SlideShare ist ein Scribd-Unternehmen logo

Fundamentals of-risk-management

‱
‱
Majd Ghanem,MBA
Majd Ghanem,MBA
Business
1 von 13
Downloaden Sie, um offline zu lesen
EWF-644-08 Fundamentals of Risk Management
FUNDAMENTALS OF RISK MANAGEMENT Fundamentals of Risk Management 2
INDEX 1. INTRODUCTION ...............................................................................................................4 2. RISK MANAGEMENT PROCESS PHASES.....................................................................5 2.1 Context definition.....................................................................................................................5 2.2 Risk identification ....................................................................................................................6 2.3. Risk assessment .....................................................................................................................7 2.4 Risk treatment .........................................................................................................................8 2.4.1. Risk transfer ...........................................................................................................................................8 2.4.2. Risk exclusion ........................................................................................................................................9 2.4.3. Risk reduction.........................................................................................................................................9 2.4.4. Acceptance of an amount of the risk......................................................................................................9 2.5 Planning ..................................................................................................................................9 2.6 Communication .....................................................................................................................10 2.7 Checking and supervision .....................................................................................................10 2.8 Process review......................................................................................................................10 3. APPLICABLE REMARKS ...........................................................................................11 4. RISK MANAGEMENT IN WELDING FABRICATION .................................................11 Fundamentals of Risk Management 3
1. INTRODUCTION Each organisation has a “mission” and therefore, in absolutely general terms, it must address the problem of protecting itself against events that can place the pursuit of this fundamental objective “at risk” (and, as a result, all of the preliminary intermediate objectives). Risks, which are understood as “possible damage”, are connected to situations of uncertainty, with possible negative evolution, to which every organisation is exposed in carrying out its business. For a long period of time, companies faced different types of risks in a specific and unconnected manner; today, instead, there are methods of “definition and control”, which are collected in a systematic approach known as “Risk Management”, which provides reasonable defence against the possible verification of harmful events. Risk Management can therefore be defined as “a group of actions that are integrated within the wider context of a company organisation, which are directed toward assessing and measuring possible risk situations as well as elaborating the strategies necessary for managing them”. Obviously, Risk Management can be targeted toward all or only some of the “different types of potential risk”, that is, the specific areas of possible uncertainty that affect the life of a company. Company risks are normally classified within three large categories: − risks inherent to the external context (e.g.: emergence of unfavourable laws and/or regulations; negative changes to market conditions; technological innovations that favour competitors; etc.); − risks inherent to operative management (e.g.: non compliance with contractual requirements; possible loss of market share; possible loss of skills; possible physical damage to personnel; possible environmental pollution; etc.); − risks inherent to financial management (e.g.: difficulty in collecting accounts receivables; unfavourable changes in exchange rates; imbalances in liquidity; etc.). Each of these risks may lead to direct and/or indirect damage to the organisation, with economic implications that may also be considerable in the short, medium and long term. From this point of view, therefore, the attention given to Risk Management, in terms of the quality and quantity of allocated resources, must be congruent, not only with the type of considered risk, Fundamentals of Risk Management 4
but also with the concept of the probability with which a potential negative event could occur and the seriousness of its consequences. A complete management of risks aims to protect, from all points of view: − not only the value already created by the organisation; − but also its future opportunities, favouring secure growth. Choices for correct risk management can widely differ from company to company, depending on the external and internal context in which the company works, for which the concept of a “situational approach” is fully applicable. 2. RISK MANAGEMENT PROCESS PHASES As risks are, due to their nature, strongly connected, they cannot be managed in a fragmented manner by independent functions and/or departments, but a dedicated process is necessary that, as such, requires a structure, an organisation and communication mechanisms. Traditionally, the phases of a Risk Management process are as follows: 1. context definition; 2. risk identification; 3. risk assessment; 4. risk treatment; 5. communication; 6. planning; 7. checking and supervision; 8. process review. To be effective, each of these phases (and, obviously, the entire Risk Management process that unites them), as previously mentioned, must be fully integrated within the wider scope of the company organisation. 2.1 Context definition Context definition implies: − identifying the areas of risk that must be considered, due to the specific combination of market, product/service, manufacturing/supply process as well as external references (institutions, suppliers, banks, unions, etc.); − congruently defining an identification and assessment activity schedule; − organising the necessary resources, starting by defining duties and responsibilities. Fundamentals of Risk Management 5
