风险管理策略【英文】

风险分析及方法简述（中英文）1 Basic Risk Management Facilitation Methods 基本的风险管理的便利方法Some of the simple techniques that are commonly used to structure risk management by organizing data and facilitating decision-making are:下面是一些简单的通常使用的方法，进行风险管理和制定决策：Flowcharts/流程图Check Sheets/检查清单Process Mapping/过程图Cause and Effect Diagrams (also called an Ishikawa diagram or fish bone diagram)/因果图（或者叫鱼骨图）2 Failure Mode Effects Analysis (FMEA) 失效模式与效果分析2.1 Describe/描述FMEA (see IEC 60812) provides for an evaluation of potential failure modes for processes and their likely effect on outcomes and/or product performance. Once failure modes are established, risk reduction can be used to eliminate, contain, reduce or control the potential failures. FMEA relies on product and process understanding. FMEA methodically breaks down the analysis of complex processes into manageable steps. It is a powerful tool for summarizing the important modes of failure, factors causing these failures and the likely effects of these failures.FMEA提供了工艺潜在失效模式的评估和对产品性能或结果的潜在影响。

英文原文：Schedule Risk Management INTRODUCTIONSchedule risks are both threats and opportunities to the success of a project. Threats tend to reduce the success of meeting the project goals and opportunities tend to increase the success. Risk management is the process of identifying, analyzing, qualifying and quantifying the risks, and developing a plan to deal with them. This is routinely done during baseline schedule development as well as during schedule updates. Implementation of risk management starts with early planning in both budgetary cost estimating and preliminary master scheduling in order to determine budgets and schedules with a comfortable level of confidence in the completion date and final cost. While there are entire volumes addressing risk in construction projects, it is important to note that the issue of time-related risk has not been universally incorporated into planning. Assessing cost risk is more intuitive, and very often addressed through the use of heuristics, so it has become more of a standard of the industry than time-related risk management. Most estimators will automatically add a contingency toa cost estimate to cover the risk of performance based on the type of project and circumstances pertaining to the undertaking of the project. Estimators estimate this contingency using their own rules of thumb developed over years of estimating as well as estimate ingmanuals，such as Means’ CostData or Cost Works. However, when it comes todeveloping the critical path method (CPM) schedules, risk management is often overlooked or underestimated.The purpose of this chapter is to provide an overview of risk management and the assessment process as well as best practices for incorporation of risk management into CPM schedule development and maintenance. For more detailed information about schedule risk, the reader should refer to risk management books, particularly those that focus on project management. One of the best resources available is David Hulett’s new book, Practical Schedule Risk Analysis.Any risk management program starts with a good and accurate CPM schedule, created through the use of best practices and checked for quality, reasonableness, and appropriateness of the network model. Without a well-designed and developed CPM baseline schedule, a risk management process will not be effective. The risk analysis depends upon accurate and consistent calculations of the network logic, the appropriateness of the sequencing and phasing, and a reasonable approach to estimating activity durations.Most CPM schedules are not adjusted for risk but rather are developed as if there were one right answer for the schedule’s numerical data. Generally, activity durations are established by calculation of the quantity of work represented by an activity divided by the production rate, or by sheer ‘‘gutfeeling’’ of the project manager or crew leader. This production rate is normally established by the contractor’s historical records or an estimating system, such as Means’, that provides an accurate data base of average production rates. Once those durations are calculated, they are often used as deterministic values, which assumes that the durations are accurate and unlikely to change. This assumption ignores the fact that the schedule is attempting to predict how long it will take to complete an activity at some unknown time in the future,using an unknown crew composition, with variable experience, and working in unknown conditions. Risk management recognizes the uncertainty in duration estimating and provides a system to brain storm other risks that may occur during the project. Probability distributions are the best way to model planned activity durations, as noted by Hulett ‘‘The best way to understand the activity durations that are included in the schedule is as probabilistic statements of possible durations rather than a deterministic statement about how long the future activity will take.’’DEFINITION OF RISK TERMSThe Project Management Institute (PMI) defines project risk in its Project Management Body of Knowledge (PMBOK) as ‘‘an uncertain event or condition that, if it occurs, has a positive or negative effect on at least one project objective, such as time, cost, scope, or quality. A risk may have one or more causes and, if it occurs, one or more impacts.’’ PMBOK adds ‘‘Riskconditions could include aspects of the project’s or organization’s environment that may contribute to project risk, such as poor project management practices, or dependency on external participants who cannot be controll ed.’’Risk Management: A process designed to examine uncertainties occurring during project delivery and to implement actions dealing with those uncertainties in order to achieve project objectives The definition of risk management in PMBOK, 4th Edition, is: ‘‘systematic process of identifying, analyzing, and responding to project risk.’’Risk definition by AACEi Cost Engineering Terminology7 is: ‘‘the degree of dispersion or variability around the expected or ‘best’ value, which is estimated to exist for the economic variable in question, e.g., a quantitative measure of the upper and lower limits which are considered reasonable for the factor being estimated.’’Time Contingency: An amount of time added to the base estimated duration to allow for unknown impacts to the project schedule, or to achieve a certain level of confidence in the estimated duration.Probability: A measure of the likelihood of occurrence of an event.Risk register: A checklist of potential risks developed during the risk identification phase of risk management.Risk allocation: A determination of how to respond to risks, which can include shifting risk, avoiding risks, preventing or eliminating risks, andincorporating risks into the schedule.Deterministic: A calculated approach to estimating single activity duration using work quantity divided by estimated production rate.Probabilistic: The determination of risk likelihood and consequences to establish duration ranges or risk-adjusted durations that can be used in a schedule in recognition that there are no certainties in estimating future durations.Monte Carlo analysis: A probabilistic approach to determining confidence levels of completion dates for a project schedule by calculating durations as probability distributions.Probability distribution: The spread of durations in a statistically significant population that is used for the range of durations in probabilistic scheduling approaches.Confidence level: A measure of the statistical reliability of the prediction of project completion.What-if scenario: A modeling of a risk for use in a CPM schedule in order to predict the ramifications of an identified risk.Qualitative analysis: Occurring on the project, as well as assessing the severity of that risk should it occur and prioritizing the resultant list of risks. Quantitative analysis: The assigning of a probability to the qualitative description of the risk, ranking the risks, and calculating the potential impact from both individual risks as well as the cumulative effect of all risksidentified.Exculpatory clauses: Disclaimer verbiage that is designed to shift risk. TYPES OF RISK IN CONSTRUCTION PROJECTSEverything that has ever gone wrong on a construction project is a potential risk on the next project. Many project managers instinctively develop a lessons-learned list of historical risks and take steps to minimize their exposure to those risks in the future.Risks vary by industry and even by construction project type as well as by personnel involved with the project. A roadway or bridge project has a different group of risks than a facility or building, and the selected contractors may have different degrees of influence on the level of risks to performance. If an owner attempts to save money in preconstruction services by limiting the extent of field investigation or development of as-built data, there will be a higher risk of discovery of unknown problems. The experience and competence of the architects and engineers handling the design of the project, as well as their quality control indevelopment of working drawings, directly affect the construction effort and, consequently, the risk associated with the plans and specifications.Even if the owner has been proactive in preconstruction investigation, there is always a risk of unforeseen conditions. This can be a function of the type of soils encountered, the local municipality, and its culture and history of keeping good records of obsolete utilities. If the city in which the project is tobe built has a history of requiring contractors to remove all abandoned underground lines, there is a much lower risk of underground conflicts.The selection of the project team can impact positively or negatively the probability of successful project completion. Design-bid-build projects that use procurement philosophies allowing all financially capable contractors to participate will likely experience a much higher level of risk to on-time performance than a procurement philosophy that requires qualification of proposed contractors to ensure that they have the appropriate experience and resources to construct the project. A single weak subcontractor on a project will increase risk of performance and require more management than may be anticipated. If this is not considered, everyone will be surprised when that subcontractor fails and has to have their work augmented or corrected. Problems related to the management and possible termination of a failing subcontractor usually has serious negative impacts on the project.The reputation of the construction manager (CM) as well as the corporate culture will affect project performance. If the CM defines success with minimum time extensions as the