SlideShare ist ein Scribd-Unternehmen logo

Risk Mgt

M
Morris Muhwezi
1 von 30
Downloaden Sie, um offline zu lesen
A new wave sweeping global business Risk Management as a corporate enterprise and business strategy
Risk – Risk is a function of the likelihood of something happening and the degree of losing which arises from a situation or activity. Losses can be direct or indirect. – “Risks are usually defined by the adverse impact on profitability of several distinct sources of uncertainty” (Partnerships BC, 2005 and NIST, 2004). NB: Risks are usually defined by the adverse impact on profitability of several distinct sources of uncertainty. While the types and degree of risks an organization may be exposed to depend upon a number of factors such as its size, complexity business activities, volume etc” (SBP, 2003, p.1)
Risk [cont’d] Risk can also be views as „Probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through pre-emptive action.‟ (George, 2008)
RISK APPETITE
RISK APPETITE It is the level of risk that an organization is prepared to accept, before action is deemed necessary to reduce it. It represents a balance between the potential benefits of innovation and the threats that change inevitably brings. NOTE: It can guide people on the level of risk permitted and encourage consistency of approach across an organization.
Levels of risk appetite a) Averse: Avoidance of risk and uncertainty is a key organization objective. b) Minimal: Preference for ultra-safe options that are low risk and only have a potential for limited reward. c) Cautious: Preference for safe options that have a low degree of risk and may only have limited potential for reward. d) Open: Willing to consider all potential options and choose the one most likely to result in successful delivery, while also providing an acceptable level of reward and value for money. e) Hungry: Eager to be innovative and to choose options offering potentially higher business rewards, despite greater inherent risk. NB: Defined acceptable levels of risk also means that resources are not spent on further reducing risks that are already at an acceptable level.
Risk management(RM) Risk management(RM) is define as: a. The process to eliminate, reduce and control risks. b. It involves identifying, analyzing, measuring, monitoring and controlling risks. c. Reducing the negative and emerging opportunities. d. Achievement of business strategy and objectives. [Anderson and Terp (2006)] These present the different views to consider in RM
OBJECTIVES OF RISK MGT To Maximize the potential of success To Minimize the probability of future losses. To reduce the severity of risk exposures To offer better corporate imagery to firms
Risk Management Cycle
Risk Management process Defined as "the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analyzing, assessing, treating, monitoring and communicating risk".(AS/NZS 4360:2004)
RISK MGT PROCESS 1. Communicate and consult Communication and consultation aim to identify who should be involved in the assessment of risk including identification, analysis and evaluation and who will be involved in the treatment, monitoring and reviewing of risk. (Standards Australia and Standards New Zealand, 2004). 2.Establish the context By establishing the context, the organization defines the parameters to be taken into account when managing risk, and sets the scope and risk criteria for the remaining process. This process needs to be considered in greater detail and particularly how it relates to the scope of the particular risk management process. [External – Internal – Risk mgt – Develop Risk Evaluation Criteria – define the structure of risk analysis.]
3. Risk identification This step reveals and determines the potential risks which are highly occurring and other events which occur very frequently. Risk is investigated by looking at the activity of organizations in all directions and attempting to introduce the new exposure which will arise in the future from changing the internal and external environment. (Tcankova, 2002) 4. Risk analysis It is concerned with assessing the potential impact of exposure and likelihood of the particular outcome actually occurring. The impact of exposure should be considered under the elements of time, quality, benefit and resource. 5. Risk evaluation Before determining the probability, it is essential to consider risk tolerance. The organizations will consider “risk appetite” (the amount of risk they are willing to take) and decide upon acceptable or unacceptable risk. The acceptable level of risk depends upon the degree of voluntaries. Risk evaluation is important for making sense in specific situations and provides adequate material for decision making (Vrijling, Hengel and Houben, 1995). This step is about deciding whether risks are acceptable or need treatment.
6. Risk treatment: involves selecting and implementing one or more options for treating risks; avoid risk, change the likelihood of occurrence, change the consequences, share risk and retain risk (residual risk may be retained if it is at an acceptable level). [Standards Australia and Standards New Zealand(2004)] 7.Monitoring and review: it is an essential and integral step in the risk management process. Risk needs to be monitored to ensure the changing environment does not alter risk priorities and to ensure the risk management process is effective both in design and in operation. The organization should review at least on an annual basis alongside set KPIs
Critical success factors of RM a. Commitment & support from top mgt b. Communication c. Culture d. Organizational structure e. Training f. Trust and improved relations(internal & external) g. Incorporating information & communication technology h. Consultancy/ benchmarking
Components of Effective Risk Mgt 1. Infrastructure : (System & Process) "Having the right system and proper process for effective and efficient risk management" Key to being efficient and effective is to leverage off technology by bringing the appropriate IT system infrastructure to cater to our needs. This includes risk systems and the reporting and monitoring solutions. Complementing system infrastructure is an efficient process flow that covers risk identification, risk measurement, monitoring and risk mitigation.
Cont’d 2. People "Having the right people to do the right thing" • Firstly is bringing in the right people to drive risk management. This involves recruitment as well as technical training to ensure a dynamic, forward looking high performance risk team. Succession planning and cross discipline training are key to ensure the continuity in risk management and the organization. • Secondly, is getting the organization to embrace risk management as a culture, via organization-wide risk awareness seminars, technical risk training and hands on engagement at all levels of staff..
3. Framework & Policies "Setting the rules of the game clearly and upfront A well-documented Risk Framework and its ancillary policies are essential to inform all stakeholders of the way the business is conducted and obtain an understanding on the important method of risk management in our organization. Risk management goes hand in hand with investment goals, both long-term and short-term. Risk Management is an essential partner in setting and achieving organizational goals. Profits targets are set in tandem with risk limits to ensure a return profile that commensurate with our risk appetite.
Creating Awareness in RM
APPROACHES TO RISK MANAGEMENT
Third party risk Financing strata
TheScopeandCoverageofRiskManagement
Compiled & Represented by: MUHWEZI Morris MOB:+256705982771