In this phase, therefore, the limits of the approach are recorded and the base for the development of the operative system is created, having a fundamental concept as reference criteria, which is the knowledge that: − potential risks can involve the organisation on all levels; − the most negative consequences do not necessary refer to risks attributable to the short-sighted behaviour of those who occupy upper management positions. 2.2 Risk identification The next phase, which is related to identifying potential risks and their description, must be confronted by analysing all possible sources of risk (such as, for example: the positions of the stakeholders, market changes, manufacturing errors or work accidents, etc.), within the areas of risk that were taken into consideration when defining the context. The process of identifying potential risks must, in any case, work for the type of organisation and, therefore, for the type of product/service offered and the type of market in which the organisation itself operates; it normally refers to: − the objectives, which the organisation has set for itself; − the scenarios, which the organisation may find it must face in carrying out its business; − the procedures or practice, which the organisation adopts for management and operational purposes. Potential risks do not generally represent an effective risk if the organisation does not have, in reference and at the same time, a specific weakness. This concept, which is based on the modern approach of Risk Management, therefore foresees the creation of a list of “vulnerabilities” (structural, managerial or operative) concerning the areas of risk being considered, over which the corresponding list of the sources of risk must be critically superimposed. Effective risk identification finally requires the support of reasonable confirmations, objective if possible, regarding the correctness of the analysis. These confirmations may be: − of a direct experimental nature (the event has already occurred) − of an indirect experimental nature (the event has already occurred in a similar situation) − of a deductive nature (the cause – effect relationships make the event appear probable). In this way, a “risk profile” is outlined that is specific to each organisation (by context and vulnerability), to which the subsequent actions refer. Fundamentals of Risk Management 6
2.3. Risk assessment When the risks have been identified, they must be assessed (Risk Assessment) based on: − the probability that the negative event will occur; − the seriousness of the direct or indirect consequences of the event itself. This assessment can be more or less simple, based upon the specific situation, as what is relevant for the purpose is the availability of usable statistical data as well as validated analysis procedures. The statistical data (usable) and the analysis procedures (validated) can only be acquired from similar (or apparently similar) situations if done in an extremely prudent manner and only after having verified the transferability of the conditions concerning both the sources of risk and vulnerability. From the above, in conclusion, it results that the risk assessment process generally follows paths of analysis within an organisation that, in reference to: − the likelihood of an event, refer to the potentiality of the relative risk source, the extent of the specific possible vulnerability and the level of effectiveness of the pre-existing control and reaction instruments; − the seriousness of the consequences also refers, in addition to the type and extent of the damage, to the involved objectives (in a decreasing order of importance: the mission, the structure, the organisation and operations). Each potential risk must, however, be perceived with greater or less intensity, with regard to the real risk content, based upon the “force” with which the relevant information is made available, especially when there are specific sensibilities. Therefore, the assessment process requires a constant engagement directed toward the objectivity of the judgments, in fact, if the risks are assessed in an irrational manner and their corresponding priority is assigned in an improper manner, there could be a lack of coverage and/or defence and useful resources could be wasted that, if better applied, could lead to more effective management. Once probability and consequences have been established, a “risk matrix” is usually prepared that relates to the “risk profile” created in the previous phase. Fundamentals of Risk Management 7
Likelihoodoftheevent Seriousness of the consequences RISK Figure 1 – Risk matrix” 2.4 Risk treatment The treatment of the potential risks (Risk Treatment) is the phase in which the decision making processes become particularly important. It includes, either alternatively or in combination, one or more of the following conditions: − the transfer of the risk; − the exclusion of the risk; − the reduction of the risk; − the acceptance of the risk or an amount of the risk. The selection of one or more of the previous conditions largely depends on the specific company situation (that is, the company’s internal and external context as well as the company’s real possibility to confront both of these contexts) and must be based on a cost-benefit analysis that is as quantitative as possible in reference to the short, medium and long-term period. 2.4.1. Risk transfer This condition foresees the persuasion of another party to accept the risk, through a contract. This is a typical case that concerns insurance companies, which is applied often when possible (for example, liabilities of a criminal nature cannot be transferred) even if at times it is done in a general manner and not, rather, in function of the specific organisation (tailored covering). Fundamentals of Risk Management 8
2.4.2. Risk exclusion This condition foresees the non-execution of the activity that involves a risk that cannot be transferred and/or is considered to be unacceptable. Naturally, the result is a loss of opportunity that the activity at risk would have represented in any case. 2.4.3. Risk reduction This condition involves the adoption of managerial, technological and behavioural actions that lower the probability of risk and/or the seriousness of the possible consequences. The persistence of residual risk is often, in any case, unavoidable both for reasons inherent to the context (institutional, managerial, technological, etc.) in which the organisation operates, as well as for the possible simplifications and/or omissions of the analysis. 2.4.4. Acceptance of an amount of the risk All risks (or amounts of risk) that are not transferred and not excluded are, as a result, accepted. The conscious acceptance of residual risk occurs, in general, when at least one of the following conditions applies: − sufficiently low probability of the event; − consequences of the event are proportionally of little relevance; − great benefits if successful. The risk (or the amount of risk) that is accepted must subsequently be controlled in agreement with what is foreseen by the following paragraph. 2.5 Planning Planning defines the risk control methods, that is: − the acquisition, interpretation, sending and/or storing of incoming data for the control process; − the appropriate level and localisation for the decisions and actions connected to each type and condition of risk; − the operative procedures and/or practice; − the control instruments; − the acquisition, interpretation, sending and/or storing of output data from the control process. If the control plan is sufficiently broad and complex, it is recommended that the position of a Risk Manager is created, as it is an important position that is mainly directed toward coordinating all activities and their communication, although it does not have any direct responsibility for the risk Fundamentals of Risk Management 9