only benchmark, there will likely be more conflict and a higher need for dispute resolution efforts. In addition, the management abilities of the CM directly affect many project tasks, such as review of shop drawings and response to requests for information in order to resolve questions about the construction.Work by outside or third parties can carry significant risks of influence onthe project’s success. For example, a light rail station to be built on top of a parking garage under construction by a different contractor will run an increased risk of completion on time. The project has no control over—and little ability to influence—the completion of the parking garage, which quickly becomes vital to completion of the light rail project.Most projects are affected by local weather conditions, which, when adverse, can significantly impede progress. Most specifications require the contractor to take into account the normal local weather conditions in his schedule planning, which includes normal adverse weather, but also allow for time extensions when unusually adverse weather occurs. Best practices would require the contractor to research the local historical weather records in order to plan for three to five year average weather conditions. Different parts of the country and the world have a wide variance in weather conditions, so planning or failure to plan for the risk of local weather can significantly affect project success.Local political situations, especially in volatile political climates, may hamper all efforts to construct a project efficiently. Countries with unstable political or economical systems will have higher risks in successful project completion than those with more stable systems. Countries or regions subject to wars, terrorism, turmoil, or other typesof violence also run greater risks to successful project completion than others. If the locality has a policy of requiring deep investigation into environmentalissues or stringent or complicated bureaucracy, projects built in that locality will have a higher risk of late permits and conflict during construction. Another large risk on any project is the experience and reputation of the project team for safe construction practices. Safety violations and accidents can shut down a job completely. Even minor safety failures can distract the project team and impede timely performance. If a contractor has a poor safety record, the risk of delays because of safety violations is increased and should be taken into account during schedule development.A large volume of change orders on a project will affect employee morale; there is nothing worse than asking a craftsman to rip out recently installed high-quality woodwork for a requested change. If the CM has a good change management program in place, including most importantly good planning, the risks of negative pressure from changes are lowered. Without the program, the risks may be significant enough to derail project completion. Most conversations about risk are related to negative risks that impair successful performance, but often there are opportunities that would be overlooked without good risk assessment. A renovation project that calls for a three-story masonry wall to be demolished to the foundation in order to install a beam and column system might be redesigned with a pin beam temporary support structure, allowing the upper two stories to remain in place, saving time and money, as well as removing some risk. The brainstorming about risks needs to include looking for opportunities that could positively impact the project timefor completion.It seems obvious that failure to plan for the myriad of risks that often affect project performance will render the planning less accurate. Without risk management, every item that might appear on a risk register (a checklist of potential risks) is a surprise to the project team should it happen, diverting attention and emphasis from the project management and consuming valuable resources. Most disputes arise from risks that likely were not considered at the inception of the project and might have been eliminated or mitigated with good risk planning.Once a company develops a regular risk management culture, the risk register generates many of the same risks on project after project. However, a company’s ‘‘risk register’’ should not be a fixed template, used as is on all its projects. The list must be updated and customized for each project taking into consideration its own risks. These lessons learned, when incorporated into the project schedule through the risk managementprogram, are invaluable in helping to minimize threats that carry negative impacts and take advantage of opportunities that bring positive impacts to project comp.IMPORTANCE OF GOOD PLANNING FOR RISK MANAGEMENT The quality of the risk management plan will control the usefulness of the risk analysis. This quality is achieved through developing a good and encompassing master risk register in a brainstorming workshop withexperienced attendees, and following that process with analysis and risk allocation. This is combined with a process of continuing risk monitoring during updates as well as continuous cycles of risk management. Participants in the workshop will often comment that they cannot take certain risks into account because they do not have control of the risks or they have no idea if that risk will actually happen. One of the typical issues is repeated cycles of shop drawings, where experience tells us that a complicated design may cause structural steel shop drawings to be rejected, requiring revision and resubmission. Some stakeholders feel that this is beyond their ability to plan for and therefore, the schedule should ignore it and assume the risk will not happen. Accepting this assumption minimizes the risk identification and analysis process. This type of risk should be identified, and then during the qualitative analysis, it will be weeded out as a low priority or incorporated as a high priority. However, if the risk is just not included on the risk register, the opportunity to analyze it is lost.With a thorough and organized risk workshop, based on a good master risk register, and participation by the major stakeholders as well as the project management team, the output of the risk analysis will be very useful. The most likely risks will be identified and analyzed, and with the rest of the risk management steps, the schedule will evolve into a risk-adjusted schedule, capable of reasonable analysis and realistic completion predictions.RISK SHIFTING IN CONTRACTSContract language may have a significant impact on how much of the risk each party carries. Sometimes called exculpatory clauses, this language attempts to shift or apportion undetermined risk. Contracts are often used to control or assign risk to various parties, or just to assign it to a party other than the owner. Many owners, developers, and contractors prefer using standard contract forms, such as those specially developed by organizations such as the American Institute of Architecture (AIA), the Construction Management Association of America (CMAA), and theAssociated General Contractors (AGC) in the United States and FIDIC or NEC in Europe and the Middle East, because such contract forms were written and updated by professionals and are widely known and used. However, many others insist on writing their own contracts or making amendments to the standard forms so that they can change certain conditions, which may—and usually does—affect the risk ofthe contracting parties.One example of this risk shifting is the use of clauses stating that geotechnical reports and information are provided to bidders for information only, and the owner is not responsible for any usage or interpretation of the geotechnical information. This is an attempt to limit the owner’s exposure to delays because of differing site conditions.Another example is that of the typical ‘‘no damages for delay’’ la nguage that sometimes shows up in contracts, which does not typically shift the timeperformance risk, but only the costs for the delay. This language attempts to move the risk of the costs of delays from the responsibility of the owner to the contractor, so that the sole remedy is a time extension.Construction manager and contractor insurances are means to handle the shifted risk of contracts and limit the liability of those parties. These types of insurance can provide some level of protection against the adverse consequences of unknown problems that might affect the completion of the project. Builder’s risk policies provide insurance that will replace materials and provide for damage repair that can be invoked fairly quickly in the event of vandalism or property losses, allowing the project to resume production and minimize delayed completion risks.An astute owner realizes that the more that risk is shifted to the contractor, the higher the cost and, sometimes, the longer the performance time of the project will be. A fair risk allocation is essential for a successful, economical, and timely completed project. Unfair risk allocation results in risks being distributed among the construction team, creating disharmony and adversarial relationships among the very team members that are needed to resolve the problems at hand.The risk management plan is the place to identify all risks and determine how to deal with these risks. This provides much better protection through a fair and objective allocation of risk, producing a clear understanding of the risk objectives by the entire project team. In some contracts, owners may tryto shift some risks to the contractor as part of what they perceive as negotiation. Contractor’s profit is usually proportional to the risk taken by the contractor. It is important for any owner to understand that there is always a price for shifting the risk, whether declared or hidden. Perhaps in some instances if the owner knew the real cost of shifting certain risks, he would have preferred not to shift them.An example of the above is when buying a new car or home. A standard warranty comes usually with every new vehicle and covers manufacturer’s defects up to a certain time period (e.g.36 months) or mileage (e.g.36,000 miles), whichever comes first. Of course, the salesperson will try to sell the buyer (owner) an ‘‘extended warranty’’policy that extends most of the original warranty terms in time and mileage and perhaps adds a few attractive items. A buyer who considers himself a good negotiator may manage to obtain this extended warranty policy at ‘‘no extra cost.’’ This is a myth! In most cases, the buyer would have received a price discount on the vehicle, roughly equivalent to the dealer’s cost on the extended warranty policy, in lieu of the policy itself.中文：计划风险管理介绍进度风险对于一个项目的成功既是威胁又是机遇。