Empfohlen

ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOPiTech
 
Risk Management in Business
Risk Management in BusinessRisk Management in Business
Risk Management in Businesspaperpublications3
 
Fundamentals of-risk-management
Fundamentals of-risk-managementFundamentals of-risk-management
Fundamentals of-risk-managementMajd Ghanem,MBA
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementAndre Knipe
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementCroydon Consulting, LLC
 
Risk management
Risk managementRisk management
Risk managementLepipi
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityJeff B
 

Empfohlen

ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOPiTech
 
Risk Management in Business
Risk Management in BusinessRisk Management in Business
Risk Management in Businesspaperpublications3
 
Fundamentals of-risk-management
Fundamentals of-risk-managementFundamentals of-risk-management
Fundamentals of-risk-managementMajd Ghanem,MBA
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementAndre Knipe
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementCroydon Consulting, LLC
 
Risk management
Risk managementRisk management
Risk managementLepipi
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityJeff B
 
Risk Management And Communication Maps
Risk Management And Communication MapsRisk Management And Communication Maps
Risk Management And Communication MapsJonelle Hilleary
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
ERM overview
ERM overviewERM overview
ERM overviewHisham Haridy MBA, PMP®, RMP®, SP®
 
19b crisis management
19b crisis management19b crisis management
19b crisis managementSwathi Sippy
 
Crisis management presentation
Crisis management presentationCrisis management presentation
Crisis management presentationiChange
 
46753267 20075325-principles-of-risk-management-and-insurance-f
46753267 20075325-principles-of-risk-management-and-insurance-f46753267 20075325-principles-of-risk-management-and-insurance-f
46753267 20075325-principles-of-risk-management-and-insurance-fGaba Florian
 
Fiba 500 risk management
Fiba 500 risk managementFiba 500 risk management
Fiba 500 risk managementEmmanuel Oshogwe Akpeokhai
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...prosenzw69
 
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB
 
Crisis management
Crisis managementCrisis management
Crisis managementAhmed EL-KOSAIRY
 
PECB Webinar: Risk-management in IT intensive SMEs
PECB Webinar: Risk-management in IT intensive SMEsPECB Webinar: Risk-management in IT intensive SMEs
PECB Webinar: Risk-management in IT intensive SMEsPECB
 
Crisis management for non crisis managers Taha ABULAYNIN
Crisis management for non crisis managers Taha ABULAYNINCrisis management for non crisis managers Taha ABULAYNIN
Crisis management for non crisis managers Taha ABULAYNINTaha ABULAYNIN
 
Risk Management
Risk ManagementRisk Management
Risk ManagementRaina Zia
 
Erm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & MethodologyErm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & Methodologysteinkamps6
 