itself. The planning activity is documented and collected in a Risk Management Plan. 2.6 Communication The profile, the matrix, the risk treatment (including the cost-benefit analysis) and the control planning must be documented in detail in a Risk Management Report, which must be presented to all personnel that is involved in any manner and who must not only acknowledge it, but must also share in the approach and evolution, each for his or her own area of interest and according to each person’s level of responsibility. If information only should not be enough, targeted training courses should be developed with the purpose of making the Risk Management Report an effective management instrument. The Risk Management Report constitutes the document of reference for the entire Risk Management process. 2.7 Checking and supervision Checking and supervision over time concerns (whenever applicable and possible) all control instruments (technical and managerial, preventive and supervisory, evasive and reactive, etc.) that were implemented, or planned to be implemented, in compliance with the Risk Management Plan, in order to verify its efficiency and effectiveness. The checking and supervision results must be documented, evaluated and recorded. 2.8 Process review Risk Management is a dynamic process and therefore it must be reviewed in a sufficiently frequent manner (Risk Management Review), based upon the experience gathered in a direct manner (within the organisation) or indirectly (outside of the organisation, in similar and comparable situations), with the purpose of: − evaluating possible evolutions that concern any phase of the process, which could cause changes to the risk profile, matrix and/or treatment (for example, but not only: a different risk context, a different criterion regarding the acceptable risk, a different cost-benefit analysis, etc.); − evaluating the efficiency and effectiveness of the adopted Risk Management Plan ; evaluating the checking and supervising results. If revisions are made, another Risk Management Report must be created that is updated with regard to the changes that were made. Fundamentals of Risk Management 10
3. APPLICABLE REMARKS As already mentioned, companies have basically always controlled many of the main risk conditions in a manner that is often not very coordinated and with little awareness, as their main objective has been the recovery of damage rather than managing the causes. This control is normally carried out by professional people that belong to the organisation: − in operative positions (e.g.: technical manager, sales manager, marketing manager, administrative manager , human resources manager) − in staff positions (e.g.: quality manager, safety manager, environmental manager), − in consultancy relationships with the organisation itself (for ex.: chartered accountant, insurance broker, legal council). Each of these professional figures faces specific risk sources, sometimes in an implicit manner, in a non-systematic context, which can refer to general management that acts through function-based interventions. In practice, therefore, this is a costly and not very effective condition. Risk Management intends, therefore, to be an “approach that aims to optimise resources, skills and behaviours, with respect to a specific risk/coverage/control configuration, which is created based on a cost/benefit analysis that takes the main external and internal parameters, that distinguish the organisation, into account". The level of using and implementing the Risk Management process, which is understood as a separate process, increases steadily. Risk management is now more often correctly perceived, and by a growing number of companies, no longer as a comparison between separate coverage alternatives, but rather as an instrument that, with respect to a reasonable operating cost, can involve considerable competitive advantages, allowing capital to be used more efficiently, reducing the volatility of the results and improving profitability. 4. RISK MANAGEMENT IN WELDING FABRICATION As Risk Management is, as has been seen, a strongly situationally-based process (that is, depending on the specific situation in which the process itself evolves), the approach to the manufacturing of welded products can only be limited to, generally speaking, identifying the potential areas of risk in the context of reference. In fact: Fundamentals of Risk Management 11
Fundamentals of Risk Management 12 − the transformation of potential risks into effective risks, − their evaluation in terms of the probability of the event and the seriousness of the consequences, − their treatment widely depend on both: − the vulnerability, on the one hand − the potentiality, on the other of the organisation that manufactures the welded products. This dependency upon the vulnerability and potentiality of the organisation, which is always present, is particularly true in the case of welding based manufacturing, which relies on a complex technology in which discretional human intervention is often still significantly necessary 1 . In order to efficiently manage the potential risks, the determining elements therefore are: − the comprehensive knowledge of all specific aspects of the manufacturing process; − the skill of the involved personnel. It goes without saying that as the manufacturing process uses more automated equipment and/or procedures in all of its phases, the process control (also from the point of view of transforming potential risks into effective risks) relies more on the validation of the equipment and the procedures themselves and their integration within the system. In manufacturing welded products, as with any other product, the main potential areas at risk include − technical aspects; − safety aspects; − environmental aspects; These potential areas of risk are connected to: − both the technological manufacturing process − as well as the capability of the company organisation to keep the manufacturing process itself under control. With regard to the manufacturing process, potential risks exist, obviously, in all phases of creating 1 Welding is a “special process”, in which product quality cannot be evaluated only through final checks, but requires the continuous application of process control.
the welded product, also in those that could appear to be irrelevant. Some of these, however, due to their nature and/or their importance, are associated with greater risk potential, which certainly include: − the revision of the manufacturing and control specifications (logistical conditions, available spaces and movement potentiality, available technology, achievement of the requirements etc.); − the sub-supply (supplier qualification, information transfer, control capability, etc); − material management and preparation (storage and handling, sand blasting, thermal or mechanical cutting, machine moulding and/or working, edge preparation, etc.); − the skill of the personnel (qualification, updating, specific experience, etc.); − suitability of the equipment (type and potentiality, maintenance, validation and calibration, etc.); − manufacturing operations (assembly, preheating, welding, thermal treatments, etc.); − control operations (chemical and physical tests, non destructive checks, hydraulic test, etc.); − final treatments (mechanical working, surface treatments, painting, etc.). With regard to the company organisation, the following is relevant: − the allocation of responsibilities (Welding coordinator, Protection and prevention service manager, Environmental aspects manager, etc.) and resources; − the procedures or operative and managerial references (Guidelines from the 'European Welding Federation - EWF and/or the International Instituteof Welding - IIW, etc.). All of these three potential risk areas can be substantiated, in the final analysis, in damage of the following nature: − commercial (for example, loss of market share); − financial (for example, the creation of additional manufacturing costs); − contractual (for example, requests for damage in civil proceedings); − regulatory/legislative (for example, calls for administrative and/or criminal liability). In conclusion, therefore, the safe management of the welding-based manufacturing 1process involves the organisation’s capability of systematically guaranteeing the requirements foreseen for the product, in a context that pays attention to: − the market; − responsibilities (possible sources of potential risk) of any type connected to it. This capability represents an essential “asset”, as it is in fact impossible to create any industrial profit without effective and far-sighted company management. Fundamentals of Risk Management 13

