The Known-Unknown Classification of Risk
The entire subject of risk management is based on the ability of the manager to identify, value, and then mitigate the correct risks. Classification of risks is a vital step in this process. It is important to realize that there is no standard framework for classifying risks. Different people use different frameworks. One such framework was made popular by Donald Rumsfeld, who was Secretary of Defense for the United States during the subprime mortgage crisis. This framework classifies risks based on Knowns and Unknowns.
It is important to realize that this framework was not created by Donald Rumsfeld. It already existed in a lesser-known psychological construct called the Johari Window. Donald Rumsfeld just popularized the adoption of the concept to characterize and classify financial risks. In this article, we will understand how risks are classified in the known-unknown framework.
The Known Unknown Framework
The known unknown framework is a matrix that helps classify risks based on the knowledge that we have about them. This framework is unique in the sense that it acknowledges that there are some risks that we cannot find out about no matter how diligent we are. After the 2008 crisis, this matrix has been routinely used to classify risks into four different categories. The details about these categories have been mentioned below:
1. Known Known Risks
Known knowns are the easiest type of risks when it comes to risk management. One known stands for the fact that the organization is aware that such a risk exists. The other known is for the fact that the risk can be measured and its effects can be quantified.
An example of such a risk would be the possibility that a firm would lose some of its customers to its competitors. Almost every firm is aware that such a risk exists. Also, they can reasonably quantify the probability of customers leaving them and the impact that such a loss would have on their financial statements.
These types of risks are easiest to manage because the probability of them occurring as well as their impact is known. Mathematical models can be developed that help make decisions that minimize the occurrence as well as the impact of such risks. Technology such as business process workflows can bring about a certain level of automation which helps better mitigate and even avoid these risks to some extent.
2. Known Unknown Risks
Known unknown risks are the second category of risks that companies generally face. These risks are called known unknowns because the organization is aware of the existence of such a risk. However, at the same time, the organization is not aware of the probability that this risk will affect them. At the same time, they are not able to quantify the impact that these risks will have on their business if they materialize.
Risks related to lawsuits can be put in this category. This is because companies are aware that they are liable for all the actions of their employees and even their subcontractors. Hence, there is always a possibility that they might become targets of a lawsuit due to the willful or negligent misconduct of one of their associates. However, it is difficult to gauge the probability of such an event taking place as well as the financial impact it may have. Lawsuits can cost the company anywhere between a few thousand dollars to billions of dollars!
Companies often spend a lot of money buying insurance as well as hiring specialists to gain more information and prevent such risks from materializing.
3. Unknown Unknown Risks
These are the most dangerous type of risks which an organization faces. One unknown stand for the fact that the company is not even aware of the existence of such a risk. The other unknown goes without saying. This is because the company is not even aware of the existence of such a risk. Hence, the question of measuring and quantifying risk does not really arise. These risks typically tend to have a very high impact and endanger the very existence of the organization.
Examples of such risks include extreme weather events. The coronavirus global pandemic is another classic example of this risk. No matter how hard the risk managers would have tried, they would have found it difficult to predict the existence and impact of this type of risk with any degree of accuracy. This is where all the mathematical models of risk management begin to fail. These events have been labeled as black swan events based on the
Companies, however, do not completely give up on these risks. Most companies have some sort of business continuity plan in place to help them manage these black swan events better.
4. Unknown Known Risks
These are risks that are created due to the negligence of the company. For instance, companies should ideally be aware that they face some amount of market risk or counterparty risk. Hence, believing that an adverse event will never occur is negligent on the part of the company. These risks are seldom mentioned in the companys risk management framework. This is because, in a properly managed risk department, such risks should not exist at all. However, many times these risks are present in even the best organizations in the world. The subprime mortgage crisis and the subsequent financial crisis that it brought is testimony to this fact.
The fact of the matter is that every industry, as well as every business, faces risks that are unique and different from the other. The known unknown framework is an effective way to classify these risks.
|❮❮ Previous||Next ❯❯|
Authorship/Referencing - About the Author(s)
The article is Written By Prachi Juneja and Reviewed By Management Study Guide Content Team. MSG Content Team comprises experienced Faculty Member, Professionals and Subject Matter Experts. We are a ISO 2001:2015 Certified Education Provider. To Know more, click on About Us. The use of this material is free for learning and education purpose. Please reference authorship of content used, including link(s) to ManagementStudyGuide.com and the content page url.
