Chapter 3
Managing Risk
In the previous chapter, I discussed uncertainty, risk, and the theory of probability. Now, I change gears and move from hard science to soft business management because when all is said and done, risk management is about managing risk—about managing people, processes, data, and projects. It is not just elegant quantitative techniques; it is the everyday work of actually managing an organization and the risks it faces. Managing risk requires making the tactical and strategic decisions to control those risks that should be controlled and to exploit those opportunities that should be exploited. Managing profits cannot be separated from managing losses or the prospect of losses. Modern portfolio theory tells us that investment decisions are the result of trading off return versus risk; managing risk is just part of managing returns and profits.
Managing risk must be a core competence for any financial firm. The ability to effectively manage risk is the single most important characteristic separating financial firms that are successful and survive over the long run from firms that are not successful. At successful firms, managing risk always has been and continues to be the responsibility of line managers from the board through the CEO and down to individual trading units or portfolio managers. Managers have always known that this is their role, and good managers take their responsibilities seriously. The only thing that has changed in the past 10 or 20 years ...
