SlideShare a Scribd company logo

Module 1 - Introduction to Risk Management.pdf

marjondimafilis
marjondimafilis

Risk management

Business
1 of 13
Download to read offline
1 TOPICS 1. Approaches To Defining Risk, Types and Its Impact on Organizations 2. Scope, Principles and Aims of Risk Management LEARNING OUTCOMES At the end of the lesson, you should be able to: 1. define risk and risk management and describe the usefulness of the various definitions; 2. identify the features of the types of risk; and 3. discuss the importance of risk management. TOPIC 1: APPROACHES TO DEFINING RISK, TYPES AND ITS IMPACT ON ORGANIZATIONS DEFINITIONS OF RISK Definitions of risk can be found from many sources. Common to most definitions of risk is uncertainty and undesirable outcomes. The table below lists definitions of risk from different industries and standards. Table 1. Definitions of Risk Definitions of Risk Risk is the combination of the risk of exposure and the impact = combination of (likelihood of the threat being able to expose an element(s) of the system) and impact. Risk is a situation involving exposure to danger and the possibility that something unpleasant or unwelcome will happen. Risk is a probability or threat of damage, injury, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through pre-emptive action. Risk is a possible event that could cause harm or loss, or affect the ability to achieve objectives. A risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred. Risk can also be defined as uncertainty of outcome, and can be used in the context of measuring the probability of positive outcomes as well as negative outcomes. What all definitions of risk have in common is agreement that risk has two characteristics: Uncertainty: An event may or may not happen. Loss: An event has unwanted consequences or losses. TYPES OF RISKS Risk may have positive or negative outcomes or may simply result in uncertainty. Therefore, risks may be considered to be related to an opportunity or a loss or the presence of uncertainty for an organization. Every risk has its own characteristics that require particular management or analysis and it is divided into four categories: Lesson 1 INTRODUCTION TO RISK MANAGEMENT
2 c Compliance risk is exposure to legal penalties, financial forfeiture and material loss an organization faces when it fails to act in accordance with industry laws and regulations, internal policies or prescribed best practices. It is also sometimes known as integrity risk. Many compliance regulations are enacted to ensure that organizations operate fairly and ethically. There are certain risk events that can only result in negative outcomes. These risks are hazard risks or pure risks, and these may be thought of as operational or insurable risks. In general, organizations will have a tolerance of hazard risks, and these need to be managed within the levels that the organization can tolerate. A good example of a hazard risk faced by many organizations is that of theft. There are other risks that give rise to uncertainty about the outcome of a situation. These can be described as control risks and are frequently associated with project management. In general, organizations will have an aversion to control risks. Uncertainties can be associated with the benefits that the project produces, as well as uncertainty about the delivery of the project on time, within budget and to specification. The management of control risks will often be undertaken in order to ensure that the outcome from the business activities falls within the desired range. The purpose is to reduce the variance between anticipated outcomes and actual results. At the same time, organizations deliberately take risks, especially marketplace or commercial risks, in order to achieve a positive return. These can be considered as opportunity or speculative risks, and an organization will have a specific appetite for investment in such risks. Opportunity risks relate to the relationship between risk and return. The purpose is to take action that involves risk to achieve positive gains. The focus of opportunity risks will be towards investment. RISK DESCRIPTION In order to fully understand a risk, a detailed description is necessary so that a common understanding of the risk can be identified and ownership/responsibilities may be clearly understood. Please see Table 2 for the lists of information that must be recorded to fully understand a risk. It is most applicable to hazard risks and the list will need to be modified to provide a full description of control or opportunity risks. Table 2. Risk Description Definitions of Risk  Name or title of risk  Statement of risk, including scope of risk and details of possible events and dependencies  Nature of risk, including details of the risk classification and timescale of potential impact  Stakeholders in the risk, both internal and external  Risk attitude, appetite, tolerance, limits for the risk and/or risk criteria  Likelihood and magnitude of event and consequences should the risk materialize at current/residual level  Control standard required, target level of risk or risk criteria  Incident and loss experience  Existing control mechanisms and activities  Responsibility for developing risk strategy and policy  Potential for risk improvement and level of confidence in existing controls  Risk improvement recommendations and deadlines for implementation Opportunity (or speculative) risks Hazard (or pure) risks Control (or uncertainty) risks Compliance (or mandatory) risks;
3  Responsibility for implementing improvements  Responsibility for auditing risk compliance So that the correct range of information can be collected about each risk, the distinction between compliance, hazard, control and opportunity risks needs to be clearly understood. The example below is intended to distinguish between these four types of risk, so that the information required in order to describe each type of risk can be identified. RISK CLASSIFICATION SYSTEMS Risks can be classified according to the nature of the attributes of the risk, such as timescale for impact, and the nature of the impact and/or likely magnitude of the risk. They can also be classified according to the timescale of impact after the event occurs. The source of the risk can also be used as the basis of classification. In this case, a risk may be classified according to its origin, such as counterparty or credit risk. A further way of classifying risks is to consider the nature of the impact. Some risks can cause detriment to the finances of the organization, whereas others will have an impact on the activities or the infrastructure. Further, risks may have an impact on the reputation of the organization, or on its status and the way it is perceived in the marketplace. Risks may also be classified according to the component or feature of the organization that will be impacted. For example, risks can be classified according to whether they will impact people, premises, processes or products. An important consideration for organizations when deciding their risk classification system is to determine whether the risks will be classified according to the source of the risk, the component impacted or of the consequences of the risk materializing. Individual organizations will decide on the risk classification system that suits them best, depending on the nature of the organization and its activities. Also, many risk management standards and frameworks suggest a specific risk classification system. If the organization adopts one of these standards, then it will tend to follow the classification system recommended. The risk classification system that is selected should be fully relevant to the organization concerned. There is no universal classification system that fulfils the requirements of all organizations. It is likely that each risk will need to be classified in several ways in order to clearly understand its potential impact. RISK LIKELIHOOD AND MAGNITUDE Risk likelihood and magnitude are best demonstrated using a risk matrix. Risk matrices can be produced in many formats. Whatever format is used for a risk matrix; it is a very valuable tool for the risk management practitioner. The basic style of risk matrix plots the likelihood of an event against the magnitude or impact should the event materialize. Figure 1 is an illustration of a simple risk matrix, also referred to as a risk map or heat map. This is a commonly used method of illustrating risk likelihood and the magnitude (or severity) of the event should the risk materialize. The use of the risk matrix to illustrate risk likelihood and magnitude is a fundamentally important risk management tool. The risk matrix can be used to plot the nature of individual risks, so that the organization can decide whether the risk is acceptable and within the risk appetite and/or risk capacity of the organization. The horizontal axis is used to represent likelihood. The term likelihood is used rather than frequency, because the word frequency implies that events will definitely occur and the risk matrix is registering how often these events take place. Likelihood is a broader word that includes frequency, but also refers to the chances of an unlikely
4 event happening. However, in risk management literature, the word ‘probability’ will often be used to describe the likelihood of a risk materializing. The vertical axis is used to indicate magnitude in Figure 1. The word magnitude is used rather than severity, so that the same style of risk matrix can be used to illustrate compliance, hazard, control and opportunity risks. Severity implies that the event is undesirable and is, therefore, related to compliance and hazard risks. The magnitude of the risk may be considered to be its gross or inherent level before controls are applied. Figure 1 plots likelihood against the magnitude of an event. However, the more important consideration for risk managers is not the magnitude of the event, but the impact of the event and the consequences that follow. For example, a large fire could occur that completely destroys a warehouse of a distribution and logistics company. Although the magnitude of the event may be large, if sufficient insurance is in place, the impact in terms of financial costs for the company could be minimal, and if the company has produced plans to cope with such an event, the consequences for the overall business may be much less than would otherwise be anticipated. Figure 1. Risk likelihood and magnitude Shading or color coding is often used on the risk matrix to provide a visual representation of the importance of each risk under consideration. As risks move towards the top right-hand corner of the risk matrix, they become more likely and have a greater impact. Therefore, the risk becomes more important and immediate and effective risk control measures need to be in place. IMPACT OF RISK ON ORGANIZATIONS LEVEL OF RISKS It is increasingly understood that the explicit and structured management of risks brings benefits. By taking a proactive approach to risk and risk management, organizations will be able to achieve the following four areas of improvement: IMPACT OF HAZARD RISKS Hazard risk management is concerned with issues such as health and safety at work, fire prevention, avoiding damage to property and the consequences of defective products. Hazard risks can cause disruption to normal operations, as well as resulting in increased costs and poor publicity associated with disruptive events.