沃尔玛的全面风险管理战略(英文版) Comprehensive Risk Management Strategy of Walmart Introduction:Risk management is an essential component of every successful business. It involves identifying potential risks, assessing their impact, and implementing strategies to mitigate them. As one of the largest retail corporations in the world, Walmart recognizes the importance of having a comprehensive risk management strategy in place. This article aims to outline Walmart's approach to risk management, highlighting its key principles and strategies.1. Risk Identification:The first step in Walmart's risk management strategy is to identify potential risks that could impact the company's operations. This involves conducting thorough risk assessments at various levels, including corporate, regional, and store levels. Walmart uses various techniques such as problem analysis, performance reviews, and trend analysis to identify areas of potential vulnerability. The company also closely monitors external factors such as market trends, regulatory changes, and geopolitical risks that could affect its business.2. Risk Assessment:Once the risks are identified, Walmart assesses their potential impact on the company's operations, financial performance, and reputation. This involves quantifying risks in terms of financial loss, operational disruption, and potential damage to the brand image. By conducting risk assessments, Walmart can prioritize risks and allocate resources effectively to mitigate them.3. Risk Mitigation Strategies:After assessing the risks, Walmart implements strategies to mitigate them and minimize their impact on the company. This includes developing and implementing robust internal controls, standard operating procedures, and policies to prevent and detect risks. Walmart also invests in state-of-the-art technology and infrastructure to ensure the security and efficiency of its operations. For example, the company uses advanced surveillance systems and cybersecurity measures to protect its stores and customer data from potential threats.Walmart also believes in fostering a culture of risk management throughout the organization. It educates and trains its employees on risk awareness and encourages them to report any potential risks or violations. This helps Walmart to proactively address risks and prevent potential issues before they escalate.4. Crisis Management:Despite careful planning and risk mitigation efforts, unexpected events can still occur. Walmart understands the importance of having a robust crisis management plan in place. The company has a dedicated crisis management team that is responsible for coordinating responses to various crises, such as natural disasters, product recalls, or public relations crises. Walmart's crisis management plan outlines clear procedures for communication, decision-making, and business continuity to ensure a swift and effective response to any crisis situation.5. Business Continuity Planning:Another critical aspect of Walmart's risk management strategy is business continuity planning. This involves developing strategies and procedures to ensure the continuous operation of key business functions in the event of a disruption. Walmart has comprehensive business continuity plans at both the corporate and individual store levels. These plans outline alternative operating procedures, backup systems, and recovery strategies to minimize downtime and mitigate the impact of any disruption.6. Continuous Improvement:Walmart recognizes that risk management is an ongoing process that requires continuous improvement and adaptation. The company regularly reviews and updates its risk management strategies to address emerging risks and changing business environments. It actively seeks feedback from employees, customers, and stakeholders to identify areas for improvement and implement necessary changes.Conclusion:Walmart's comprehensive risk management strategy demonstrates its commitment to ensuring the safety, security, and continuity of its operations. By adopting a proactive and holistic approach torisk management, Walmart can identify and mitigate potential risks, minimize their impact, and maintain its position as one of the world's leading retail corporations.Certainly! Here are some additional points to expand on Walmart's risk management strategy: 1. Supply Chain Risk Management:Walmart's risk management strategy includes a strong focus on supply chain management. The company recognizes thatdisruptions in its supply chain can have a significant impact on its operations and ability to serve customers. To mitigate supply chain risks, Walmart has implemented several strategies. Firstly, the company has diversified its supplier base to reduce dependency on a single supplier or region. This helps to minimize the impact of any potential disruptions, such as natural disasters or geopolitical issues. Secondly, Walmart closely collaborates with its suppliers to ensure they meet specific quality, safety, and compliance standards. The company also conducts regular audits and inspections to mitigate the risks associated with unethical practices or non-compliance.2. International Risk Management:As a global retail corporation, Walmart operates in various countries with different regulatory, political, and cultural environments. To manage the risks associated with international operations, Walmart has established a robust governance structure. The company has a dedicated international risk management team that monitors and assesses risks specific to each country. This allows Walmart to tailor its risk mitigation strategies to address the unique challenges and requirements of individual markets. Additionally, Walmart maintains strong relationships with local stakeholders, government agencies, and industry associations to proactively address any potential risks or issues that may arise.3. Data Privacy and Cybersecurity:The increasing reliance on technology and digital systems within the retail industry brings new risks such as data breaches and cyber-attacks. Walmart recognizes the importance of protecting customer and company data from potential threats. The companyhas invested heavily in cybersecurity measures, including firewalls, encryption, and constant monitoring of its systems. Walmart also regularly conducts vulnerability assessments and penetration tests to identify and address any potential weaknesses. In addition to technical safeguards, Walmart has implemented strict data privacy policies and procedures to ensure compliance with relevant regulations and protect customer privacy.4. Regulatory Compliance:Operating in a highly regulated industry, Walmart places a strong emphasis on compliance with applicable laws and regulations. The company has a dedicated legal and compliance team that monitors and ensures adherence to local, national, and international regulations. Walmart invests in training programs for its employees to ensure they are aware of and comply with relevant laws and regulations. The company also conducts regular internal audits to assess compliance and identify areas for improvement. Walmart's commitment to regulatory compliance helps to mitigate the risks associated with legal sanctions, reputational damage, and operational disruptions.5. Environmental Sustainability:Walmart recognizes the risks associated with climate change and environmental degradation and has integrated sustainable practices into its risk management strategy. The company has set ambitious goals to reduce greenhouse gas emissions, promote renewable energy, minimize waste, and conserve natural resources. By adopting sustainable business practices, Walmart reduces its exposure to potential regulatory, reputational, and operational risks. The company also works closely with its suppliers to promotesustainable sourcing and production practices throughout its supply chain.Conclusion:Walmart's comprehensive risk management strategy encompasses a wide range of areas, including risk identification, assessment, mitigation, crisis management, business continuity planning, and continuous improvement. Through its proactive and holistic approach, Walmart can effectively manage potential risks and ensure the safety, security, and continuity of its operations. By placing a strong emphasis on supply chain integrity, international risk management, data privacy, regulatory compliance, and environmental sustainability, Walmart demonstrates its commitment to long-term success and resilience in an ever-changing business landscape.。

风险术语的英文对照1. Risk Assessment - 风险评估2. Risk Management - 风险管理3. Risk Mitigation - 风险缓解4. Risk Identification - 风险识别5. Risk Analysis - 风险分析6. Risk Control - 风险控制7. Risk Response - 风险应对8. Risk Avoidance - 风险避免9. Risk Transfer - 风险转移10. Risk Tolerance - 风险容忍度11. Risk Probability - 风险概率12. Risk Impact - 风险影响13. Risk Assessment Matrix - 风险评估矩阵14. Risk Register - 风险登记册15. Risk Treatment Plan - 风险处理计划16. Risk Exposure - 风险暴露度17. Risk Control Measures - 风险控制措施18. Risk Indicator - 风险指标19. Risk Communication - 风险沟通20. Risk Event - 风险事件请注意，上述术语仅提供参考，具体的风险管理术语可能根据行业和上下文有所不同。

Risk management is an essential component of any organization, as it involves the identification, assessment, and mitigation of potential risks that could impact the achievement of objectives. In order to effectively manage risks, itis crucial to have a clear understanding of various risk terminologies and their corresponding translations in English.Risk assessment, or 风险评估, is the process of identifying and evaluating potential risks to determine their likelihood and potential impact. This involves analyzing the probability of a risk occurring and assessing the potential consequences it could have on the organization. Risk assessments are typically conducted using various tools and techniques such as risk matrices, scenario analysis, and historical data.Once risks have been identified and assessed, the organization can proceed with risk management, or 风险管理. This involves developing strategies and action plans to minimize or eliminate the identified risks. Risk management aims to reduce the likelihood of a risk occurring or its potential impact if it does occur. It includes risk mitigation, or 风险缓解, which involves implementing measures to reduce the probability and/or severity of a risk.Risk identification, or 风险识别, is the process of identifying potential risks that could impact the organization's objectives. This includes analyzing internal and external factors that could lead to risks, such as changes in regulations, market volatility, or operational vulnerabilities. Risk analysis, or 风险分析, is the process of evaluating the identified risks to determine their potential impact and prioritize their treatment.Risk control, or 风险控制, involves implementing measures to reduce or manage the identified risks. This includes developingand implementing risk control measures, such as implementing safety protocols, conducting regular inspections, or implementing redundancy measures. Risk response, or 风险应对, refers to the actions taken by the organization to address identified risks. This could include accepting the risk, avoiding the risk, transferring the risk to a third party, or implementing measures to mitigate the risk.Risk avoidance, or 风险避免, refers to the strategy of completely eliminating the exposure to a particular risk. This could involve making changes to business processes, discontinuing certain activities, or avoiding certain markets or investments. Risk transfer, or 风险转移, involves transferring the responsibility and financial implications of a risk to another party, such as purchasing insurance coverage.Risk tolerance, or 风险容忍度, refers to the level of risk that an organization is willing to accept in order to achieve its objectives. This involves striking a balance between maximizing opportunities and minimizing potential risks. Risk probability, or 风险概率, refers to the likelihood or chance of a risk occurring. Risk impact, or 风险影响, refers to the magnitude of the consequences that would result if a risk were to occur.A risk assessment matrix, or 风险评估矩阵, is a tool used to evaluate and prioritize risks based on their likelihood and impact. It provides a visual representation of risks and helps in determining appropriate risk management strategies. A risk register, or 风险登记册, is a document that records all identified risks, along with their likelihood, potential impact, and mitigation measures.To implement effective risk management, organizations develop risk treatment plans, or 风险处理计划, which outline the specific actions to be taken to manage identified risks. These plans include a clear description of the risk, its potential impact, the desired risk treatment strategy, and the individuals responsible for its implementation.Risk exposure, or 风险暴露度, refers to the level of vulnerability or susceptibility of the organization to a particular risk. It considers the organization's potential financial, operational, and reputational losses resulting from a risk event. Risk control measures, or 风险控制措施, are actions implemented to mitigate or prevent identified risks. These measures may include implementing internal controls, conducting training programs, or investing in technologies to mitigate risks.Risk indicators, or 风险指标, are quantitative or qualitative measures used to monitor and assess risks. These indicators help in identifying early warning signs of emerging risks, enabling timely and proactive risk management. Risk communication, or 风险沟通, refers to the process of sharing information about risks within the organization or with external stakeholders. Effective risk communication is crucial for ensuring that everyone understands the risks, their potential impact, and the organization's strategiesfor managing them.Overall, understanding and utilizing risk terminologies in both English and their native language is vital for effective riskmanagement. It ensures clear communication, facilitates collaboration, and enhances the organization's ability to identify, assess, and mitigate risks. By effectively managing risks, organizations can safeguard their interests, minimize losses, and enhance their overall performance and resilience.。