Empfohlen

Enterprise-wide Risk Assessment Presentation, dated 03-08-11
Enterprise-wide Risk Assessment Presentation, dated 03-08-11Enterprise-wide Risk Assessment Presentation, dated 03-08-11
Enterprise-wide Risk Assessment Presentation, dated 03-08-11
wcooling
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
Eneni Oduwole
 
Risk management concepts and learning
Risk management concepts and learningRisk management concepts and learning
Risk management concepts and learning
Vanita Ahuja
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentals
mikaelastafrace
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessment
primeteacher32
 
Risk Management
Risk ManagementRisk Management
Risk Management
Kinza Razzaq
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)
Adnan Naseem
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
JIGNESH PADIA
 

Empfohlen

Enterprise-wide Risk Assessment Presentation, dated 03-08-11
Enterprise-wide Risk Assessment Presentation, dated 03-08-11Enterprise-wide Risk Assessment Presentation, dated 03-08-11
Enterprise-wide Risk Assessment Presentation, dated 03-08-11
wcooling
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
Eneni Oduwole
 
Risk management concepts and learning
Risk management concepts and learningRisk management concepts and learning
Risk management concepts and learning
Vanita Ahuja
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentals
mikaelastafrace
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessment
primeteacher32
 
Risk Management
Risk ManagementRisk Management
Risk Management
Kinza Razzaq
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)
Adnan Naseem
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
JIGNESH PADIA
 
Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)
Narudom Roongsiriwong, CISSP
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
Danang suryo Wardhono
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
Elliott Franklin
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity Plan
Marcelo Silva
 
Risk Management
Risk ManagementRisk Management
Risk Management
Shahan Ullah
 
11.4 Perform Quantitative Risk Analysis
11.4 Perform Quantitative Risk Analysis11.4 Perform Quantitative Risk Analysis
11.4 Perform Quantitative Risk Analysis
DavidMcLachlan1
 
Business continuity planning and disaster recovery
Business continuity planning and disaster recoveryBusiness continuity planning and disaster recovery
Business continuity planning and disaster recovery
madunix
 
Risk Management module PowerPoint Presentation Slides
Risk Management module PowerPoint Presentation SlidesRisk Management module PowerPoint Presentation Slides
Risk Management module PowerPoint Presentation Slides
SlideTeam
 
Security risk management
Security risk managementSecurity risk management
Security risk management
G Prachi
 
Introduction to Risk Management
Introduction to Risk ManagementIntroduction to Risk Management
Introduction to Risk Management
FAA Safety Team Central Florida
 
Risk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesRisk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniques
ILRI
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
Karthikeyan Dhayalan
 
Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...
Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...
Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...
Eric Campbell
 
Disaster Recovery Plan
Disaster Recovery Plan Disaster Recovery Plan
Disaster Recovery Plan
Emilie Gray
 
Operational risk & incident reporting
Operational risk & incident reportingOperational risk & incident reporting
Operational risk & incident reporting
ShivaLeela Choudary
 
Risk management
Risk management Risk management
Risk management
Sushrut Gautam
 
Enterprise Risk Management.pdf
Enterprise Risk Management.pdfEnterprise Risk Management.pdf
Enterprise Risk Management.pdf
Self Employed
 
Integrated Risk Management 101
Integrated Risk Management 101Integrated Risk Management 101
Integrated Risk Management 101
Resolver Inc.
 
Risk management
Risk managementRisk management
Risk management
Harold Malamion
 
Risk management
Risk managementRisk management
Risk management
baderali2141
 
Fundamentals Of Risk Management
Fundamentals Of Risk ManagementFundamentals Of Risk Management
Fundamentals Of Risk Management
Dr David Hancock
 
Ecommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate Summit
Ecommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate SummitEcommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate Summit
Ecommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate Summit
Michael Vorel
 

Weitere Àhnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity Plan
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
11.4 Perform Quantitative Risk Analysis
11.4 Perform Quantitative Risk Analysis11.4 Perform Quantitative Risk Analysis
11.4 Perform Quantitative Risk Analysis
 
Business continuity planning and disaster recovery
Business continuity planning and disaster recoveryBusiness continuity planning and disaster recovery
Business continuity planning and disaster recovery
 
Risk Management module PowerPoint Presentation Slides
Risk Management module PowerPoint Presentation SlidesRisk Management module PowerPoint Presentation Slides
Risk Management module PowerPoint Presentation Slides
 
Security risk management
Security risk managementSecurity risk management
Security risk management
 
Introduction to Risk Management
Introduction to Risk ManagementIntroduction to Risk Management
Introduction to Risk Management
 
Risk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesRisk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniques
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
 
Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...
Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...
Risk Appetite & Risk Tolerance: Improving their application from Abstract to ...
 