5 Hazard risks are related to business dependencies, including IT and other supporting services. There is increasing dependence on the IT infrastructure of most organizations and IT systems can be disrupted by computer breakdown or fire in server rooms, as well as virus infection and deliberate hacking or computer attacks. Theft and fraud can also be significant hazard risks for many organizations. This is especially true for organizations handling cash or managing a significant number of financial transactions. Techniques relevant to the avoidance of theft and fraud include adequate security procedures, segregation of financial duties, and authorization and delegation procedures, as well as the vetting of staff prior to employment. It is worth reflecting on terminology, because this is especially important in relation to hazard risks, if an event occurs. If a hazard risk materializes, it may have a very large magnitude, such as the destruction of the main distribution warehouse of an organization. This large magnitude event will have an impact on the organization related to potential financial costs, destruction of infrastructure, damage to reputation and the inability to function in the marketplace. Magnitude represents the gross or inherent level of the risk. However, the impact of the event will be reduced because of the controls that are in place. Impact represents the net, residual or current level of the risk. These controls reduce the financial impact, the extent of destruction of infrastructure, as well as controls designed to protect reputation and marketplace activities. But, what is also important for the organization is the consequences of the major warehouse fire. These consequences relate to the effect that the fire might have on the strategy, tactics, operations and compliance activities within the organization. ATTACHMENT OF RISKS Although most standard definitions of risk refer to risks as being attached to corporate objectives, Figure 2 provides an illustration of the options for the attachment of risks. Risks are shown in the diagram as being capable of impacting the key dependencies that deliver the core processes of the organization. Corporate objectives and stakeholder expectations help define the core processes of the organization. These core processes are key components of the existing nature and future enhancement of the business model and can relate to operations, tactics and corporate strategy, as well as compliance activities. Significant risks can be identified by considering the key dependencies of the organization, the corporate objectives and/or the stakeholder expectations, as well as by analysis of the core processes of the organization. RISK AND REWARD Another feature of risk and risk management is that many risks are taken by organizations in order to achieve a reward. Figure 3 illustrates the relationship between the level of risk and the anticipated size of reward. A business will launch a new product because it believes that greater profit is available from the successful marketing of that product. In launching a new product, the organization will put resources at risk because it has decided that a certain amount of risk taking is appropriate. The value at risk represents the risk appetite of the organization with respect to the activity that it is undertaking. When an organization puts value at risk in this way, it should do so with the full knowledge of the risk exposure and it should be satisfied that the risk exposure is within the appetite of the organization. Even more important, it should ensure that it has sufficient resources to cover the risk exposure. In other words, the risk exposure should be quantified, the appetite to take that level of risk should be confirmed, and the capacity of the organization to withstand any foreseeable adverse consequences should be clearly established.
6 Task/Activity Figure 2. Attachment of Risks Figure 3. Risk and Reward Answer the following questions on a yellow paper: 1. For you what is the best definition of risk? Explain briefly. 2. What are the features of the types of risk? 3. How can risks be classified? 4. What is Likelihood and Magnitude on Risk Matrix? 5. What is the difference between the hazard and a risk? 6. What is the concept of risk and reward? Rubric for grading: CRITERIA PERFORMANCE INDICATORS POINTS Content Provided pieces of evidence, supporting details, and factual scenarios 8 Grammar Used correct grammar, punctuation, spelling, and Capitalization 1 Organization of ideas Expressed the points in clear and logical arrangement of ideas in the paragraph 1 TOTAL 10
7 ORIGINS OF RISK MANAGEMENT Risk management has a variety of origins and is practiced by a wide range of professionals. One of the early developments in risk management emerged in the United States out of the insurance management function. The practice of risk management became more widespread and better coordinated because the cost of insurance in the 1950s had become prohibitive and the extent of coverage limited. Organizations realized that purchasing insurance was insufficient if there was inadequate attention to the protection of property and people. Insurance buyers therefore became concerned with the quality of property protection, the standards of health and safety, product liability issues and other risk control concerns. This combined approach to risk financing and risk control developed in Europe during the 1970s and the concept of total cost of risk became important. As this approach became established, it also became obvious that there were many risks facing organizations that were not insurable. The tools and techniques of risk management were then applied to other disciplines. Table 3. Definitions of Risk Management Definitions of Risk Management  Co-ordinated activities to direct and control an organization with regard to risk (ISO Guide 73)  Risk management is the set of activities within an organization undertaken to deliver the most favorable outcome and reduce the volatility or variability of that outcome.  Process which aims to help organizations understand, evaluate and take action on all their risks with a view to increasing the probability of success and reducing the likelihood of failure  All the processes involved in identifying, assessing and judging risks, assigning ownership, taking actions to mitigate or anticipate them, and monitoring and reviewing progress IMPORTANCE OF RISK MANAGEMENT MANAGING THE ORGANIZATION  Variable cost or availability of raw materials  Cost of retirement/pension/social benefits  Desire to deliver greater shareholder value  Greater transparency required from organizations  Pace of change in business ever increases  Impact of e-commerce on all aspects of business life  Increased reliance on information technology (IT) systems  Increasing importance of intellectual property (IP)  Greater supply chain complexity/dependency  Reputation becomes more and more important  Reputational damage – especially to worldwide brands  High-profile losses and failures ruin reputations  Regulatory pressures continue to increase  Changes/variation in national legislative requirements  Joint ventures becoming more common CHANGES IN THE MARKETPLACE  Changing commercial and marketplace environment  Globalization of customers, suppliers and products  Increased competition in the marketplace  Greater customer expectations, often led by competitors  Need to respond more rapidly to stakeholder expectations TOPIC 2: SCOPE, PRINCIPLES AND AIMS OF RISK MANAGEMENT
8 Project risk management  More volatile markets with less customer loyalty  Diversification leads to working in unfamiliar areas  Constant need to make bold strategic decisions  Short-term success required, without long-term detriment  Product innovation and continuous improvements  Rapid changes in (consumer) product technology  Threats to world/national economy  Threat of influenza or other pandemics  Potential for international organized crime  Increasing occurrences of civil unrest/political risks  Extreme weather events resulting in population shift SPECIALIST AREAS OF RISK MANAGEMENT One of the best known and specialist areas of risk management is that of health and safety at work. Another specialist area is that of disaster recovery planning and business continuity planning. Also, there is no doubt that quality management is a very well-developed branch of risk management, given the high profile attached to quality management systems, such as ISO 9000. Additionally, other specialist areas of risk management have developed over the past decades, including: Project risk management is an area where the application of risk management tools and techniques is particularly well developed. It has its emphasis on the management of uncertainty or control risks. Clinical risk management is primarily concerned with patient care, especially during surgical operations. The cost of medical malpractice claims and the inevitable delay in making insurance payments has resulted in risk management systems being introduced. Particular aspects of clinical risk management include greater attention to making patients aware of the risks that may be associated with the procedure they are about to undertake. The energy sector has also seen an increase in the attention paid to risk management tools and techniques. For some organizations in the energy sector, risk management is mainly concerned with the future price of energy and with exploration risk. Therefore, the risk management approach is similar to the activities of the treasury function, where hedging and other sophisticated financial techniques form the basis of the risk management effort. Risk management within the finance sector is broader than just operational risk. Banks and other financial institutions will be concerned with the credit risk and market risk, as well as operational risk. Finance and insurance are highly regulated business sectors, governed by international standards such as Basel III and Solvency II. Risk management in the finance sector focuses on operational risks, as well as market, credit and other types of financial risks. It is in the finance sector that the title Chief Risk Officer was first developed. IT risk management Financial risk management Clinical/medical risk management Energy risk management