风险管理从十九世纪二三十年代开始,经历几十年的发展逐渐成为一门影响广泛的现代管理学科。

1983年在美国召开的风险和保险管理协会年会上，世界各国专家学者云集纽约，共同讨论并通过了“101条风险管理准则”，它标志着风险管理的发展已进入了一个新的发展阶段。

101条风险管理准则１．英文：「An organization risk management program must be tailored to its overall objectives and should change when those objectives change.」译文：「一个组织的风险规划方案必需配合企业之整体目标，且应随著目标之改变而改变」２．英文：「If you are in a “safe”business (relatively immune from depression, bankruptcy or shifts in products market), you risk management program can be more “risky”and less costly.」译文：「假如您要安稳地经营（亦即免除相当程度的经济萧条，破產或產品市场转换之衝撃）您的风险管理方案最好能够更具冒险性及成本最低性．」３．英文：「Don’t risk more than you can afford to lose.」译文：「不要冒自己所不能够承担之风险」４．英文：「Don’t risk a lot for a little」译文：「切勿冒因小利而受大害之风险」５．英文：「Consider the odds of an occurrence」译文：「多加考虑损失发生之可能性」６．英文：「Have clearly defined objectives which are consistent with corporate objectives」译文：「必需要有明确之风险管理目标且此目标需与企业目标一致」７．英文：「The risk management department, as a user of services, should award business on the basis of ability to perform.」译文：「风险管理部门是属服务部门，因此该部门对企业利润之回馈应以其执行能力之高低為认定之基础．」８．英文：「For any significant loss exposure, neither loss control nor loss financing alone is enough; control and financing must be combined in the right proportion.」译文：「对任何重大之风险仅以控制对策或理财对策处理是不够的,必需将此两类对策做适当比例正确之搭配始可」风险辨认衡量準则【準则条文】９．英文：「Review financial statements to help identify and measure risks.」译文：「评估财务报表有助於辨认和衡量风险」１０．英文：「Use flow charts to identify sole source suppliers or other contingent business interruption exposures.」译文：「使用流程图分析有助於辨认一个供应商所引发之风险或其他连带营业中断风险.」１１．英文：「To more fully identify and assess risks, you must visit the plants and relate to operations people.」译文：「如果要能更完整地辨认和评估风险，风险管理人员应亲身访问工厂和有关之操作人员」１２．英文：「A reliable data base is essential to estimate probability and severity.」译文：「可靠之资料储存库对估计机率和幅度是相当重要的」１３．英文：「Accurate and timely risk information reduces risk, in any of itself.」译文：「正确和及时之风险资讯有助於降低风险.」１４．英文：「The risk manager should be involved in the purchase or design of any new operation to assure that there are no built-in risk management problems.」译文：「风险管理人员应涉及任何新计划之设计规划或任何新购置方案之工作，俾便事先能确保不產生风险管理上之问题.」１５．英文：「Be certain environmental risks are evaluated in mergers, acquisitions and joint ventures.」译文：「企业在合併、购买和短期合营事业上应确定已完成环境风险之评估工作.」１６．英文：「Select hazardous waste contractors on their risk control measures and their financial stability or insurance protection 」译文：「选择处理具有危险性之废弃物之厂商时应以该厂商在处理废弃物时所採取之风险控制手段是否良好，他们本身之财务结构是否稳定，或从事此危险工作所引发之责任或损失是否良好之保险保障為主要之考虑依据」１７．英文：「Look for incidental involvement in critical risk areas, （ie. , aircraft and nuclear products, medical malpractice, engineering design, ect.）」译文：「在重要的风险区域范围内，积极寻求可能涉及的非所愿事件．（重要的风险区域范围指的是航空和核子科技產品，医疗作业失误、工程设计等工作而言．）」风险控制準则【準则条文】１８．英文：「Risk control works, it is cost effective and helps control local operating costs.」译文：「风险控制是项积极改善风险单位本身性质之工作．它可使成本做最有效之运用同时亦有助单位或部门营运成本之控制．」１９．英文：「The first ( and incontrovertible ) reason for risk control is the preservation of life.」译文：「风险控制首要的（和无可置疑的）理由乃是对人们生命的保护．」２０．英文：「A property conservation program should be designed to protect corporate assets-not the underwriter.」译文：「财產保全维护计划是為了保护公司的资產而设计的──并非為了保全人而设计的．」２１．英文：「Be mindful that key plants and sole source suppliers may need protection above and beyond normal HPR (highly protected risks)requirements.」译文：「对重要工厂和单一供应商应予留意也许它们需要超过HPR正常要求标準的防护措施．」２２．英文：「Use the risk control services of your broker and insurer as anextension of your corporate program. Don’t let them go off on a tangent.」译文：「要把保险经纪人和保险人所提供之风险控制服务视為自己公司的风险控制规划方案延伸的一部份．不能让他们突然地改变既有之服务内容．」２３．英文：「Quality control should not be substitute for a full product liability program. Quality control only assures the product is made according to specifications, whether good or bad.」译文：「品质控制不应视為全部產品责任损失控制方案之替代品．所谓品质控制仅是能确保產品是依据既定之规格製造，不管此一规格是好是坏．」２４．英文：「Most of the safety-related “standards”of governmental agencies should be considered as minimum requirements.」译文：「政府机关所订有关的安全法规或标準应视為风险控制之最低要求．」２５．英文：「Duplicate and separately store valuable papers and back-up data processing media.」译文：「复製并分开储存有价值之资料文件且储备许多电脑处理资料上需要的软硬体零件．」２６．英文：「Avoid travel by multiple executives in a single aircraft.」译文：「避免安排许多重要主管同乘一架航空器从事旅游或考察」风险管理準则【準则条文】２７．英文：「Risk manager. ent should focus on two separate zones of risk relative to the maximum dollar loss the company can survive form a single occurrence:. Below this level-optimize the use of insurance relative to current cost.. Above this level-transfer risk (usually insurance) to maximum extent possible-cost effectiveness is not a criterion in this zone; survival is.译文：「风险管理应著重一次损失之发生，企业能承受之最大损失能力之水準或范围下所分开的两个不同之风险范围．．低於此一范围水準之风险－求取保险与非保险对策之适切成本组合．．高於此一范围水準之风险－儘最大可能转移风险（通常利用保险）此时成本之有效性非决策标準而以存活之机会為决策标準．」２８．英文：「An entity with an unlimited budget can benefit from adopting all risk management measures which have benefits to the entity with an expected present value greater than the expected present value of costs of those measures to that entity.」译文：「较少预算限制之经济个体只要对所有之风险管理方案採取预期收益现值大於预期成本现值之方案即可获益．」２９．英文：「When, for budgetary or practical reasons, an entity must choose between mutually exclusive risk management measures, the entity should choose the measure that offers it the greatest excess of benefits over costs. When both benefits and costs are expressed as expected present values.」译文：「当為了有限之限算或实际之理由时，经济个体在选取互相衝突之风险管理方案时，经济个体应选择预期收益现值与预期成本现值差额最大的风险管理方案．」３０．英文：「Competitive bidding which causes market disruption should be avoided.」译文：「公开竞标易引起市场崩溃应予避免」３１．英文：「Never depend solely on someone else’s insurance .」译文：「不要单单依赖某一保险人提供之保险」３２．英文：「Retrospective rating plans of more than one year hamper flexibility.」译文：「超过一年以上之追溯费率计划反而妨碍弹性程度．」３３．英文：「A tax advantage should be considered a “plus”-not a principal reason for a risk financing decision.」译文：「税负减轻之优点仅能视為有利因子－它不是风险理财决策之主要理由」３４．英文：「Risk taking presents an opportunity for economic gain.」译文：「冒风险意愿著在经济上获益之机会」索赔管理準则【準则条文】３５．英文：「The risk manager should be notified immediately (with-in 24 hours)of any major loss or potential loss.」译文：「对任何重大或潜在之损失，风险经理应立即（24小时内）获得通知．」３６．英文：「Major liability claims should be reviewed for adequacy of investigation and accuracy of reserve.」译文：「对於重大责任损失查勘之适当性和损失準备之正确性应特别注意评估．」３７．英文：「Be careful of local plant involvement in property and liability claims. Local personnel may be too defensive to properly review a major claim.」译文：「特别留意涉及各地工厂部门之财產和责任索赔案件．因為各地工厂部门之人员容易為了减低其损失发失之责任而隐瞒实情以致重大之索赔关键无法正确评估．」３８．英文：「Request early advance payments on large property and business interruption losses.」译文：「对於重大的财產和营业中断损失及早要求保险人预付部份赔款．」－３９．英文：「Secure several estimates or an appraisal of self-insured vehicle physical damage losses.」译文：「对於自行承担之车辆实体毁损应儘可能获取数种之估价资料」４０．英文：「Aggressive claims subrogation ( insured and self-insured) reduces costs.」译文：「主动积极运用代位求偿（不管是被保损失之索赔或未保损失之理贴）可降低理赔成本．」４１．英文：「A claim and disability management program, directed toward getting the employee back to work as soon as possible can save money even though the employee cannot do all phases of the job. 」译文：「索赔和伤残管理规划中应儘可能使员工回復原有之工作，即使员工无法胜任原有所有之工作但可使企业组织节省金钱之花费．」４２．英文：「Periodically audit claims reserves of insurers and self-insurance administrators.」译文：「定期审查保险人和自我保险人所设立的损失理赔準备」４３．英文：「The best claim is a closed claim」译文：「最好的索赔就是结束索赔」员工福利準则【準则条文】４４．英文：「The provisions and costs of employee benefit programs should be clearly and frequently communicated to employees」译文：「员工福利方案的成本和条款应该时常清楚地与员工沟通」４５．英文：「When installing a new benefit plan, it is harder to reduce benefits than to improve them later on.」译文：「当设计一项新的福利项目时，要了解清楚的是将福利给付或项目缩减比事后改善福利项目和内容还难．」４６．英文：「A poor employee benefit program can generate more employee relations problems than no plan at all .」