Disaster Recovery Plan
Disaster Recovery Plan Disaster Recovery Plan
Disaster Recovery Plan
 
Operational risk & incident reporting
Operational risk & incident reportingOperational risk & incident reporting
Operational risk & incident reporting
 
Risk management
Risk management Risk management
Risk management
 
Enterprise Risk Management.pdf
Enterprise Risk Management.pdfEnterprise Risk Management.pdf
Enterprise Risk Management.pdf
 
Integrated Risk Management 101
Integrated Risk Management 101Integrated Risk Management 101
Integrated Risk Management 101
 
Risk management
Risk managementRisk management
Risk management
 
Risk management
Risk managementRisk management
Risk management
 

Andere mochten auch

Fundamentals of Risk Management
Fundamentals of Risk ManagementFundamentals of Risk Management
Fundamentals of Risk Management
Kristyn Dunstan
 
Risk assessment
Risk assessmentRisk assessment
Risk assessment
doogstone
 
E commerce ppt
E commerce pptE commerce ppt
E commerce ppt
Munish Singla
 

Andere mochten auch (10)

Fundamentals Of Risk Management
Fundamentals Of Risk ManagementFundamentals Of Risk Management
Fundamentals Of Risk Management
 
Ecommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate Summit
Ecommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate SummitEcommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate Summit
Ecommerce Strategy & Affiliate Marketing | Michael Vorel | Affiliate Summit
 
Green Manufacturing
Green ManufacturingGreen Manufacturing
Green Manufacturing
 
eCommerce Strategy In-a-Box
eCommerce Strategy In-a-BoxeCommerce Strategy In-a-Box
eCommerce Strategy In-a-Box
 
How to Build a Customer-Centric eCommerce Strategy
How to Build a Customer-Centric eCommerce StrategyHow to Build a Customer-Centric eCommerce Strategy
How to Build a Customer-Centric eCommerce Strategy
 
eCommerce 2015 Competitive strategy
eCommerce 2015 Competitive strategyeCommerce 2015 Competitive strategy
eCommerce 2015 Competitive strategy
 
Fundamentals of Risk Management
Fundamentals of Risk ManagementFundamentals of Risk Management
Fundamentals of Risk Management
 
Risk assessment
Risk assessmentRisk assessment
Risk assessment
 
Fundamentals of Project Management
Fundamentals of Project ManagementFundamentals of Project Management
Fundamentals of Project Management
 
E commerce ppt
E commerce pptE commerce ppt
E commerce ppt
 

Ähnlich wie Fundamentals of-risk-management

AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
ransayo
 
Pm0016 set-1
Pm0016 set-1Pm0016 set-1
Pm0016 set-1
Paul Hunt
 
Syllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docxSyllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docx
Yoyo Sudaryo
 
Pp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and controlPp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and control
Erwin Morales
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 

Ähnlich wie Fundamentals of-risk-management (20)

Atila Kas
Atila KasAtila Kas
Atila Kas
 
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
 
Pm0016 set-1
Pm0016 set-1Pm0016 set-1
Pm0016 set-1
 
An introduction to finance
An introduction to financeAn introduction to finance
An introduction to finance
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management Standard
 
Auditing supply chain risk_management
Auditing supply chain risk_management Auditing supply chain risk_management
Auditing supply chain risk_management
 
The Core Competencies of a Professional Risk Manager
The Core Competencies of a Professional Risk ManagerThe Core Competencies of a Professional Risk Manager
The Core Competencies of a Professional Risk Manager
 
Risk management
Risk managementRisk management
Risk management
 
Syllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docxSyllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docx
 
The five structural columns of risk analysis techniques
The five structural columns of risk analysis techniquesThe five structural columns of risk analysis techniques
The five structural columns of risk analysis techniques
 
Rmp
RmpRmp
Rmp
 
Building out a Robust and Efficient Risk Management - Alan Cheung
Building out a Robust and Efficient Risk Management - Alan CheungBuilding out a Robust and Efficient Risk Management - Alan Cheung
Building out a Robust and Efficient Risk Management - Alan Cheung
 
Chapter 5 - Risk Management - 2nd Semester - M.Com - Bangalore University
Chapter 5 - Risk Management - 2nd Semester - M.Com - Bangalore UniversityChapter 5 - Risk Management - 2nd Semester - M.Com - Bangalore University
Chapter 5 - Risk Management - 2nd Semester - M.Com - Bangalore University
 
Risk management standard 030820
Risk management standard 030820 Risk management standard 030820
Risk management standard 030820
 
Pp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and controlPp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and control
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 

Mehr von Majd Ghanem,MBA

Financial modeling presentation
Financial modeling presentationFinancial modeling presentation
Financial modeling presentation
Majd Ghanem,MBA
 
Ibm case study financial report
Ibm case study financial reportIbm case study financial report
Ibm case study financial report
Majd Ghanem,MBA
 

Mehr von Majd Ghanem,MBA (6)

Valuation presentation
Valuation presentationValuation presentation
Valuation presentation
 
Financial modeling presentation
Financial modeling presentationFinancial modeling presentation
Financial modeling presentation
 
Vba outline excel
Vba outline excelVba outline excel
Vba outline excel
 
Financial reports
Financial reportsFinancial reports
Financial reports
 
Ibm case study financial report
Ibm case study financial reportIbm case study financial report
Ibm case study financial report
 
WFG Promo guideline
WFG Promo guideline WFG Promo guideline
WFG Promo guideline
 

KĂŒrzlich hochgeladen

Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
pujan9679
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
allensay1
 
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book nowPARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
kapoorjyoti4444
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
pr788182
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
gargpaaro
 

KĂŒrzlich hochgeladen (20)

Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NSCROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
Berhampur CALL GIRL❀7091819311❀CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❀7091819311❀CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❀7091819311❀CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❀7091819311❀CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
 
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book nowPARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
 
Cannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 UpdatedCannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 Updated
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 