Enterprise Risk Management - Deddy Jacobus
Enterprise Risk Management - Deddy JacobusEnterprise Risk Management - Deddy Jacobus
Enterprise Risk Management - Deddy JacobusDeddy Jacobus
 
COSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORECOSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORENaresh Parandhaman
 
Chapter1 introduction to risk management
Chapter1 introduction to risk managementChapter1 introduction to risk management
Chapter1 introduction to risk managementDr Riyaz Muhmmad
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820สปสช นครสวรรค์
 
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdfGabayo
 
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxransayo
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India
 
Management of risks and implication on the nigerian manufacturing sector
Management of risks and implication on the nigerian manufacturing sectorManagement of risks and implication on the nigerian manufacturing sector
Management of risks and implication on the nigerian manufacturing sectorAlexander Decker
 

Weitere ähnliche Inhalte

Was ist angesagt?

Risk Management And Communication Maps
Risk Management And Communication MapsRisk Management And Communication Maps
Risk Management And Communication MapsJonelle Hilleary
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
19b crisis management
19b crisis management19b crisis management
19b crisis managementSwathi Sippy
 
Crisis management presentation
Crisis management presentationCrisis management presentation
Crisis management presentationiChange
 
46753267 20075325-principles-of-risk-management-and-insurance-f
46753267 20075325-principles-of-risk-management-and-insurance-f46753267 20075325-principles-of-risk-management-and-insurance-f
46753267 20075325-principles-of-risk-management-and-insurance-fGaba Florian
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...prosenzw69
 
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB
 
PECB Webinar: Risk-management in IT intensive SMEs
PECB Webinar: Risk-management in IT intensive SMEsPECB Webinar: Risk-management in IT intensive SMEs
PECB Webinar: Risk-management in IT intensive SMEsPECB
 
Crisis management for non crisis managers Taha ABULAYNIN
Crisis management for non crisis managers Taha ABULAYNINCrisis management for non crisis managers Taha ABULAYNIN
Crisis management for non crisis managers Taha ABULAYNINTaha ABULAYNIN
 
Risk Management
Risk ManagementRisk Management
Risk ManagementRaina Zia
 
Erm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & MethodologyErm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & Methodologysteinkamps6
 
Enterprise Risk Management - Deddy Jacobus
Enterprise Risk Management - Deddy JacobusEnterprise Risk Management - Deddy Jacobus
Enterprise Risk Management - Deddy JacobusDeddy Jacobus
 
Chapter1 introduction to risk management
Chapter1 introduction to risk managementChapter1 introduction to risk management
Chapter1 introduction to risk managementDr Riyaz Muhmmad
 

Was ist angesagt? (18)

Risk Management And Communication Maps
Risk Management And Communication MapsRisk Management And Communication Maps
Risk Management And Communication Maps
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
ERM overview
ERM overviewERM overview
ERM overview
 
19b crisis management
19b crisis management19b crisis management
19b crisis management
 
Crisis management presentation
Crisis management presentationCrisis management presentation
Crisis management presentation
 
46753267 20075325-principles-of-risk-management-and-insurance-f
46753267 20075325-principles-of-risk-management-and-insurance-f46753267 20075325-principles-of-risk-management-and-insurance-f
46753267 20075325-principles-of-risk-management-and-insurance-f
 
Fiba 500 risk management
Fiba 500 risk managementFiba 500 risk management
Fiba 500 risk management
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
 
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
 
Crisis management
Crisis managementCrisis management
Crisis management
 
PECB Webinar: Risk-management in IT intensive SMEs
PECB Webinar: Risk-management in IT intensive SMEsPECB Webinar: Risk-management in IT intensive SMEs
PECB Webinar: Risk-management in IT intensive SMEs
 
Crisis management for non crisis managers Taha ABULAYNIN
Crisis management for non crisis managers Taha ABULAYNINCrisis management for non crisis managers Taha ABULAYNIN
Crisis management for non crisis managers Taha ABULAYNIN
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Erm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & MethodologyErm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & Methodology
 
Enterprise Risk Management - Deddy Jacobus
Enterprise Risk Management - Deddy JacobusEnterprise Risk Management - Deddy Jacobus
Enterprise Risk Management - Deddy Jacobus
 
COSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORECOSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORE
 
Chapter1 introduction to risk management
Chapter1 introduction to risk managementChapter1 introduction to risk management
Chapter1 introduction to risk management
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820
 