9 IT risk management is another well-developed and specific branch of risk management. The increasing importance of information to organizations, in terms of the management of and security of data, has resulted in the development of specific standards applicable to IT risk management. Amongst the best established of these risk management standards is COBIT, which is similar in many regards to the COSO (Committee of Sponsoring Organizations of the Treadway Commission) standard. SIMPLE REPRESENTATION OF RISK MANAGEMENT The risk management process is referred to as the 8Rs and 4Ts of hazard risk management as illustrated in Figure 4. The activities associated with risk management are as follows: Risk management can improve the management of the core processes of an organization by ensuring that key dependencies are analyzed, monitored and reviewed. Risk management tools and techniques will assist with the management of the hazard risks, control risks and opportunity risks that could impact these key dependencies. LEVELS OF RISK MANAGEMENT SOPHISTICATION An organization may be unaware of the legal and contractual obligations that it faces. In that case, it will be necessary to inform the organization of its obligations in relation to the risk. As the level of sophistication develops, the organization will become aware of the need to comply with obligations and the more general need for improved risk management. Once it is aware of obligations, there will be a need for the organization to reform in response to the hazard risks. As the organization responds to the risk, it will seek to conform to the appropriate risk control standards. After this stage, the organization may realize that there are benefits to be obtained from the risk. The organization will then have the ability to perform and view the risk as an opportunity risk. But there is a danger that organizations will become obsessed with risk management to the point that important decisions are not taken. At this point, it may be said that too much attention and concern about risk and risk management will cause the organization to deform its operations.
10 Figure 4. 8Rs and 4Ts of (hazard) Risk Management PRINCIPLES OF RISK MANAGEMENT The main principle of risk management is that it delivers value to the organization. In other words, risk management activities are designed to achieve the best possible outcome and reduce volatility or uncertainty of outcomes. However, risk management operates on a broader set of principles, and there have been several attempts to define these principles. ISO 31000 includes a detailed list of the suggested principles of risk management. Many of the lists of principles set out a description of what risk management activity should be and what it should achieve. It is important to distinguish between what the risk management initiative has been set up to achieve and the nature of the risk management framework that will be put in place. This provides the acronym PACED and provides a very good set of principles that are the foundations of a successful approach to risk management within any organization. The approach to risk management is based on the idea that risk is something that can be identified and controlled. These principles describe what risk management should be in practice. Some lists of
11 principles also include information on what risk management should do or deliver. It is useful to separate the principles of risk management into two distinct lists:  What should be the characteristics of risk management, as listed above; and  What it should deliver, as listed below: o Mandatory obligations placed on the organization; o Assurance regarding the management of significant risks; o Decisions that pay full regard to risk considerations; o Effective and efficient core processes. Core processes represent the activities of the organization and can be strategic, tactical, operational or compliance (STOC) in nature. The objectives for risk management provide the acronym MADE2 mandatory, assurance, decision making and effective and efficient core processes and this confirms that outputs from risk management will lead to less disruption to normal efficient operations, a reduction of uncertainty in relation to tactics and improved decisions in relation to evaluation and selection of alternative strategies. In other words, a key part of risk management is improved organizational decision making. The resources available for managing risk are finite and so the aim is to achieve an optimum response to risk, prioritized in accordance with an evaluation of the risks. Risk is unavoidable and every organization needs to take action to manage it in a way that it can justify to a level that is acceptable. The appropriate range of responses will depend on the nature, size and complexity of the organization and the risks it faces. RISK MANAGEMENT ACTIVITIES Risk management is a process that can be divided into several stages. Alternative illustrations of the risk management process can be found in the International Standard ISO 31000 and in other publications. The process can be represented as the 8Rs and 4Ts of hazard risk management. ISO Guide 73 and British Standard BS 31100 describe the risk management process as the systematic application of management policies, procedures and practices to the tasks of communicating, consulting, establishing the context, identifying, analyzing, evaluating, treating, monitoring and reviewing risk. However, it could be argued that the setting of policies, procedures and practices, together with the tasks of communicating, consulting and establishing that context, is actually part of the risk management framework, rather than the risk management process itself. IMPLEMENTING RISK MANAGEMENT In a rapidly developing discipline like risk management, there is scope for different practitioners to become intolerant towards the approach adopted by others. Internal control specialists who believe that risk management is all about the management of uncertainty and the achievement of corporate objectives should not become intolerant of the more traditional insurance risk management approach. There is no value in one group of specialists being dismissive of the approach adopted by others and being unwilling to utilize the expertise that is available in another group. In any case, there is no single style of risk management or approach to risk management that offers all the answers. Clearly, the various styles that can be adopted should operate as
12 Opportunity management makes outcomes more positive. Compliance management provides risk governance; complementary approaches within an organization. The integrative approach to risk management accepts that the organization must tolerate certain hazard risks and must have an appropriate appetite for investment in opportunity risks. Risk management tools and techniques should be used to achieve the following: Hazard management will make the outcome of any hazard event less negative. Within the context of hazard management, insurance represents the mechanism for restricting the financial cost of losses when a risk materializes. Risk control and loss management techniques will reduce the expected losses and should ensure that the overall cost is contained. The combination of insurance and risk control/loss management will reduce the actual cost of hazard losses and this will inevitably (and correctly) cause the hazard tolerance of the organization to decline. More of the risk capacity of the organization will then be available for opportunity investment. Control management reduces the range of possible outcomes from any event. Control management is based on the established techniques of internal financial control, as practised by internal auditors. The main intention is to reduce losses associated with inadequate control management at the same time as reducing the range of possible outcomes. This is the contribution that internal control should make to the overall approach to risk management within an organization. Opportunity management seeks to make positive outcomes more likely and more substantial. As part of the opportunity management approach, the organization should also look at possibilities for increasing the revenue from the product or service. In not-for-profit organizations, opportunity management should facilitate the delivery of better value for money. Hazard management makes outcomes less negative; Control management reduces the range of possible outcomes;
13 Wiley, John (2018). An Introduction to Banking Principles, Strategy and Risk Management (2nd ed). United Kingdom: TJ International Ltd. Hopkin, Paul (2017). Fundamentals of Risk Management (4th ed). United States: Kogan Page Limited. Fraser, John R., et al (2015). Implementing Enterprise Risk Management Case Studies and Best Practices. Hoboken, New Jersey: John Wiley & Sons, Inc. Borghesi, Antonio, et al (2013). Risk Management - How to Assess, Transfer, and Communicate Critical Risks. Italy: Springer-Verlag Italia. Chance, Don M., et al (2008). An Introduction to Derivatives and Risk Management (7th ed.). Canada: Thomson South-Western. Trieschmann, James S., et al (2001). Risk Management and Insurance (11th ed.). United States of America: South-Western College Publishing. Andres, Tomas Q.D (1999). Risk Management & Disaster Control. Quezon City, Philippines: Giraffe Books. REFERENCES