Fundamentals of-risk-management

  • 3. INDEX 1. INTRODUCTION ...............................................................................................................4 2. RISK MANAGEMENT PROCESS PHASES.....................................................................5 2.1 Context definition.....................................................................................................................5 2.2 Risk identification ....................................................................................................................6 2.3. Risk assessment .....................................................................................................................7 2.4 Risk treatment .........................................................................................................................8 2.4.1. Risk transfer ...........................................................................................................................................8 2.4.2. Risk exclusion ........................................................................................................................................9 2.4.3. Risk reduction.........................................................................................................................................9 2.4.4. Acceptance of an amount of the risk......................................................................................................9 2.5 Planning ..................................................................................................................................9 2.6 Communication .....................................................................................................................10 2.7 Checking and supervision .....................................................................................................10 2.8 Process review......................................................................................................................10 3. APPLICABLE REMARKS ...........................................................................................11 4. RISK MANAGEMENT IN WELDING FABRICATION .................................................11 Fundamentals of Risk Management 3
  • 4. 1. INTRODUCTION Each organisation has a “mission” and therefore, in absolutely general terms, it must address the problem of protecting itself against events that can place the pursuit of this fundamental objective “at risk” (and, as a result, all of the preliminary intermediate objectives). Risks, which are understood as “possible damage”, are connected to situations of uncertainty, with possible negative evolution, to which every organisation is exposed in carrying out its business. For a long period of time, companies faced different types of risks in a specific and unconnected manner; today, instead, there are methods of “definition and control”, which are collected in a systematic approach known as “Risk Management”, which provides reasonable defence against the possible verification of harmful events. Risk Management can therefore be defined as “a group of actions that are integrated within the wider context of a company organisation, which are directed toward assessing and measuring possible risk situations as well as elaborating the strategies necessary for managing them”. Obviously, Risk Management can be targeted toward all or only some of the “different types of potential risk”, that is, the specific areas of possible uncertainty that affect the life of a company. Company risks are normally classified within three large categories: − risks inherent to the external context (e.g.: emergence of unfavourable laws and/or regulations; negative changes to market conditions; technological innovations that favour competitors; etc.); − risks inherent to operative management (e.g.: non compliance with contractual requirements; possible loss of market share; possible loss of skills; possible physical damage to personnel; possible environmental pollution; etc.); − risks inherent to financial management (e.g.: difficulty in collecting accounts receivables; unfavourable changes in exchange rates; imbalances in liquidity; etc.). Each of these risks may lead to direct and/or indirect damage to the organisation, with economic implications that may also be considerable in the short, medium and long term. From this point of view, therefore, the attention given to Risk Management, in terms of the quality and quantity of allocated resources, must be congruent, not only with the type of considered risk, Fundamentals of Risk Management 4
  • 5. but also with the concept of the probability with which a potential negative event could occur and the seriousness of its consequences. A complete management of risks aims to protect, from all points of view: − not only the value already created by the organisation; − but also its future opportunities, favouring secure growth. Choices for correct risk management can widely differ from company to company, depending on the external and internal context in which the company works, for which the concept of a “situational approach” is fully applicable. 2. RISK MANAGEMENT PROCESS PHASES As risks are, due to their nature, strongly connected, they cannot be managed in a fragmented manner by independent functions and/or departments, but a dedicated process is necessary that, as such, requires a structure, an organisation and communication mechanisms. Traditionally, the phases of a Risk Management process are as follows: 1. context definition; 2. risk identification; 3. risk assessment; 4. risk treatment; 5. communication; 6. planning; 7. checking and supervision; 8. process review. To be effective, each of these phases (and, obviously, the entire Risk Management process that unites them), as previously mentioned, must be fully integrated within the wider scope of the company organisation. 2.1 Context definition Context definition implies: − identifying the areas of risk that must be considered, due to the specific combination of market, product/service, manufacturing/supply process as well as external references (institutions, suppliers, banks, unions, etc.); − congruently defining an identification and assessment activity schedule; − organising the necessary resources, starting by defining duties and responsibilities. Fundamentals of Risk Management 5
  • 6. In this phase, therefore, the limits of the approach are recorded and the base for the development of the operative system is created, having a fundamental concept as reference criteria, which is the knowledge that: − potential risks can involve the organisation on all levels; − the most negative consequences do not necessary refer to risks attributable to the short-sighted behaviour of those who occupy upper management positions. 2.2 Risk identification The next phase, which is related to identifying potential risks and their description, must be confronted by analysing all possible sources of risk (such as, for example: the positions of the stakeholders, market changes, manufacturing errors or work accidents, etc.), within the areas of risk that were taken into consideration when defining the context. The process of identifying potential risks must, in any case, work for the type of organisation and, therefore, for the type of product/service offered and the type of market in which the organisation itself operates; it normally refers to: − the objectives, which the organisation has set for itself; − the scenarios, which the organisation may find it must face in carrying out its business; − the procedures or practice, which the organisation adopts for management and operational purposes. Potential risks do not generally represent an effective risk if the organisation does not have, in reference and at the same time, a specific weakness. This concept, which is based on the modern approach of Risk Management, therefore foresees the creation of a list of “vulnerabilities” (structural, managerial or operative) concerning the areas of risk being considered, over which the corresponding list of the sources of risk must be critically superimposed. Effective risk identification finally requires the support of reasonable confirmations, objective if possible, regarding the correctness of the analysis. These confirmations may be: − of a direct experimental nature (the event has already occurred) − of an indirect experimental nature (the event has already occurred in a similar situation) − of a deductive nature (the cause – effect relationships make the event appear probable). In this way, a “risk profile” is outlined that is specific to each organisation (by context and vulnerability), to which the subsequent actions refer. Fundamentals of Risk Management 6