译文：「一个差劲的员工福利计划会比不设立员工福利计划產生更多的人事关係纠纷之问题」４７．英文：「Employee contributions, even small ones, can help you assess the real popularity of a benefit plan.」译文：「员工醵出额即使很小也能有助於评估员工福利方案真正被接受支持之普遍程度．」４８．英文：「Know the benefit plans of the companies with whom you compete for labor.」译文：「应深切了解在人力市场上与自己公司互相竞争的同业公司之员工福利计划．」４９．英文：「Benefit consultants and brokers are not efficiency replacements for in-house stall functions.」译文：「福利顾问和经纪人无法有效取代内部专业职员之功能」５０．英文：「Collective bargaining of employee benefits should involve corporate benefit professionals.」译文：「员工福利在集体议商制定时，公司的福利专业人员应积极涉入参与．」５１．英文：「Legislation and regulation are intensifying in the employee benefit field. Make your company’s opinions known to the government before legislation is enacted.」译文：「政府之立法和管理规定对员工福利具有重大实质之影响．故立法通过和执行前，自己企业公司之意见应让政府单位知道」退休年準则【準则条文】５２．英文：「The ultimate cost of any pension plan is equal to the benefits paid, plus the cost of administration, less any investment earning of the fund.」译文：「任何退休计划终极本等於给付支出额加上行政处理费用扣除资金之投资收益．」５３．英文：「For the most part different actuarial methods and/ or assumptions may alter the incidence of cost, but seldom alter the ultimate level of cost.」译文：「对於大部份不同的精算成本方法和（或）精算假设也许改变了每年退休成本的偶然不同性，但很少改变终极成本之水平．」５４．英文：「Clearly identify your corporate objectives with respect to your retirement program.」译文：「明确确认公司目标与退休计划方案之关係」５５．英文：「Recognize that retirement plans are long-term obligations which will span many political, economic and social environments.」译文：「确认退休计划是属长期之责任义务，这种计划涵盖了许多政治的、经济的和社会的层面环境」５６．英文：「Identify the nature and extent of pension liability prior to any acquisition or divestiture.」译文：「做任何有关退休债务之取或捨之决定前，应认清该退休债务之性质和程度范围」５７．英文：「Establish formal investment objectives with respect to your pension funds which define risk , diversification and absolute performance parameters.」译文：「应正式以书面建立与退休基金有关之投资目标，此目标应包括投资所可能產生风险之范围，投资项目之多元化之内容和肯定会影响投资绩效之因素有那些．」５８．英文：「Monitor the performance of your pension fund in the context of your investment objectives」译文：「应以投资书面目标评估退休基金之投资绩效」５９．英文：「Identify and monitor your corporate exposure as a result of participation in any industry wide multiemployer pension plans.」译文：「辨认和评估因参加任何同业之合同退休计划所可能產生之不利影响」国际性风险管理準则【準则条文】６０．英文：「Multinational organizations should step up to their international risk management responsibilities.」译文：「多国籍企业应逐步提昇国际性风险管理之责任」６１．英文：「Establish a worldwide risk and insurance management program; don’t rely totally on a difference-in-conditions approach.」译文：「多国籍企业应设立全球性风险和保险管理规划方案；不可完全抑赖条款差异保险」６２．英文：「A combination of admitted and non-admitted insurance usually provides the best world wide insurance program.」译文：「被认可保险与不被认可保险之组合通常提供了最佳的全球性保险计划．」６３．英文：「Avoid the use of long-term policies overseas.」译文：「避免使用海外之长期保单」６４．英文：「Be sensitive to and don’t underestimate nationalism when implementing a worldwide risk management program.」译文：「在执行全球性风险管理方案时，尤需保持警觉，并且不能低估国家主义所致之严重问题．」６５．英文：「Don’t ignore local objections to worldwide programs.」译文：「不要忽视海外当地对全球性计划方案之反对」风险管理行政準则【準则条文】６６．英文：「Establish a level of authority via management policy statement.」译文：「透过一份管理策略说明书建立起不同的权责标準」６７．英文：「Prepare and universally distribute a corporate risk managementmanual.」译文：「编製并普通分发公司的风险管理手册」６８．英文：「Set up realistic annual objectives with your brokers, underwriters and vendors and measure their accomplishments and results.」译文：「与您的经纪人，保险人和厂商设立实际具体可完成之年度目标俾便评估其成效和结果」６９．英文：「Verify the accuracy of all relevant information you receive.」译文：「应证实您所获取所有有关资讯之精确性」７０．英文：「Read every insurance policy carefully」译文：「仔细阅读每一张保险单」７１．英文：「Keep program design simple」译文：「应儘量保持风险管理方案设计之简明化」７２．英文：「Consolidate-where it makes sense to do so」译文：「如果行政工作程序合併简化具积极意义时就该合併」７３．英文：「Develop record retention procedures」译文：「应发展一套纪录保存之程序」７４．英文：「Keep intercom any premium allocation confidential. 」译文：「公司单位部门间之保费分摊应使人信服」７５．英文：「Establish administrative procedures in writing」译文：「应以书面建立行政处理程序」风险管理技巧準则【準则条文】７６．英文：「Insurance policy provisions should be uniform as to named insured, notice and cancellation clauses, territory, etc.」译文：「保单条款中有关记名被保人、通知和註销条款、投保区域之规定等应求取一致．」７７．英文：「The “notice ”provision in all insurance policies should be modified to mean notice to a specific individual」译文：「所有保单中之“通知”条款应被修订成通知特定单位或个人之通知条款」７８．英文：「Primary policies with annual aggregates should have policy periods which coincide with excess policies」译文：「年度累积式基本保单之期间应与超额保单期间一致」７９．英文：「Joint loss agreements should be obtained from fire and boiler and machinery insurers.」译文：「应取得火灾和锅炉机械保险之联合共同损失协议条款」８０．英文：「Add “drive other car”protection to your corporate automobile insuracne」译文：「公司的汽车保险方案中应加入“驾驶他车”之保障条款」８１．英文：「Eliminate coinsurance clauses.」译文：「应消除共保条款」８２．英文：「Know the implications of and difference between “claims made”and “pay on behalf of”liability contracts.」译文：「应该认识清楚“请求索赔”责任保单和“代被保人赔偿”责任保单之涵义和其间之区别」８３．英文：「Risks accepted under contracts are not necessarily covered under contractual liability coverage」译文：「透过契约而承受的风险不一定需由契约责任保险来承保」８４．英文：「Add employees as insured’s to liability contracts. Use discretionary language to avoid defending hostile persons.」译文：「应将员工纳入责任保险之被保人中．并採用较為广义弹性之用语以避免并防范怀有恶意之他人．」风险管理沟通準则【準则条文】８５．英文：「All communication providing or requesting information should be expressed in clear, objective language, leaving no room for individual interpretation.」译文：「沟通上所要提供之资讯或所需之资讯均应以明确且客观之用语显示，千万勿令人有两可解释之餘地．」８６．英文：「All communications and relationships should be conducted with due consideration to proprietary information.」译文：「所有之沟通及工作关係应充份尊重考虑最高负责人意思后才予实施」８７．英文：「Communicate effectively up and down and avoid management surprises」译文：「沟通应有效地做到上闻下达之地步并避免令管理人员闻讯后感到讶异．」８８．英文：「Don’t tell senior management anything-ask them, counsel them, inform them.」译文：「对最高管理阶层人员千万勿用「告诉」字眼－而是用「请问」、「建议」、「通知」他们之字眼．」８９．英文：「Communicate in business language, avoid insurance jargon.」译文：「应以一般商业用语沟通，避免用艰深之保险术语．」９０．英文：「Obtain letters of intent or interpretations regarding agreements(coverage or administration) which are outside of and/or in addition to actual insurance or service contracts. Never rely on verbal agreements.」译文：「对於保险契约或服务契约本身外的协议或额外的协议（保障或行政事项），应确实获得有关解释说明之书面文件．絶对不可依赖口头上之协议来行事．」９１．英文：「The immediate supervisor to the risk management function should be educated in principles of risk management.」译文：「对於直接执行风险管理职能之主管应受过风险管理专业教育训练始可．」９２．英文：「Communicate every insurance exclusion and no insurance implication to your management . 」译文：「风险管理人员应就每一保险契约中之免责事项及其所显示之保险以外之涵义与管理阶层人员沟通」９３．英文：「In competitive bidding situations, advise each competitor that the first bid is the only bid and stick to it.」译文：「在竞标中，应向每一位投标人建议每人的第一次标价就是唯一的标价并坚持此一原则．」９４．英文：「Risk managers should meet with underwriters rather than relyingtotally on others for market communications」译文：「风险管理人员应经常主动拜访保险人，以便取得市场资讯而不应完全依赖其他的人和事来取得市场资讯．」风险管理哲学準则【準则条文】９５．英文：「The risk manager ( and his corporation ) should avoid developing the reputation of a “shopper”or “market burner”. This reputation can be detrimental to the corporations best interests and the risk managers credibility」译文：「风险管理人员（或其公司）应避免建立起「购买者」或「市场交易带头者」之名声．此种名声能够阻碍公司最佳利益之获取和损及风险管理人员之信赖度．」９６．英文：「Determine your personal level of risk aversion and temper intuitive judgments up or down accordingly.」译文：「确定自己的风险偏好之程度并据此调适主观直觉之判断」９７．英文：「Program design will always be a function of current practicalities tempered by management’s level of risk aversion.」译文：「风险管理方案之规划常是管理决策者实际风险偏好程度之显示」９８．英文：「Everyone is in business to make a fair profit」译文：「企业中每一个人均要有為公司赢得顾客满意，赚取合理利润之心志」９９．英文：「Long term, good faith relationships are not obsolete.」译文：「长期且诚信的关係是絶不会过时的」１００．英文：「Integrity is not out of style」译文：「诚篤正直的心絶不会落伍」１０１．英文：「Common sense is the most important ingredient in risk management.」译文：「普通常识是风险管理中最重之要素．」。