- Risk Management - Introduction
- Benefits of Risk Management
- Principles of Risk Management
- Risk Management Process
- Risk Identification and Assessment
- Aspects of Risk Management
- Steps in Risk Management Process
- Approaches to Risk Management
- Risk Management Policy
- Commonly Used Measures of Risk
- Risk Management Plan
- Evaluation of Risk Management Plan
- Risk Treatment
- Role of HRD in Risk Management
- Enterprise Risk Management
- Implementing ERM
- Risk Management and Stock Market
- Outsourcing Risk Management Program
- Risk Management as a Profession
- Anticipating and Mitigating Organizational Risks in the Digital Age
- Challenges Facing the Australian Economy
- The Economic Costs of MeToo
- Automated Claims Processing
- Challenges in Global Insurance And International Claims
- Conflicts of Interest in the Insurance Business
- The Cost Structure in the Insurance Industry
- How Drones Will Impact the Insurance Industry?
- How Is Health Insurance Funded?
- How Self Driving Cars Impact Insurance?
- How Stock Market Volatility Affects Insurance Companies?
- Insurance Agents vs. Insurance Brokers
- The ABCs of Insurance Fraud in India
- Technological Advances in the Insurance Industry
- The Basics of Unemployment Insurance
- The Pros and Cons of Unemployment Assistance and Why it Matters in the Present Times
- The Role of Insurance In #MeToo Movement
- Why the Flood Insurance Market should be Privatized?
- Basics of Pet Insurance
- Cannabis Insurance
- Challenges Facing Cryptocurrency Insurance
- Evolution of Insurance Regulation
- Food Delivery Apps and Insurance
- How Does Captive Insurance Work?
- On-Demand Insurance
- Reinsurance vs. Double Insurance
- Solvency Regulations in the Insurance Industry
- Terrorism and Insurance
- The Basics of Microinsurance
- The Basics of Reinsurance
- Types of Captive Insurance Companies
- What is P2P Insurance?
- How Risks Affect Companies Providing Financial Services
- Risk Management Information System
- Disadvantages of Risk Management Information Systems
- The Known-Unknown Classification of Risk
- Operational Risk: Definition and Drivers
- How Regulations Have Affected Operational Risk?
- Identification of Operational Risks
- How to Identify Operational Risks
- Using Internal Loss Data to Mitigate Operational Risks
- External Loss Data in Operational Risk Management
- Risk Control Self Assessment (RCSA)
- Scenario Analysis in Risk Management
- Key Risk Indicators
- Basel Approaches in Operational Risk Management
- The Basel Risk Categories
- Cause Categories in Operational Risk Management
- Loss Distribution Approach
- The COSO Framework for Internal Control
- Mistakes to be Avoided While Building a Risk Management System
- Credit Rating Terminology
- Types of Exposures to Determine Credit Limit
- Types of Credit Events
- Active Credit Portfolio Risk Management
- Metrics to Measure Credit Risk
- Credit Derivatives: An Introduction
- Credit Linked Note
- How do Credit Default Swaps Work?
- Why are Credit Default Swaps Dangerous?
- Total Returns Swap
- What are Collateralized Debt Obligations and How do they Work?
- Collateralized Debt Obligations: Advantages and Disadvantages
- Mark To Market Accounting
- What are Recovery Rates? - Different Types of Recovery Rates
- Netting, Close Out, and Acceleration
- Expected Default Frequency (EDF)
- Expected Default Frequency: Advantages and Disadvantages
- Altmans Z Score Model
- Unexpected Loss and Economic Capital Buffer
- Stress Testing in Credit Risk Management
- Provisioning in Credit Risk Management
- How Corporate Governance Impacts Credit Risk
- Exit Strategies In Credit Risk Management
- What is Market Risk? - How its Measured and Sources of Market Risk
- Why is Market Risk Management Important?
- Introduction to Value At Risk (VaR)
- The Three Types of Value at Risk (VaR)
- Marginal, Incremental and Component Value at Risk (VAR)
- How Value at Risk (VaR) is Implemented?
- Backtesting Value at Risk (VaR)
- Advantages of Using Value at Risk (VaR) Model
- Disadvantages of Using the Value at Risk (VaR) Model
- How Margins Are Calculated Using Value at Risk (VaR)
- Market Risk Limits
- Tail Risk
- The Upside of Market Volatility
- Relationship between Volatility and Risk
- Importance of Data Quality in Risk Management
- Impact of Using Poor Quality Data and Metrics to Measure Data Quality
- Enterprise Risk Management (ERM) vs Traditional Risk Management
- Benefits of Enterprise Risk Management
- Corporate Risk Governance
- International Risk Governance Committee (IRGC) Framework
- Failure of Market Risk Management
- Mistakes to Avoid in Risk Management