Recommended

Module 2 - Approaches to Risk Management.pdf
Module 2 - Approaches to Risk Management.pdfModule 2 - Approaches to Risk Management.pdf
Module 2 - Approaches to Risk Management.pdfmarjondimafilis
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management OverviewJIGNESH PADIA
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementPYA, P.C.
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementCroydon Consulting, LLC
 
Introduction to risk management
Introduction to risk managementIntroduction to risk management
Introduction to risk managementKannan Subbiah
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk AppetiteTowers Perrin
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentalsmikaelastafrace
 

Recommended

Module 2 - Approaches to Risk Management.pdf
Module 2 - Approaches to Risk Management.pdfModule 2 - Approaches to Risk Management.pdf
Module 2 - Approaches to Risk Management.pdfmarjondimafilis
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management OverviewJIGNESH PADIA
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementPYA, P.C.
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementCroydon Consulting, LLC
 
Introduction to risk management
Introduction to risk managementIntroduction to risk management
Introduction to risk managementKannan Subbiah
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk AppetiteTowers Perrin
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentalsmikaelastafrace
 
Introduction to Risk Management
Introduction to Risk ManagementIntroduction to Risk Management
Introduction to Risk ManagementFAA Safety Team Central Florida
 
Risk & Risk Management
Risk & Risk ManagementRisk & Risk Management
Risk & Risk Managementansula
 
The importance of risk management in business
The importance of risk management in businessThe importance of risk management in business
The importance of risk management in businessr2financial
 
Operational risk ppt
Operational risk pptOperational risk ppt
Operational risk pptNehaKamboj10
 
Risk Management
Risk ManagementRisk Management
Risk ManagementUrban League of Greater Atlanta
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).pptAjjuSingh2
 
Risk management
Risk managementRisk management
Risk managementHarold Malamion
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementJorge Vaz Girão , CISA, PMP, PMDPro I, ERMCP
 
Operational Risk Management - Understanding Your Risk Landscape
Operational Risk Management - Understanding Your Risk LandscapeOperational Risk Management - Understanding Your Risk Landscape
Operational Risk Management - Understanding Your Risk LandscapeEneni Oduwole
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Enterprise Risk Management Erm
Enterprise Risk Management ErmEnterprise Risk Management Erm
Enterprise Risk Management ErmNexus Aid
 
Chapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementChapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementNada G.Youssef
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 
Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Ahmad Azwang Aisram Omar
 
Risk management
Risk managementRisk management
Risk managementMichael Alonzo
 
Strategic risk management
Strategic risk managementStrategic risk management
Strategic risk managementKarim Farag
 
Risk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesRisk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesILRI
 
Iso 31000
Iso 31000Iso 31000
Iso 31000Dr. Jojo Javier
 
Chapter2 risk management process
Chapter2 risk management processChapter2 risk management process
Chapter2 risk management processDr Riyaz Muhmmad
 
Chapter 1 risk management (3)
Chapter 1 risk management (3)Chapter 1 risk management (3)
Chapter 1 risk management (3)rafeeqameen
 
HFMA Searching for Risk, April 2004
HFMA Searching for Risk, April 2004HFMA Searching for Risk, April 2004
HFMA Searching for Risk, April 2004Theim912
 
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptxPRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptxGraciaSuratos
 

More Related Content

What's hot

Risk & Risk Management
Risk & Risk ManagementRisk & Risk Management
Risk & Risk Managementansula
 
The importance of risk management in business
The importance of risk management in businessThe importance of risk management in business
The importance of risk management in businessr2financial
 
Operational risk ppt
Operational risk pptOperational risk ppt
Operational risk pptNehaKamboj10
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).pptAjjuSingh2
 
Operational Risk Management - Understanding Your Risk Landscape
Operational Risk Management - Understanding Your Risk LandscapeOperational Risk Management - Understanding Your Risk Landscape
Operational Risk Management - Understanding Your Risk LandscapeEneni Oduwole
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Enterprise Risk Management Erm
Enterprise Risk Management ErmEnterprise Risk Management Erm
Enterprise Risk Management ErmNexus Aid
 
Chapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementChapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementNada G.Youssef
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 
Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Ahmad Azwang Aisram Omar
 
Strategic risk management
Strategic risk managementStrategic risk management
Strategic risk managementKarim Farag
 
Risk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesRisk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesILRI
 
Chapter2 risk management process
Chapter2 risk management processChapter2 risk management process
Chapter2 risk management processDr Riyaz Muhmmad
 
Chapter 1 risk management (3)
Chapter 1 risk management (3)Chapter 1 risk management (3)
Chapter 1 risk management (3)rafeeqameen
 

What's hot (20)

Introduction to Risk Management
Introduction to Risk ManagementIntroduction to Risk Management
Introduction to Risk Management
 
Risk & Risk Management
Risk & Risk ManagementRisk & Risk Management
Risk & Risk Management
 
The importance of risk management in business
The importance of risk management in businessThe importance of risk management in business
The importance of risk management in business
 
Operational risk ppt
Operational risk pptOperational risk ppt
Operational risk ppt
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).ppt
 
Risk management
Risk managementRisk management
Risk management
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
 
Operational Risk Management - Understanding Your Risk Landscape
Operational Risk Management - Understanding Your Risk LandscapeOperational Risk Management - Understanding Your Risk Landscape
Operational Risk Management - Understanding Your Risk Landscape
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
 
