Abstract
Risk matrices are a means to consider the risk components of threat severity and probability by assessing risk aspects and their varying degrees of impact. Risk matrices are described in the context of COSO’s risk management framework and process. A number of basic applications are reviewed. Cox and Levine critiques of the use of risk matrices are described, with their suggestions for more accurate quantitative analytic tools. An ideal approach would be to expend such measurement funds only if they enable reducing overall cost. The interesting aspect is that we do not really know. Thus, we would argue that if you have accurate data (and it is usually worth measuring whatever you can), you should get as close to this ideal as you can.
Risk matrices provide valuable initial tools when high levels of uncertainty are present. Quantitative risk assessment in the form of indices as demonstrated would be preferred if data to support it is available.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer-Verlag GmbH Germany, part of Springer Nature
About this chapter
Cite this chapter
Olson, D.L., Wu, D. (2020). Risk Matrices. In: Enterprise Risk Management Models. Springer Texts in Business and Economics. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-60608-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-662-60608-7_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-60607-0
Online ISBN: 978-3-662-60608-7
eBook Packages: Economics and FinanceEconomics and Finance (R0)