  • 7. 2.3. Risk assessment When the risks have been identified, they must be assessed (Risk Assessment) based on: − the probability that the negative event will occur; − the seriousness of the direct or indirect consequences of the event itself. This assessment can be more or less simple, based upon the specific situation, as what is relevant for the purpose is the availability of usable statistical data as well as validated analysis procedures. The statistical data (usable) and the analysis procedures (validated) can only be acquired from similar (or apparently similar) situations if done in an extremely prudent manner and only after having verified the transferability of the conditions concerning both the sources of risk and vulnerability. From the above, in conclusion, it results that the risk assessment process generally follows paths of analysis within an organisation that, in reference to: − the likelihood of an event, refer to the potentiality of the relative risk source, the extent of the specific possible vulnerability and the level of effectiveness of the pre-existing control and reaction instruments; − the seriousness of the consequences also refers, in addition to the type and extent of the damage, to the involved objectives (in a decreasing order of importance: the mission, the structure, the organisation and operations). Each potential risk must, however, be perceived with greater or less intensity, with regard to the real risk content, based upon the “force” with which the relevant information is made available, especially when there are specific sensibilities. Therefore, the assessment process requires a constant engagement directed toward the objectivity of the judgments, in fact, if the risks are assessed in an irrational manner and their corresponding priority is assigned in an improper manner, there could be a lack of coverage and/or defence and useful resources could be wasted that, if better applied, could lead to more effective management. Once probability and consequences have been established, a “risk matrix” is usually prepared that relates to the “risk profile” created in the previous phase. Fundamentals of Risk Management 7
  • 8. Likelihoodoftheevent Seriousness of the consequences RISK Figure 1 – Risk matrix” 2.4 Risk treatment The treatment of the potential risks (Risk Treatment) is the phase in which the decision making processes become particularly important. It includes, either alternatively or in combination, one or more of the following conditions: − the transfer of the risk; − the exclusion of the risk; − the reduction of the risk; − the acceptance of the risk or an amount of the risk. The selection of one or more of the previous conditions largely depends on the specific company situation (that is, the company’s internal and external context as well as the company’s real possibility to confront both of these contexts) and must be based on a cost-benefit analysis that is as quantitative as possible in reference to the short, medium and long-term period. 2.4.1. Risk transfer This condition foresees the persuasion of another party to accept the risk, through a contract. This is a typical case that concerns insurance companies, which is applied often when possible (for example, liabilities of a criminal nature cannot be transferred) even if at times it is done in a general manner and not, rather, in function of the specific organisation (tailored covering). Fundamentals of Risk Management 8
  • 9. 2.4.2. Risk exclusion This condition foresees the non-execution of the activity that involves a risk that cannot be transferred and/or is considered to be unacceptable. Naturally, the result is a loss of opportunity that the activity at risk would have represented in any case. 2.4.3. Risk reduction This condition involves the adoption of managerial, technological and behavioural actions that lower the probability of risk and/or the seriousness of the possible consequences. The persistence of residual risk is often, in any case, unavoidable both for reasons inherent to the context (institutional, managerial, technological, etc.) in which the organisation operates, as well as for the possible simplifications and/or omissions of the analysis. 2.4.4. Acceptance of an amount of the risk All risks (or amounts of risk) that are not transferred and not excluded are, as a result, accepted. The conscious acceptance of residual risk occurs, in general, when at least one of the following conditions applies: − sufficiently low probability of the event; − consequences of the event are proportionally of little relevance; − great benefits if successful. The risk (or the amount of risk) that is accepted must subsequently be controlled in agreement with what is foreseen by the following paragraph. 2.5 Planning Planning defines the risk control methods, that is: − the acquisition, interpretation, sending and/or storing of incoming data for the control process; − the appropriate level and localisation for the decisions and actions connected to each type and condition of risk; − the operative procedures and/or practice; − the control instruments; − the acquisition, interpretation, sending and/or storing of output data from the control process. If the control plan is sufficiently broad and complex, it is recommended that the position of a Risk Manager is created, as it is an important position that is mainly directed toward coordinating all activities and their communication, although it does not have any direct responsibility for the risk Fundamentals of Risk Management 9