Enterprise Risk Management Erm
Enterprise Risk Management ErmEnterprise Risk Management Erm
Enterprise Risk Management Erm
 
Chapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementChapter 4: Governance and Risk Management
Chapter 4: Governance and Risk Management
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
 
Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009
 
Risk management
Risk managementRisk management
Risk management
 
Strategic risk management
Strategic risk managementStrategic risk management
Strategic risk management
 
Risk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniquesRisk management: Principles, methodologies and techniques
Risk management: Principles, methodologies and techniques
 
Iso 31000
Iso 31000Iso 31000
Iso 31000
 
Chapter2 risk management process
Chapter2 risk management processChapter2 risk management process
Chapter2 risk management process
 
Chapter 1 risk management (3)
Chapter 1 risk management (3)Chapter 1 risk management (3)
Chapter 1 risk management (3)
 

Similar to Module 1 - Introduction to Risk Management.pdf

HFMA Searching for Risk, April 2004
HFMA Searching for Risk, April 2004HFMA Searching for Risk, April 2004
HFMA Searching for Risk, April 2004Theim912
 
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptxPRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptxGraciaSuratos
 
Risk Management.pptx
Risk Management.pptxRisk Management.pptx
Risk Management.pptxGraciaSuratos
 
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxransayo
 
Risk management
Risk managementRisk management
Risk managementaseel m
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB
 
RISK MANAGEMENT.pptx
RISK MANAGEMENT.pptxRISK MANAGEMENT.pptx
RISK MANAGEMENT.pptxssuser107f14
 
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)Keith Darcy
 
The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...Albert Vilariño
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOPiTech
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India
 
Risk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxRisk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxjoellemurphey
 
Pm0016 set-1
Pm0016 set-1Pm0016 set-1
Pm0016 set-1Paul Hunt
 
An introduction to finance
An introduction to financeAn introduction to finance
An introduction to financeRobert Reed
 
7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management ProgramAlicia Edwards
 
LinkedIn post - ERM Presentation
LinkedIn post - ERM PresentationLinkedIn post - ERM Presentation
LinkedIn post - ERM PresentationJabulani Mbengo
 
How to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential StepsHow to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential StepsCase IQ
 
Table of ContentsIntroduction3P.docx
Table of ContentsIntroduction3P.docxTable of ContentsIntroduction3P.docx
Table of ContentsIntroduction3P.docxmattinsonjanel
 
BBA 4226, Risk Management 1 Course Learning Outcomes
BBA 4226, Risk Management 1 Course Learning Outcomes BBA 4226, Risk Management 1 Course Learning Outcomes
BBA 4226, Risk Management 1 Course Learning Outcomes MargaritoWhitt221
 

Similar to Module 1 - Introduction to Risk Management.pdf (20)

HFMA Searching for Risk, April 2004
HFMA Searching for Risk, April 2004HFMA Searching for Risk, April 2004
HFMA Searching for Risk, April 2004
 
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptxPRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
PRINCIPLES-OF-RISK-AND-MANAGEMENT.pptx
 
Risk Management.pptx
Risk Management.pptxRisk Management.pptx
Risk Management.pptx
 
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docxAbstractKey FeaturesAssessmentIntroductionMeasur.docx
AbstractKey FeaturesAssessmentIntroductionMeasur.docx
 
Risk management
Risk managementRisk management
Risk management
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
 
RISK MANAGEMENT.pptx
RISK MANAGEMENT.pptxRISK MANAGEMENT.pptx
RISK MANAGEMENT.pptx
 
Risk management
Risk managementRisk management
Risk management
 
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
 
The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_en
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management Standard
 
Risk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxRisk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docx
 
Pm0016 set-1
Pm0016 set-1Pm0016 set-1
Pm0016 set-1
 
An introduction to finance
An introduction to financeAn introduction to finance
An introduction to finance
 
7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program
 
LinkedIn post - ERM Presentation
LinkedIn post - ERM PresentationLinkedIn post - ERM Presentation
LinkedIn post - ERM Presentation
 
How to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential StepsHow to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential Steps
 
Table of ContentsIntroduction3P.docx
Table of ContentsIntroduction3P.docxTable of ContentsIntroduction3P.docx
Table of ContentsIntroduction3P.docx
 
BBA 4226, Risk Management 1 Course Learning Outcomes
BBA 4226, Risk Management 1 Course Learning Outcomes BBA 4226, Risk Management 1 Course Learning Outcomes
BBA 4226, Risk Management 1 Course Learning Outcomes
 

Recently uploaded

Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxCynthia Clay
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistanvineshkumarsajnani12
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Falcon Invoice Discounting
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Timegargpaaro
 
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecZurliaSoop
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
Kalyan Call Girl 98350*37198 Call Girls in Escort service book now
Kalyan Call Girl 98350*37198 Call Girls in Escort service book nowKalyan Call Girl 98350*37198 Call Girls in Escort service book now
Kalyan Call Girl 98350*37198 Call Girls in Escort service book nowranineha57744
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon investment
 
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...pujan9679
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...meghakumariji156
 
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSJAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSkajalroy875762
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwaitdaisycvs
 
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowkapoorjyoti4444
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 

Recently uploaded (20)

Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
WheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond InsightsWheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond Insights
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
 
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
 
HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Kalyan Call Girl 98350*37198 Call Girls in Escort service book now
Kalyan Call Girl 98350*37198 Call Girls in Escort service book nowKalyan Call Girl 98350*37198 Call Girls in Escort service book now
Kalyan Call Girl 98350*37198 Call Girls in Escort service book now
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
 
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSJAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 