公司战略与风险管理常用英语词汇1.macro environment 宏观经济环境2.Porter’s diamond model 波特的钻石模型（研究国家竞争力）3.Porter’s five forces analysis波特的五力模型4.industry 行业5.sector 部门，领域6.convergence 集中，趋同7.SWOT SWOT模型8.opportunity 机会9.threat 威胁10.strength 优势11.weakness 劣势petitor 竞争者13.product life cycle 产品生命周期14.strategic group 战略组群15.segmentation 细分16.demand condition （also called diamond condition）需求条件，又称钻石条件17.factor conditions 有利因素状况18.related and supporting industries 相关和支持性行业的存在19.firm strategy, structure and competitive rivalry within an industry 企业战略、结构和同业竞争20.threat of new entrants 新进入者的威胁21.barrier to entry 进入壁垒22.power of supplier 供应商力量23.customer 客户petitive rivalry between existing firms 现存企业间的竞争对手25.substitute product 替代产品26.value chain 价值链27.support or secondary value activities 辅助活动28.primary value activities 基本活动29.firm infrastructure 企业基础设施建设30.human resource management 人力资源管理31.Technology development 技术开发32.Procurement 采购33.Inbound logistics 进货后勤34.operations 生产经营35.outbound logistics 发货后勤36.marketing and sales 市场营销37.service 服务38.margin 利润39.improved performance and added value 提升业绩和增加价值40.improved understanding of environmental pressure 更加深刻理解周边环境压力41.improved competitive position 提升竞争力42.a creative process of change 创造性的变化过程43.a target to motivate and improve operations 促进和改进营运的目标44.increased rate of organizational learning 提升组织学习程度45.functional structure 职能结构46.divisional structure （product division， geographical division）事业部结构（产品事业部、地区事业部）47.SBU （strategic business unit）战略业务单元48.matrix organization 矩阵组织49.co-ordinated decisions and better management control, therefore less sub-optimizing （协调决策和管理控制，减少次优决策）50.conformity with overall objectives – goal congruence is more likely to be achieved（有助于整体目标的一致性）51.standardization （标准化）52.balance between functions, divisions, etc （在职能、事业部之间取得平衡）53.economy of scale （规模经济）54.top managers become better decision makers （高级管理层成为更好的决策者）55.speedier central decisions may be made in a crisis –delegation can be time-consuming.面临危机可以较快地集中决策以便应对（分权则会浪费时间）56.those of lower rank experience reduce job satisfaction. （底层员工缺乏工作满意度）57.senior management do not possess sufficient knowledge of all organizational activities. 高级管理层不能充分的知悉组织行为58.centralization places stress and responsibility onto senior management.（集权制使高层领导承担较大压力和责任）59.subordinates experience restricted opportunity for career development toward senior management positions. （下属员工向上发展的职业机会有限）60.decisions often take considerable time. （决策往往花费较多之间）61.strategic apex 战略顶点62.techno structure 技术结构63.operating core 作业核心64.middle line 中间层65.support staff 支持性人员66.ideology 思想体系、意识形态67.risk acceptance 风险接受68.risk avoidance 风险规避69.risk mitigation 风险缓释70.risk transfer 风险转移71. operational risk 操作风险72.political risk 政治风险73.country risk 国家风险74.project risk 项目风险75.legal/compliance risk 法律/合规风险76. commodity risk 产品风险77.market risk （foreign exchange risk, interest rate risk）市场风险（汇率风险、利率风险）78.liquidity risk 流动性风险79.credit risk 信用风险80.Strategic risk 战略风险81.Reputation risk 声誉风险82.Risk appetite 风险偏好83.Risk attitude 风险态度84.Risk tolerance 风险容限85.Financial instrument 金融工具86.Derivatives 衍生品87.Hedging 对冲/套期ting 净额89.Forward contract 远期合约90.Swap 掉期/互换91.Options 期权92.Call options 看涨期权93.Put options 看跌期权94.Futures 期货95.Exercise price 行权价格96.Elapse 失效、逾期97.Expire 到期98.Maturity 到期日99.Spot rate 即期汇率100.Forward rate 远期汇率101.Premium/discount 升水/贴水102.Interest rate 利率103.Exchange rate 汇率104.Floating rate 浮动利率105.Fixed rate 固定利率。