  • 10. itself. The planning activity is documented and collected in a Risk Management Plan. 2.6 Communication The profile, the matrix, the risk treatment (including the cost-benefit analysis) and the control planning must be documented in detail in a Risk Management Report, which must be presented to all personnel that is involved in any manner and who must not only acknowledge it, but must also share in the approach and evolution, each for his or her own area of interest and according to each person’s level of responsibility. If information only should not be enough, targeted training courses should be developed with the purpose of making the Risk Management Report an effective management instrument. The Risk Management Report constitutes the document of reference for the entire Risk Management process. 2.7 Checking and supervision Checking and supervision over time concerns (whenever applicable and possible) all control instruments (technical and managerial, preventive and supervisory, evasive and reactive, etc.) that were implemented, or planned to be implemented, in compliance with the Risk Management Plan, in order to verify its efficiency and effectiveness. The checking and supervision results must be documented, evaluated and recorded. 2.8 Process review Risk Management is a dynamic process and therefore it must be reviewed in a sufficiently frequent manner (Risk Management Review), based upon the experience gathered in a direct manner (within the organisation) or indirectly (outside of the organisation, in similar and comparable situations), with the purpose of: − evaluating possible evolutions that concern any phase of the process, which could cause changes to the risk profile, matrix and/or treatment (for example, but not only: a different risk context, a different criterion regarding the acceptable risk, a different cost-benefit analysis, etc.); − evaluating the efficiency and effectiveness of the adopted Risk Management Plan ; evaluating the checking and supervising results. If revisions are made, another Risk Management Report must be created that is updated with regard to the changes that were made. Fundamentals of Risk Management 10
  • 11. 3. APPLICABLE REMARKS As already mentioned, companies have basically always controlled many of the main risk conditions in a manner that is often not very coordinated and with little awareness, as their main objective has been the recovery of damage rather than managing the causes. This control is normally carried out by professional people that belong to the organisation: − in operative positions (e.g.: technical manager, sales manager, marketing manager, administrative manager , human resources manager) − in staff positions (e.g.: quality manager, safety manager, environmental manager), − in consultancy relationships with the organisation itself (for ex.: chartered accountant, insurance broker, legal council). Each of these professional figures faces specific risk sources, sometimes in an implicit manner, in a non-systematic context, which can refer to general management that acts through function-based interventions. In practice, therefore, this is a costly and not very effective condition. Risk Management intends, therefore, to be an “approach that aims to optimise resources, skills and behaviours, with respect to a specific risk/coverage/control configuration, which is created based on a cost/benefit analysis that takes the main external and internal parameters, that distinguish the organisation, into account". The level of using and implementing the Risk Management process, which is understood as a separate process, increases steadily. Risk management is now more often correctly perceived, and by a growing number of companies, no longer as a comparison between separate coverage alternatives, but rather as an instrument that, with respect to a reasonable operating cost, can involve considerable competitive advantages, allowing capital to be used more efficiently, reducing the volatility of the results and improving profitability. 4. RISK MANAGEMENT IN WELDING FABRICATION As Risk Management is, as has been seen, a strongly situationally-based process (that is, depending on the specific situation in which the process itself evolves), the approach to the manufacturing of welded products can only be limited to, generally speaking, identifying the potential areas of risk in the context of reference. In fact: Fundamentals of Risk Management 11
  • 12. Fundamentals of Risk Management 12 − the transformation of potential risks into effective risks, − their evaluation in terms of the probability of the event and the seriousness of the consequences, − their treatment widely depend on both: − the vulnerability, on the one hand − the potentiality, on the other of the organisation that manufactures the welded products. This dependency upon the vulnerability and potentiality of the organisation, which is always present, is particularly true in the case of welding based manufacturing, which relies on a complex technology in which discretional human intervention is often still significantly necessary 1 . In order to efficiently manage the potential risks, the determining elements therefore are: − the comprehensive knowledge of all specific aspects of the manufacturing process; − the skill of the involved personnel. It goes without saying that as the manufacturing process uses more automated equipment and/or procedures in all of its phases, the process control (also from the point of view of transforming potential risks into effective risks) relies more on the validation of the equipment and the procedures themselves and their integration within the system. In manufacturing welded products, as with any other product, the main potential areas at risk include − technical aspects; − safety aspects; − environmental aspects; These potential areas of risk are connected to: − both the technological manufacturing process − as well as the capability of the company organisation to keep the manufacturing process itself under control. With regard to the manufacturing process, potential risks exist, obviously, in all phases of creating 1 Welding is a “special process”, in which product quality cannot be evaluated only through final checks, but requires the continuous application of process control.
  • 13. the welded product, also in those that could appear to be irrelevant. Some of these, however, due to their nature and/or their importance, are associated with greater risk potential, which certainly include: − the revision of the manufacturing and control specifications (logistical conditions, available spaces and movement potentiality, available technology, achievement of the requirements etc.); − the sub-supply (supplier qualification, information transfer, control capability, etc); − material management and preparation (storage and handling, sand blasting, thermal or mechanical cutting, machine moulding and/or working, edge preparation, etc.); − the skill of the personnel (qualification, updating, specific experience, etc.); − suitability of the equipment (type and potentiality, maintenance, validation and calibration, etc.); − manufacturing operations (assembly, preheating, welding, thermal treatments, etc.); − control operations (chemical and physical tests, non destructive checks, hydraulic test, etc.); − final treatments (mechanical working, surface treatments, painting, etc.). With regard to the company organisation, the following is relevant: − the allocation of responsibilities (Welding coordinator, Protection and prevention service manager, Environmental aspects manager, etc.) and resources; − the procedures or operative and managerial references (Guidelines from the 'European Welding Federation - EWF and/or the International Instituteof Welding - IIW, etc.). All of these three potential risk areas can be substantiated, in the final analysis, in damage of the following nature: − commercial (for example, loss of market share); − financial (for example, the creation of additional manufacturing costs); − contractual (for example, requests for damage in civil proceedings); − regulatory/legislative (for example, calls for administrative and/or criminal liability). In conclusion, therefore, the safe management of the welding-based manufacturing 1process involves the organisation’s capability of systematically guaranteeing the requirements foreseen for the product, in a context that pays attention to: − the market; − responsibilities (possible sources of potential risk) of any type connected to it. This capability represents an essential “asset”, as it is in fact impossible to create any industrial profit without effective and far-sighted company management. Fundamentals of Risk Management 13