Module 1 - Introduction to Risk Management.pdf

  • 1. 1 TOPICS 1. Approaches To Defining Risk, Types and Its Impact on Organizations 2. Scope, Principles and Aims of Risk Management LEARNING OUTCOMES At the end of the lesson, you should be able to: 1. define risk and risk management and describe the usefulness of the various definitions; 2. identify the features of the types of risk; and 3. discuss the importance of risk management. TOPIC 1: APPROACHES TO DEFINING RISK, TYPES AND ITS IMPACT ON ORGANIZATIONS DEFINITIONS OF RISK Definitions of risk can be found from many sources. Common to most definitions of risk is uncertainty and undesirable outcomes. The table below lists definitions of risk from different industries and standards. Table 1. Definitions of Risk Definitions of Risk Risk is the combination of the risk of exposure and the impact = combination of (likelihood of the threat being able to expose an element(s) of the system) and impact. Risk is a situation involving exposure to danger and the possibility that something unpleasant or unwelcome will happen. Risk is a probability or threat of damage, injury, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through pre-emptive action. Risk is a possible event that could cause harm or loss, or affect the ability to achieve objectives. A risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred. Risk can also be defined as uncertainty of outcome, and can be used in the context of measuring the probability of positive outcomes as well as negative outcomes. What all definitions of risk have in common is agreement that risk has two characteristics: Uncertainty: An event may or may not happen. Loss: An event has unwanted consequences or losses. TYPES OF RISKS Risk may have positive or negative outcomes or may simply result in uncertainty. Therefore, risks may be considered to be related to an opportunity or a loss or the presence of uncertainty for an organization. Every risk has its own characteristics that require particular management or analysis and it is divided into four categories: Lesson 1 INTRODUCTION TO RISK MANAGEMENT
  • 2. 2 c Compliance risk is exposure to legal penalties, financial forfeiture and material loss an organization faces when it fails to act in accordance with industry laws and regulations, internal policies or prescribed best practices. It is also sometimes known as integrity risk. Many compliance regulations are enacted to ensure that organizations operate fairly and ethically. There are certain risk events that can only result in negative outcomes. These risks are hazard risks or pure risks, and these may be thought of as operational or insurable risks. In general, organizations will have a tolerance of hazard risks, and these need to be managed within the levels that the organization can tolerate. A good example of a hazard risk faced by many organizations is that of theft. There are other risks that give rise to uncertainty about the outcome of a situation. These can be described as control risks and are frequently associated with project management. In general, organizations will have an aversion to control risks. Uncertainties can be associated with the benefits that the project produces, as well as uncertainty about the delivery of the project on time, within budget and to specification. The management of control risks will often be undertaken in order to ensure that the outcome from the business activities falls within the desired range. The purpose is to reduce the variance between anticipated outcomes and actual results. At the same time, organizations deliberately take risks, especially marketplace or commercial risks, in order to achieve a positive return. These can be considered as opportunity or speculative risks, and an organization will have a specific appetite for investment in such risks. Opportunity risks relate to the relationship between risk and return. The purpose is to take action that involves risk to achieve positive gains. The focus of opportunity risks will be towards investment. RISK DESCRIPTION In order to fully understand a risk, a detailed description is necessary so that a common understanding of the risk can be identified and ownership/responsibilities may be clearly understood. Please see Table 2 for the lists of information that must be recorded to fully understand a risk. It is most applicable to hazard risks and the list will need to be modified to provide a full description of control or opportunity risks. Table 2. Risk Description Definitions of Risk  Name or title of risk  Statement of risk, including scope of risk and details of possible events and dependencies  Nature of risk, including details of the risk classification and timescale of potential impact  Stakeholders in the risk, both internal and external  Risk attitude, appetite, tolerance, limits for the risk and/or risk criteria  Likelihood and magnitude of event and consequences should the risk materialize at current/residual level  Control standard required, target level of risk or risk criteria  Incident and loss experience  Existing control mechanisms and activities  Responsibility for developing risk strategy and policy  Potential for risk improvement and level of confidence in existing controls  Risk improvement recommendations and deadlines for implementation Opportunity (or speculative) risks Hazard (or pure) risks Control (or uncertainty) risks Compliance (or mandatory) risks;
  • 3. 3  Responsibility for implementing improvements  Responsibility for auditing risk compliance So that the correct range of information can be collected about each risk, the distinction between compliance, hazard, control and opportunity risks needs to be clearly understood. The example below is intended to distinguish between these four types of risk, so that the information required in order to describe each type of risk can be identified. RISK CLASSIFICATION SYSTEMS Risks can be classified according to the nature of the attributes of the risk, such as timescale for impact, and the nature of the impact and/or likely magnitude of the risk. They can also be classified according to the timescale of impact after the event occurs. The source of the risk can also be used as the basis of classification. In this case, a risk may be classified according to its origin, such as counterparty or credit risk. A further way of classifying risks is to consider the nature of the impact. Some risks can cause detriment to the finances of the organization, whereas others will have an impact on the activities or the infrastructure. Further, risks may have an impact on the reputation of the organization, or on its status and the way it is perceived in the marketplace. Risks may also be classified according to the component or feature of the organization that will be impacted. For example, risks can be classified according to whether they will impact people, premises, processes or products. An important consideration for organizations when deciding their risk classification system is to determine whether the risks will be classified according to the source of the risk, the component impacted or of the consequences of the risk materializing. Individual organizations will decide on the risk classification system that suits them best, depending on the nature of the organization and its activities. Also, many risk management standards and frameworks suggest a specific risk classification system. If the organization adopts one of these standards, then it will tend to follow the classification system recommended. The risk classification system that is selected should be fully relevant to the organization concerned. There is no universal classification system that fulfils the requirements of all organizations. It is likely that each risk will need to be classified in several ways in order to clearly understand its potential impact. RISK LIKELIHOOD AND MAGNITUDE Risk likelihood and magnitude are best demonstrated using a risk matrix. Risk matrices can be produced in many formats. Whatever format is used for a risk matrix; it is a very valuable tool for the risk management practitioner. The basic style of risk matrix plots the likelihood of an event against the magnitude or impact should the event materialize. Figure 1 is an illustration of a simple risk matrix, also referred to as a risk map or heat map. This is a commonly used method of illustrating risk likelihood and the magnitude (or severity) of the event should the risk materialize. The use of the risk matrix to illustrate risk likelihood and magnitude is a fundamentally important risk management tool. The risk matrix can be used to plot the nature of individual risks, so that the organization can decide whether the risk is acceptable and within the risk appetite and/or risk capacity of the organization. The horizontal axis is used to represent likelihood. The term likelihood is used rather than frequency, because the word frequency implies that events will definitely occur and the risk matrix is registering how often these events take place. Likelihood is a broader word that includes frequency, but also refers to the chances of an unlikely