Ähnlich wie Risk Mgt

12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdfGabayo
 
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxransayo
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India
 
Management of risks and implication on the nigerian manufacturing sector
Management of risks and implication on the nigerian manufacturing sectorManagement of risks and implication on the nigerian manufacturing sector
Management of risks and implication on the nigerian manufacturing sectorAlexander Decker
 
7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management ProgramAlicia Edwards
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk ManagementNikhil Soni
 
Risk-Management-ppt.pptx
Risk-Management-ppt.pptxRisk-Management-ppt.pptx
Risk-Management-ppt.pptxYashuShukla2
 
Strengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk ManagementStrengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk ManagementNina Vazquez
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820minhaj52
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820Vijay Kejriwal
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820Tim Smith
 
Risk management standard
Risk management standardRisk management standard
Risk management standardLuis Vitiritti
 
A to Z of Risk Management
A to Z of Risk ManagementA to Z of Risk Management
A to Z of Risk ManagementMark Conway
 
Risk management
Risk managementRisk management
Risk managementaseel m
 

Ähnlich wie Risk Mgt (20)

12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
12-RISK-MANAGEMENT-PROCEDURES-METHODS-AND-EXPERIENCES-RTA_2_2010-09.pdf
 
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management Standard
 
Management of risks and implication on the nigerian manufacturing sector
Management of risks and implication on the nigerian manufacturing sectorManagement of risks and implication on the nigerian manufacturing sector
Management of risks and implication on the nigerian manufacturing sector
 
Essay On Risk Management
Essay On Risk ManagementEssay On Risk Management
Essay On Risk Management
 
Risk management standard 030820
Risk management standard 030820 Risk management standard 030820
Risk management standard 030820
 
Healthcare Risk Management
Healthcare Risk Management Healthcare Risk Management
Healthcare Risk Management
 
7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program
 
CISSPills #3.04
CISSPills #3.04CISSPills #3.04
CISSPills #3.04
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
Risk-Management-ppt.pptx
Risk-Management-ppt.pptxRisk-Management-ppt.pptx
Risk-Management-ppt.pptx
 
Strengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk ManagementStrengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk Management
 
IT Policy, RISK MANAGEMENT
IT Policy, RISK MANAGEMENTIT Policy, RISK MANAGEMENT
IT Policy, RISK MANAGEMENT
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820
 
Risk management standard
Risk management standardRisk management standard
Risk management standard
 
A to Z of Risk Management
A to Z of Risk ManagementA to Z of Risk Management
A to Z of Risk Management
 
Risk management
Risk managementRisk management
Risk management
 
Risk Management Essay
Risk Management EssayRisk Management Essay
Risk Management Essay
 

