can avoid credit/debt financing risk by avoiding the usage
of credit to make purchases.
 Risk reduction: mitigating potential losses or the severity of potential losses; for
example, an individual can diversify their investment portfolio to reduce the risk
that their investment portfolio experiences a severe negative drawdown.
 Risk transfer: the process of transferring risk to a third party; for example, an
individual may purchase a life insurance policy to offload the risk of premature
death to the insurer.
  Risk retention: the process of accepting responsibility for a particular risk, for
example, an individual deliberately not insuring their property.
At the corporate level, the same risk management strategies may be applied, but in
slightly different contexts:
 Risk avoidance: elimination of activities that can expose the corporation to risk;
for example, the corporation can avoid expanding operations to a geographical
area that has high political and regulatory uncertainty.
 Risk reduction: mitigating potential losses or the severity of potential losses; for
example, a corporation may use hedging on foreign currency transactions to
reduce their exposure to currency fluctuations.
 Risk transfer: the process of transferring risk to a third party; for example, a
corporation may purchase insurance on their property, plant, and equipment to
transfer the risk of damage and theft to the insurer.
 Risk retention: the process of accepting responsibility for a particular risk; for
example, a corporation may accept risks of volatile input costs without using any
hedging or insurance.
Difficulty arises in deciding which strategy to utilize for a particular risk. It comes down
to the nature of the risk and the individual’s or corporation’s current risk appetite. Risks
should be fully understood before deciding on the appropriate strategy to remedy them.

EVALUATION OF ALTERNATIVE RISK MANAGEMENT TOOLS

The following are some of the best risk management tools and techniques that
professional project managers use to build risk management plans and guard against
inevitable risks, issues and changes.
1. Risk Register
The fundamental risk management tool is the risk register. Basically, what a risk register
does is identify and describe the risk. It then will provide space to explain the potential
impact on the project and what the planned response is for dealing with the risk if it
occurs. Furthermore, the risk register allows a project manager to prioritize the risk,
assign an owner responsible for resolving it and gives a place to add notes as needed.
The risk register is a strategic tool to control risk in a project. It works to gather the data
on what risks the team expects and then the way to respond proactively if they do show
up in the project. It has already mapped out a path forward to keep the project from
falling behind schedule or going over budget.
2. Root Cause Analysis
The root cause is another way to say the essence of something. Therefore, root cause
analysis is a systematic process used to identify the fundamental risks that are embedded
in the project. This is a tool that says good management is not only responsive but
preventative. Often root cause analysis is used after a problem has already come up. It
seeks to address causes rather than symptoms. But it can be applied to assessing risk by
going through the goals of any root cause analysis, which asks the following questions:
 What happened?
 How did it happen?
 Why did it happen?
Once those questions are addressed, develop a plan of action to prevent it from
happening again.
3. SWOT
SWOT, or strengths, weaknesses, opportunities, threats, is another tool to help with
identifying risks.
Begin with strengths and determine which aspects of the project are secure and
well-positioned. Next, list the weaknesses or things that could be improved or are
missing from the project. This is where the likelihood of negative risk will raise its head,
while positive risk comes from the identification of strengths. Opportunities are another
way of referring to positive risks and threats are negative risks.
4. Probability and Impact Matrix
Another tool for project managers is the probability and impact matrix. It helps prioritize
risk, which is important, as you don’t want to waste time chasing a small risk and
exhaust your resources. This technique combines the probability and impact scores of
individual risks and then ranks them in terms of their severity. This way each risk is
understood in context to the larger project, so if one does occur, there’s a plan in place to
respond or not.
5. Risk Data Quality Assessment
With a risk data quality assessment technique, project managers use data that has been
collated for the risks they’ve identified. This is used to then find the level to which
information about the risk is relevant to the project manager. It helps the project manager
understand the accuracy, reliability, quality and integrity of the risk as related to the
collected data about it.
For each risk listed, the risk data quality assessment requires that the project manager
determine the extent of the understanding of the risk, collect what data is available, what
the quality and reliability are of that data and its integrity. It is only by examining these
parameters of the risk can an accurate assessment be reached.

ROLE OF RISK MANAGER AND RISK COMMITTEE IN IDENTIFYING AND

MANAGING RISK
The role of a risk manager is to identify, assess, and mitigate potential risks that may
affect an organization. The primary objective is to minimize the impact of uncertainties
on the organization's goals and objectives. The specific responsibilities of a risk manager
may vary depending on the industry, organization size, and the nature of the business,
but generally include the following:
1. Risk Identification:
 Identifying potential risks that could affect the organization, including
financial, operational, strategic, compliance, and reputational risks.
2. Risk Assessment:
 Evaluating the likelihood and potential impact of identified risks to
prioritize them based on their significance.
 Quantifying risks when possible, using various risk assessment techniques.
3. Risk Mitigation and Planning:
 Developing strategies and plans to mitigate or manage identified risks.
 Implementing risk management policies, procedures, and controls to
reduce the likelihood and impact of risks.
4. Monitoring and Reporting:
 Continuously monitoring the risk landscape to identify emerging risks and
changes in the risk environment.
  Providing regular reports to key stakeholders, including management and
board members, on the status of risks and the effectiveness of risk
mitigation measures.
5. Compliance Management:
 Ensuring that the organization complies with relevant laws, regulations,
and industry standards.
 Implementing measures to address compliance risks and prevent legal and
regulatory issues.
6. Insurance Management:
 Managing the organization's insurance portfolio to ensure adequate
coverage for potential risks.
 Collaborating with insurance providers to optimize coverage and manage
insurance costs.
7. Crisis Management:
 Developing and implementing plans for responding to and recovering from
crises or unexpected events.
 Coordinating response efforts during emergencies to minimize the impact
on the organization.
8. Communication and Training:
 Communicating risk management policies and procedures to employees
and stakeholders.
 Providing training and education to employees on risk awareness and
mitigation.
9. Strategic Risk Management:
 Integrating risk management into the organization's overall strategic
planning process.
 Aligning risk management activities with the organization's strategic
objectives.
10.Technology and Data Security:
 Addressing risks related to information technology and data security.
 Implementing measures to protect sensitive information and systems from
 cyber threats.
The ultimate goal of a risk manager is to help the organization make informed decisions
by understanding and managing potential risks in a systematic and proactive manner.