企业风险管理中英文对照外文翻译文献(文档含英文原文和中文翻译)原文：Risk ManagementThis chapter reviews and discusses the basic issues and principles of risk management, including: risk acceptability (tolerability); risk reduction and the ALARP principle; cautionary and precautionary principles. And presents a case study showing the importance of these issues and principles in a practical management context. Before we take a closer look, let us briefly address some basic features of risk management.The purpose of risk management is to ensure that adequate measures are taken to protect people, the environment, and assets from possible harmful consequences of the activities being undertaken, as well as to balance different concerns, in particular risks and costs. Risk management includes measures both to avoid the hazards and toreduce their potential harm. Traditionally, in industries such as nuclear, oil, and gas, risk management was based on a prescriptive regulating regime, in which detailed requirements were set with regard to the design and operation of the arrangements. This regime has gradually been replaced by a more goal-oriented regime, putting emphasis on what to achieve rather than on the means of achieving it.Risk management is an integral aspect of a goal-oriented regime. It is acknowledged that risk cannot be eliminated but must be managed. There is nowadays an enormous drive and enthusiasm in various industries and in society as a whole to implement risk management in organizations. There are high expectations that risk management is the proper framework through which to achieve high levels of performance.Risk management involves achieving an appropriate balance between realizing opportunities for gain and minimizing losses. It is an integral part of good management practice and an essential element of good corporate governance. It is an iterative process consisting of steps that, when undertaken in sequence, can lead to a continuous improvement in decision-making and facilitate a continuous improvement in performance.To support decision-making regarding design and operation, risk analyses are carried out. They include the identification of hazards and threats, cause analyses, consequence analyses, and risk descriptions. The results are then evaluated. The totality of the analyses and the evaluations are referred to as risk assessments. Risk assessment is followed by risk treatment, which is a process involving the development and implementation of measures to modify the risk, including measures designed to avoid, reduce (“optimize”), transfer, or retain the risk. Risk transfer means sharing with another party the benefit or loss associated with a risk. It is typically affected through insurance. Risk management covers all coordinated activities in the direction and control of an organization with regard to risk.In many enterprises, the risk management tasks are divided into three main categories: strategic risk, financial risk, and operational risk. Strategic risk includes aspects and factors that are important for the e nterprise’s long-term strategy and plans,for example mergers and acquisitions, technology, competition, political conditions, legislation and regulations, and labor market. Financial risk includes the enterprise’s financial situation, and includes: Market risk, associated with the costs of goods and services, foreign exchange rates and securities (shares, bonds, etc.). Credit risk, associated with a debtor’s failure to meet its obligations in accordance with agreed terms. Liquidity risk, reflecting lack of access to cash; the difficulty of selling an asset in a timely manner. Operational risk is related to conditions affecting the normal operating situation: Accidental events, including failures and defects, quality deviations, natural disasters. Intended acts; sabotage, disgruntled employees, etc. Loss of competence, key personnel. Legal circumstances, associated for instance, with defective contracts and liability insurance.For an enterprise to become successful in its implementation of risk management, top management needs to be involved, and activities must be put into effect on many levels. Some important points to ensure success are: the establishment of a strategy for risk management, i.e., the principles of how the enterprise defines and implements risk management. Should one simply follow the regulatory requirements (minimal requirements), or should one be the “best in the class”? The establishment of a risk management process for the enterprise, i.e. formal processes and routines that the enterprise is to follow. The establishment of management structures, with roles and responsibilities, such that the risk analysis process becomes integrated into the organization. The implementation of analyses and support systems, such as risk analysis tools, recording systems for occurrences of various types of events, etc. The communication, training, and development of a risk management culture, so that the competence, understanding, and motivation level within the organization is enhanced. Given the above fundamentals of risk management, the next step is to develop principles and a methodology that can be used in practical decision-making. This is not, however, straightforward. There are a number of challenges and here we address some of these: establishing an informative risk picture for the various decision alternatives, using this risk picture in a decision-making context. Establishing an informative risk picture means identifying appropriate risk indices and assessments ofuncertainties. Using the risk picture in a decision making context means the definition and application of risk acceptance criteria, cost benefit analyses and the ALARP principle, which states that risk should be reduced to a level which is as low as is reasonably practicable.It is common to define and describe risks in terms of probabilities and expected values. This has, however, been challenged, since the probabilities and expected values can camouflage uncertainties; the assigned probabilities are conditional on a number of assumptions and suppositions, and they depend on the background knowledge. Uncertainties are often hidden in this background knowledge, and restricting attention to the assigned probabilities can camouflage factors that could produce surprising outcomes. By jumping directly into probabilities, important uncertainty aspects are easily truncated, and potential surprises may be left unconsidered.Let us, as an example, consider the risks, seen through the eyes of a risk analyst in the 1970s, associated with future health problems for divers working on offshore petroleum projects. The analyst assigns a value to the probability that a diver would experience health problems (properly defined) during the coming 30 years due to the diving activities. Let us assume that a value of 1 % was assigned, a number based on the knowledge available at that time. There are no strong indications that the divers will experience health problems, but we know today that these probabilities led to poor predictions. Many divers have experienced severe health problems (Avon and Vine, 2007). By restricting risk to the probability assignments alone, important aspects of uncertainty and risk are hidden. There is a lack of understanding about the underlying phenomena, but the probability assignments alone are not able to fully describe this status.Several risk perspectives and definitions have been proposed in line with this realization. For example, Avon (2007a, 2008a) defines risk as the two-dimensional combination of events/consequences and associated uncertainties (will the events occur, what the consequences will be). A closely related perspective is suggested by Avon and Renan (2008a), who define risk associated with an activity as uncertaintyabout and severity of the consequences of the activity, where severity refers to intensity, size, extension, scope and other potential measures of magnitude with respect to something that humans value (lives, the environment, money, etc.). Losses and gains, expressed for example in monetary terms or as the number of fatalities, are ways of defining the severity of the consequences. See also Avon and Christensen (2005).In the case of large uncertainties, risk assessments can support decision-making, but other principles, measures, and instruments are also required, such as the cautionary/precautionary principles as well as robustness and resilience strategies. An informative decision basis is needed, but it should be far more nuanced than can be obtained by a probabilistic analysis alone. This has been stressed by many researchers, e.g. Apostolicism (1990) and Apostolicism and Lemon (2005): qualitative risk analysis (QRA) results are never the sole basis for decision-making. Safety- and security-related decision-making is risk-informed, not risk-based. This conclusion is not, however, justified merely by referring to the need for addressing uncertainties beyond probabilities and expected values. The main issue here is the fact that risks need to be balanced with other concerns.When various solutions and measures are to be compared and a decision is to be made, the analysis and assessments that have been conducted provide a basis for such a decision. In many cases, established design principles and standards provide clear guidance. Compliance with such principles and standards must be among the first reference points when assessing risks. It is common thinking that risk management processes, and especially ALARP processes, require formal guidelines or criteria (e.g., risk acceptance criteria and cost-effectiveness indices) to simplify the decision-making. Care must; however, be shown when using this type of formal decision-making criteria, as they easily result in a mechanization of the decision-making process. Such mechanization is unfortunate because: Decision-making criteria based on risk-related numbers alone (probabilities and expected values) do not capture all the aspects of risk, costs, and benefits, no method has a precision that justifies a mechanical decision based on whether the result is overor below a numerical criterion. It is a managerial responsibility to make decisions under uncertainty, and management should be aware of the relevant risks and uncertainties.Apostolicism and Lemon (2005) adopt a pragmatic approach to risk analysis and risk management, acknowledging the difficulties of determining the probabilities of an attack. Ideally, they would like to implement a risk-informed procedure, based on expected values. However, since such an approach would require the use of probabilities that have not b een “rigorously derived”, they see themselves forced to resort to a more pragmatic approach.This is one possible approach when facing problems of large uncertainties. The risk analyses simply do not provide a sufficiently solid basis for the decision-making process. We argue along the same lines. There is a need for a management review and judgment process. It is necessary to see beyond the computed risk picture in the form of the probabilities and expected values. Traditional quantitative risk analyses fail in this respect. We acknowledge the need for analyzing risk, but question the value added by performing traditional quantitative risk analyses in the case of large uncertainties. The arbitrariness in the numbers produced can be significant, due to the uncertainties in the estimates or as a result of the uncertainty assessments being strongly dependent on the analysts.It should be acknowledged that risk cannot be accurately expressed using probabilities and expected values. A quantitative risk analysis is in many cases better replaced by a more qualitative approach, as shown in the examples above; an approach which may be referred to as a semi-quantitative approach. Quantifying risk using risk indices such as the expected number of fatalities gives an impression that risk can be expressed in a very precise way. However, in most cases, the arbitrariness is large. In a semi-quantitative approach this is acknowledged by providing a more nuanced risk picture, which includes factors that can cause “surprises” r elative to the probabilities and the expected values. Quantification often requires strong simplifications and assumptions and, as a result, important factors could be ignored or given too little (or too much) weight. In a qualitative or semi-quantitative analysis, amore comprehensive risk picture can be established, taking into account underlying factors influencing risk. In contrast to the prevailing use of quantitative risk analyses, the precision level of the risk description is in line with the accuracy of the risk analysis tools. In addition, risk quantification is very resource demanding. One needs to ask whether the resources are used in the best way. We conclude that in many cases more is gained by opening up the way to a broader, more qualitative approach, which allows for considerations beyond the probabilities and expected values.The traditional quantitative risk assessments as seen for example in the nuclear and the oil & gas industries provide a rather narrow risk picture, through calculated probabilities and expected values, and we conclude that this approach should be used with care for problems with large uncertainties. Alternative approaches highlighting the qualitative aspects are more appropriate in such cases. A broad risk description is required. This is also the case in the normative ambiguity situations, as the risk characterizations provide a basis for the risk evaluation processes. The main concern is the value judgments, but they should be supported by solid scientific assessments, showing a broad risk picture. If one tries to demonstrate that it is rational to accept risk, on a scientific basis, too narrow an approach to risk has been adopted. Recognizing uncertainty as a main component of risk is essential to successfully implement risk management, for cases of large uncertainties and normative ambiguity.A risk description should cover computed probabilities and expected values, as well as: Sensitivities showing how the risk indices depend on the background knowledge (assumptions and suppositions); Uncertainty assessments; Description of the background knowledge, including models and data used.The uncertainty assessments should not be restricted to standard probabilistic analysis, as this analysis could hide important uncertainty factors. The search for quantitative, explicit approaches for expressing the uncertainties, even beyond the subjective probabilities, may seem to be a possible way forward. However, such an approach is not recommended. Trying to be precise and to accurately express what is extremely uncertain does not make sense. Instead we recommend a more openqualitative approach to reveal such uncertainties. Some might consider this to be less attractive from a methodological and scientific point of view. Perhaps it is, but it would be more suited for solving the problem at hand, which is about the analysis and management of risk and uncertainties.Source: Terje Aven. 2010. “Risk Management”. Risk in Technological Systems, Oct, p175-198.译文：风险管理本章回顾和讨论风险管理的基本问题和原则，包括：风险可接受性（耐受性）、风险削减和安全风险管理原则、警示和预防原则，并提出了一个研究案例，说明在实际管理环境中这些问题和原则的重要性。