  • 4. 4 event happening. However, in risk management literature, the word ‘probability’ will often be used to describe the likelihood of a risk materializing. The vertical axis is used to indicate magnitude in Figure 1. The word magnitude is used rather than severity, so that the same style of risk matrix can be used to illustrate compliance, hazard, control and opportunity risks. Severity implies that the event is undesirable and is, therefore, related to compliance and hazard risks. The magnitude of the risk may be considered to be its gross or inherent level before controls are applied. Figure 1 plots likelihood against the magnitude of an event. However, the more important consideration for risk managers is not the magnitude of the event, but the impact of the event and the consequences that follow. For example, a large fire could occur that completely destroys a warehouse of a distribution and logistics company. Although the magnitude of the event may be large, if sufficient insurance is in place, the impact in terms of financial costs for the company could be minimal, and if the company has produced plans to cope with such an event, the consequences for the overall business may be much less than would otherwise be anticipated. Figure 1. Risk likelihood and magnitude Shading or color coding is often used on the risk matrix to provide a visual representation of the importance of each risk under consideration. As risks move towards the top right-hand corner of the risk matrix, they become more likely and have a greater impact. Therefore, the risk becomes more important and immediate and effective risk control measures need to be in place. IMPACT OF RISK ON ORGANIZATIONS LEVEL OF RISKS It is increasingly understood that the explicit and structured management of risks brings benefits. By taking a proactive approach to risk and risk management, organizations will be able to achieve the following four areas of improvement: IMPACT OF HAZARD RISKS Hazard risk management is concerned with issues such as health and safety at work, fire prevention, avoiding damage to property and the consequences of defective products. Hazard risks can cause disruption to normal operations, as well as resulting in increased costs and poor publicity associated with disruptive events.
  • 5. 5 Hazard risks are related to business dependencies, including IT and other supporting services. There is increasing dependence on the IT infrastructure of most organizations and IT systems can be disrupted by computer breakdown or fire in server rooms, as well as virus infection and deliberate hacking or computer attacks. Theft and fraud can also be significant hazard risks for many organizations. This is especially true for organizations handling cash or managing a significant number of financial transactions. Techniques relevant to the avoidance of theft and fraud include adequate security procedures, segregation of financial duties, and authorization and delegation procedures, as well as the vetting of staff prior to employment. It is worth reflecting on terminology, because this is especially important in relation to hazard risks, if an event occurs. If a hazard risk materializes, it may have a very large magnitude, such as the destruction of the main distribution warehouse of an organization. This large magnitude event will have an impact on the organization related to potential financial costs, destruction of infrastructure, damage to reputation and the inability to function in the marketplace. Magnitude represents the gross or inherent level of the risk. However, the impact of the event will be reduced because of the controls that are in place. Impact represents the net, residual or current level of the risk. These controls reduce the financial impact, the extent of destruction of infrastructure, as well as controls designed to protect reputation and marketplace activities. But, what is also important for the organization is the consequences of the major warehouse fire. These consequences relate to the effect that the fire might have on the strategy, tactics, operations and compliance activities within the organization. ATTACHMENT OF RISKS Although most standard definitions of risk refer to risks as being attached to corporate objectives, Figure 2 provides an illustration of the options for the attachment of risks. Risks are shown in the diagram as being capable of impacting the key dependencies that deliver the core processes of the organization. Corporate objectives and stakeholder expectations help define the core processes of the organization. These core processes are key components of the existing nature and future enhancement of the business model and can relate to operations, tactics and corporate strategy, as well as compliance activities. Significant risks can be identified by considering the key dependencies of the organization, the corporate objectives and/or the stakeholder expectations, as well as by analysis of the core processes of the organization. RISK AND REWARD Another feature of risk and risk management is that many risks are taken by organizations in order to achieve a reward. Figure 3 illustrates the relationship between the level of risk and the anticipated size of reward. A business will launch a new product because it believes that greater profit is available from the successful marketing of that product. In launching a new product, the organization will put resources at risk because it has decided that a certain amount of risk taking is appropriate. The value at risk represents the risk appetite of the organization with respect to the activity that it is undertaking. When an organization puts value at risk in this way, it should do so with the full knowledge of the risk exposure and it should be satisfied that the risk exposure is within the appetite of the organization. Even more important, it should ensure that it has sufficient resources to cover the risk exposure. In other words, the risk exposure should be quantified, the appetite to take that level of risk should be confirmed, and the capacity of the organization to withstand any foreseeable adverse consequences should be clearly established.
  • 6. 6 Task/Activity Figure 2. Attachment of Risks Figure 3. Risk and Reward Answer the following questions on a yellow paper: 1. For you what is the best definition of risk? Explain briefly. 2. What are the features of the types of risk? 3. How can risks be classified? 4. What is Likelihood and Magnitude on Risk Matrix? 5. What is the difference between the hazard and a risk? 6. What is the concept of risk and reward? Rubric for grading: CRITERIA PERFORMANCE INDICATORS POINTS Content Provided pieces of evidence, supporting details, and factual scenarios 8 Grammar Used correct grammar, punctuation, spelling, and Capitalization 1 Organization of ideas Expressed the points in clear and logical arrangement of ideas in the paragraph 1 TOTAL 10
  • 7. 7 ORIGINS OF RISK MANAGEMENT Risk management has a variety of origins and is practiced by a wide range of professionals. One of the early developments in risk management emerged in the United States out of the insurance management function. The practice of risk management became more widespread and better coordinated because the cost of insurance in the 1950s had become prohibitive and the extent of coverage limited. Organizations realized that purchasing insurance was insufficient if there was inadequate attention to the protection of property and people. Insurance buyers therefore became concerned with the quality of property protection, the standards of health and safety, product liability issues and other risk control concerns. This combined approach to risk financing and risk control developed in Europe during the 1970s and the concept of total cost of risk became important. As this approach became established, it also became obvious that there were many risks facing organizations that were not insurable. The tools and techniques of risk management were then applied to other disciplines. Table 3. Definitions of Risk Management Definitions of Risk Management  Co-ordinated activities to direct and control an organization with regard to risk (ISO Guide 73)  Risk management is the set of activities within an organization undertaken to deliver the most favorable outcome and reduce the volatility or variability of that outcome.  Process which aims to help organizations understand, evaluate and take action on all their risks with a view to increasing the probability of success and reducing the likelihood of failure  All the processes involved in identifying, assessing and judging risks, assigning ownership, taking actions to mitigate or anticipate them, and monitoring and reviewing progress IMPORTANCE OF RISK MANAGEMENT MANAGING THE ORGANIZATION  Variable cost or availability of raw materials  Cost of retirement/pension/social benefits  Desire to deliver greater shareholder value  Greater transparency required from organizations  Pace of change in business ever increases  Impact of e-commerce on all aspects of business life  Increased reliance on information technology (IT) systems  Increasing importance of intellectual property (IP)  Greater supply chain complexity/dependency  Reputation becomes more and more important  Reputational damage – especially to worldwide brands  High-profile losses and failures ruin reputations  Regulatory pressures continue to increase  Changes/variation in national legislative requirements  Joint ventures becoming more common CHANGES IN THE MARKETPLACE  Changing commercial and marketplace environment  Globalization of customers, suppliers and products  Increased competition in the marketplace  Greater customer expectations, often led by competitors  Need to respond more rapidly to stakeholder expectations TOPIC 2: SCOPE, PRINCIPLES AND AIMS OF RISK MANAGEMENT
  • 8. 8 Project risk management  More volatile markets with less customer loyalty  Diversification leads to working in unfamiliar areas  Constant need to make bold strategic decisions  Short-term success required, without long-term detriment  Product innovation and continuous improvements  Rapid changes in (consumer) product technology  Threats to world/national economy  Threat of influenza or other pandemics  Potential for international organized crime  Increasing occurrences of civil unrest/political risks  Extreme weather events resulting in population shift SPECIALIST AREAS OF RISK MANAGEMENT One of the best known and specialist areas of risk management is that of health and safety at work. Another specialist area is that of disaster recovery planning and business continuity planning. Also, there is no doubt that quality management is a very well-developed branch of risk management, given the high profile attached to quality management systems, such as ISO 9000. Additionally, other specialist areas of risk management have developed over the past decades, including: Project risk management is an area where the application of risk management tools and techniques is particularly well developed. It has its emphasis on the management of uncertainty or control risks. Clinical risk management is primarily concerned with patient care, especially during surgical operations. The cost of medical malpractice claims and the inevitable delay in making insurance payments has resulted in risk management systems being introduced. Particular aspects of clinical risk management include greater attention to making patients aware of the risks that may be associated with the procedure they are about to undertake. The energy sector has also seen an increase in the attention paid to risk management tools and techniques. For some organizations in the energy sector, risk management is mainly concerned with the future price of energy and with exploration risk. Therefore, the risk management approach is similar to the activities of the treasury function, where hedging and other sophisticated financial techniques form the basis of the risk management effort. Risk management within the finance sector is broader than just operational risk. Banks and other financial institutions will be concerned with the credit risk and market risk, as well as operational risk. Finance and insurance are highly regulated business sectors, governed by international standards such as Basel III and Solvency II. Risk management in the finance sector focuses on operational risks, as well as market, credit and other types of financial risks. It is in the finance sector that the title Chief Risk Officer was first developed. IT risk management Financial risk management Clinical/medical risk management Energy risk management