Risk Mgt

  • 1. A new wave sweeping global business Risk Management as a corporate enterprise and business strategy
  • 2. Risk – Risk is a function of the likelihood of something happening and the degree of losing which arises from a situation or activity. Losses can be direct or indirect. – “Risks are usually defined by the adverse impact on profitability of several distinct sources of uncertainty” (Partnerships BC, 2005 and NIST, 2004). NB: Risks are usually defined by the adverse impact on profitability of several distinct sources of uncertainty. While the types and degree of risks an organization may be exposed to depend upon a number of factors such as its size, complexity business activities, volume etc” (SBP, 2003, p.1)
  • 3. Risk [cont’d] Risk can also be views as „Probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through pre-emptive action.‟ (George, 2008)
  • 4.
  • 6. RISK APPETITE It is the level of risk that an organization is prepared to accept, before action is deemed necessary to reduce it. It represents a balance between the potential benefits of innovation and the threats that change inevitably brings. NOTE: It can guide people on the level of risk permitted and encourage consistency of approach across an organization.
  • 7. Levels of risk appetite a) Averse: Avoidance of risk and uncertainty is a key organization objective. b) Minimal: Preference for ultra-safe options that are low risk and only have a potential for limited reward. c) Cautious: Preference for safe options that have a low degree of risk and may only have limited potential for reward. d) Open: Willing to consider all potential options and choose the one most likely to result in successful delivery, while also providing an acceptable level of reward and value for money. e) Hungry: Eager to be innovative and to choose options offering potentially higher business rewards, despite greater inherent risk. NB: Defined acceptable levels of risk also means that resources are not spent on further reducing risks that are already at an acceptable level.
  • 8.
  • 9. Risk management(RM) Risk management(RM) is define as: a. The process to eliminate, reduce and control risks. b. It involves identifying, analyzing, measuring, monitoring and controlling risks. c. Reducing the negative and emerging opportunities. d. Achievement of business strategy and objectives. [Anderson and Terp (2006)] These present the different views to consider in RM
  • 10. OBJECTIVES OF RISK MGT To Maximize the potential of success To Minimize the probability of future losses. To reduce the severity of risk exposures To offer better corporate imagery to firms
  • 12. Risk Management process Defined as "the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analyzing, assessing, treating, monitoring and communicating risk".(AS/NZS 4360:2004)
  • 13.
  • 14.
  • 15. RISK MGT PROCESS 1. Communicate and consult Communication and consultation aim to identify who should be involved in the assessment of risk including identification, analysis and evaluation and who will be involved in the treatment, monitoring and reviewing of risk. (Standards Australia and Standards New Zealand, 2004). 2.Establish the context By establishing the context, the organization defines the parameters to be taken into account when managing risk, and sets the scope and risk criteria for the remaining process. This process needs to be considered in greater detail and particularly how it relates to the scope of the particular risk management process. [External – Internal – Risk mgt – Develop Risk Evaluation Criteria – define the structure of risk analysis.]
  • 16. 3. Risk identification This step reveals and determines the potential risks which are highly occurring and other events which occur very frequently. Risk is investigated by looking at the activity of organizations in all directions and attempting to introduce the new exposure which will arise in the future from changing the internal and external environment. (Tcankova, 2002) 4. Risk analysis It is concerned with assessing the potential impact of exposure and likelihood of the particular outcome actually occurring. The impact of exposure should be considered under the elements of time, quality, benefit and resource. 5. Risk evaluation Before determining the probability, it is essential to consider risk tolerance. The organizations will consider “risk appetite” (the amount of risk they are willing to take) and decide upon acceptable or unacceptable risk. The acceptable level of risk depends upon the degree of voluntaries. Risk evaluation is important for making sense in specific situations and provides adequate material for decision making (Vrijling, Hengel and Houben, 1995). This step is about deciding whether risks are acceptable or need treatment.
  • 17. 6. Risk treatment: involves selecting and implementing one or more options for treating risks; avoid risk, change the likelihood of occurrence, change the consequences, share risk and retain risk (residual risk may be retained if it is at an acceptable level). [Standards Australia and Standards New Zealand(2004)] 7.Monitoring and review: it is an essential and integral step in the risk management process. Risk needs to be monitored to ensure the changing environment does not alter risk priorities and to ensure the risk management process is effective both in design and in operation. The organization should review at least on an annual basis alongside set KPIs
  • 18. Critical success factors of RM a. Commitment & support from top mgt b. Communication c. Culture d. Organizational structure e. Training f. Trust and improved relations(internal & external) g. Incorporating information & communication technology h. Consultancy/ benchmarking
  • 19.
  • 20.
  • 21. Components of Effective Risk Mgt 1. Infrastructure : (System & Process) "Having the right system and proper process for effective and efficient risk management" Key to being efficient and effective is to leverage off technology by bringing the appropriate IT system infrastructure to cater to our needs. This includes risk systems and the reporting and monitoring solutions. Complementing system infrastructure is an efficient process flow that covers risk identification, risk measurement, monitoring and risk mitigation.
  • 22. Cont’d 2. People "Having the right people to do the right thing" • Firstly is bringing in the right people to drive risk management. This involves recruitment as well as technical training to ensure a dynamic, forward looking high performance risk team. Succession planning and cross discipline training are key to ensure the continuity in risk management and the organization. • Secondly, is getting the organization to embrace risk management as a culture, via organization-wide risk awareness seminars, technical risk training and hands on engagement at all levels of staff..
  • 23. 3. Framework & Policies "Setting the rules of the game clearly and upfront A well-documented Risk Framework and its ancillary policies are essential to inform all stakeholders of the way the business is conducted and obtain an understanding on the important method of risk management in our organization. Risk management goes hand in hand with investment goals, both long-term and short-term. Risk Management is an essential partner in setting and achieving organizational goals. Profits targets are set in tandem with risk limits to ensure a return profile that commensurate with our risk appetite.
  • 26. Third party risk Financing strata
  • 27.
  • 28.
  • 30. Compiled & Represented by: MUHWEZI Morris MOB:+256705982771