做好风险管理的动词短语
1.识别风险(Identify risks):通过调查、分析和评估可能对组织或项目造成负面影响的情况和事件，以便及时采取措施来应对风险。

2.评估风险(Assess risks):对已经识别的风险进行更深入的分析和评估，确定其对组织或项目的潜在影响和可能性，以便确定哪些风险需要重点关注和处理。

3.管理风险(Manage risks):采取措施来降低、转移、接受或避免已经识别和评估的风险，以确保组织或项目的稳定和可持续发展。

4.监控风险(Monitor risks):定期跟踪和检查已经管理和处理的风险，以及可能出现的新风险，以确保风险管理策略的有效性和适时调整。

5.传播风险(Communicate risks):向相关利益相关者和团队成员清晰有效地传达风险信息，使他们了解风险的潜在影响和可能对决策的影响，以便共同努力应对风险。

The purpose of this procedure is to provide for a system and in structi ons, and to assig n resp on sibilities for identifying and evaluating risks.2.0 ScopeThis procedure applies to risks related to the QMS.3.0 Procedure3.1The need for risk identification is determined on the basis of information and trendsregard ing the performa nee and effective ness of the QMS. I n particular:Regulatory requireme ntsProduct safety requireme nts and con siderati onsProduct and service noncon formitiesProcess problems and noncon formitiesSupplier quality performa nee recordsReject and scrap ratesField service recordsOn time delivery performa neeProducti on equipme nt maintenance recordsCustomer feedback and compla intsQuality man ageme nt system audit recordsData loss/corrupti on in cide nts, n etwork outages, etc.3.2Risks are identified and evaluated when quality performance data indicates that there are trends of decreas ing quality capability an d/or effective ness of the quality man ageme nt system. For example:in creas ing in cide nce of product noncon formity; excessive equipme nt problems; or in creas ing n umber of audit findings against the same quality system process or department.3.3Initiating risk management projects3.3.1Risks are ide ntified, evaluated and addressed in DaMei Risk Man ageme nt module; with in a framework of a Risk Man ageme nt Project.3.3.2Risk man ageme nt projects may be proposed by any orga ni zati onal un it and any employee in the compa ny. Requests for in itiati ng a risk man ageme nt project are submitted to Man ageme nt represe ntative or Gen eral man ager, as appropriate. Only Man ageme nt represe ntative and Gen eral man ager have the authority to initiate, or approve the initiation of risk management projects. This is to prioritize and direct resources where risk con trol is most urge nt.4.0 Risk man ageme nt project4.1Risk management projects are initiated in DaMei Risk Management module using electronic form EF-380-1 Risk Project.4.2When initiating a new project, select in form EF-380-1 the risk assessment method that will be used for the project:1)Hazard Evaluation: This is a method for evaluating hazards and related harms, rather than estimating the actual risks. The method is based on evaluating hazardous situations and associated harms (risk cases), and existing controls that reduce the likelihood of the hazardous situation occurring and/or reduce the severity of the harm. The evaluation results in a decision whether additional controls need to be implemented to further reduce risk. Although no a full fledged risk analysis, it is an excellent method for dem on strati ng 'risk based thinking' without going into formal and complex risk an alysis studies. This method should not be used when evaluating risks related to the safety of medical devices.2)Risk Matrix Analysis: This is a structured, formal method for assessing risks using a risk matrix. The risk matrix for the project is defined usinga template provided in formEF-380-01 (click the Risk Matrix tab in the form). This method is often referred to in technical literature as a Prelim inary Hazard An alysis (PHA). It is a top-dow n approach, using a list of known hazards as in put for the risk analysis. The risk matrix method is the most flexible and versatile, as it can be applied to any product, process or system, and does not require detailed kno wledge about the system to be an alyzed. Where appropriate, the risk matrix Analysis method should be used when evaluating risks related to the safety of medical devices.Other Method: Select this item when some other risk assessment method will be used, for example: Failure Mode Effects An alysis (FMEA), Failure Mode, Effects and Criticality An alysis (FMECA), Fault Tree Analysis (FTA), Hazard Analysis and Critical Control Points (HACCP), etc.4.3Risk man ageme nt projects are periodically reviewed to en sure that they remai n releva nt and up to date. Review dates are scheduled, and the review are docume nted in form EF-380-1 in the 'Reviews' block.5.0 Hazards5.1Hazards are con diti ons, circumsta nces, practices or other 'thi ngs' that can be a source of harm or loss. Hazards do not cause harms; they just make harms possible. Hazards are usually con sta nt, i.e., they are always there, unl ess the hazard is completely removed.5.2For each risk man ageme nt project ide ntify all releva nt hazards and en ter them into DaMei Risk Man ageme nt module (select the project and en ter hazards into the 'Hazards' grid).。