  • 9. 9 IT risk management is another well-developed and specific branch of risk management. The increasing importance of information to organizations, in terms of the management of and security of data, has resulted in the development of specific standards applicable to IT risk management. Amongst the best established of these risk management standards is COBIT, which is similar in many regards to the COSO (Committee of Sponsoring Organizations of the Treadway Commission) standard. SIMPLE REPRESENTATION OF RISK MANAGEMENT The risk management process is referred to as the 8Rs and 4Ts of hazard risk management as illustrated in Figure 4. The activities associated with risk management are as follows: Risk management can improve the management of the core processes of an organization by ensuring that key dependencies are analyzed, monitored and reviewed. Risk management tools and techniques will assist with the management of the hazard risks, control risks and opportunity risks that could impact these key dependencies. LEVELS OF RISK MANAGEMENT SOPHISTICATION An organization may be unaware of the legal and contractual obligations that it faces. In that case, it will be necessary to inform the organization of its obligations in relation to the risk. As the level of sophistication develops, the organization will become aware of the need to comply with obligations and the more general need for improved risk management. Once it is aware of obligations, there will be a need for the organization to reform in response to the hazard risks. As the organization responds to the risk, it will seek to conform to the appropriate risk control standards. After this stage, the organization may realize that there are benefits to be obtained from the risk. The organization will then have the ability to perform and view the risk as an opportunity risk. But there is a danger that organizations will become obsessed with risk management to the point that important decisions are not taken. At this point, it may be said that too much attention and concern about risk and risk management will cause the organization to deform its operations.
  • 10. 10 Figure 4. 8Rs and 4Ts of (hazard) Risk Management PRINCIPLES OF RISK MANAGEMENT The main principle of risk management is that it delivers value to the organization. In other words, risk management activities are designed to achieve the best possible outcome and reduce volatility or uncertainty of outcomes. However, risk management operates on a broader set of principles, and there have been several attempts to define these principles. ISO 31000 includes a detailed list of the suggested principles of risk management. Many of the lists of principles set out a description of what risk management activity should be and what it should achieve. It is important to distinguish between what the risk management initiative has been set up to achieve and the nature of the risk management framework that will be put in place. This provides the acronym PACED and provides a very good set of principles that are the foundations of a successful approach to risk management within any organization. The approach to risk management is based on the idea that risk is something that can be identified and controlled. These principles describe what risk management should be in practice. Some lists of
  • 11. 11 principles also include information on what risk management should do or deliver. It is useful to separate the principles of risk management into two distinct lists:  What should be the characteristics of risk management, as listed above; and  What it should deliver, as listed below: o Mandatory obligations placed on the organization; o Assurance regarding the management of significant risks; o Decisions that pay full regard to risk considerations; o Effective and efficient core processes. Core processes represent the activities of the organization and can be strategic, tactical, operational or compliance (STOC) in nature. The objectives for risk management provide the acronym MADE2 mandatory, assurance, decision making and effective and efficient core processes and this confirms that outputs from risk management will lead to less disruption to normal efficient operations, a reduction of uncertainty in relation to tactics and improved decisions in relation to evaluation and selection of alternative strategies. In other words, a key part of risk management is improved organizational decision making. The resources available for managing risk are finite and so the aim is to achieve an optimum response to risk, prioritized in accordance with an evaluation of the risks. Risk is unavoidable and every organization needs to take action to manage it in a way that it can justify to a level that is acceptable. The appropriate range of responses will depend on the nature, size and complexity of the organization and the risks it faces. RISK MANAGEMENT ACTIVITIES Risk management is a process that can be divided into several stages. Alternative illustrations of the risk management process can be found in the International Standard ISO 31000 and in other publications. The process can be represented as the 8Rs and 4Ts of hazard risk management. ISO Guide 73 and British Standard BS 31100 describe the risk management process as the systematic application of management policies, procedures and practices to the tasks of communicating, consulting, establishing the context, identifying, analyzing, evaluating, treating, monitoring and reviewing risk. However, it could be argued that the setting of policies, procedures and practices, together with the tasks of communicating, consulting and establishing that context, is actually part of the risk management framework, rather than the risk management process itself. IMPLEMENTING RISK MANAGEMENT In a rapidly developing discipline like risk management, there is scope for different practitioners to become intolerant towards the approach adopted by others. Internal control specialists who believe that risk management is all about the management of uncertainty and the achievement of corporate objectives should not become intolerant of the more traditional insurance risk management approach. There is no value in one group of specialists being dismissive of the approach adopted by others and being unwilling to utilize the expertise that is available in another group. In any case, there is no single style of risk management or approach to risk management that offers all the answers. Clearly, the various styles that can be adopted should operate as
  • 12. 12 Opportunity management makes outcomes more positive. Compliance management provides risk governance; complementary approaches within an organization. The integrative approach to risk management accepts that the organization must tolerate certain hazard risks and must have an appropriate appetite for investment in opportunity risks. Risk management tools and techniques should be used to achieve the following: Hazard management will make the outcome of any hazard event less negative. Within the context of hazard management, insurance represents the mechanism for restricting the financial cost of losses when a risk materializes. Risk control and loss management techniques will reduce the expected losses and should ensure that the overall cost is contained. The combination of insurance and risk control/loss management will reduce the actual cost of hazard losses and this will inevitably (and correctly) cause the hazard tolerance of the organization to decline. More of the risk capacity of the organization will then be available for opportunity investment. Control management reduces the range of possible outcomes from any event. Control management is based on the established techniques of internal financial control, as practised by internal auditors. The main intention is to reduce losses associated with inadequate control management at the same time as reducing the range of possible outcomes. This is the contribution that internal control should make to the overall approach to risk management within an organization. Opportunity management seeks to make positive outcomes more likely and more substantial. As part of the opportunity management approach, the organization should also look at possibilities for increasing the revenue from the product or service. In not-for-profit organizations, opportunity management should facilitate the delivery of better value for money. Hazard management makes outcomes less negative; Control management reduces the range of possible outcomes;
  • 13. 13 Wiley, John (2018). An Introduction to Banking Principles, Strategy and Risk Management (2nd ed). United Kingdom: TJ International Ltd. Hopkin, Paul (2017). Fundamentals of Risk Management (4th ed). United States: Kogan Page Limited. Fraser, John R., et al (2015). Implementing Enterprise Risk Management Case Studies and Best Practices. Hoboken, New Jersey: John Wiley & Sons, Inc. Borghesi, Antonio, et al (2013). Risk Management - How to Assess, Transfer, and Communicate Critical Risks. Italy: Springer-Verlag Italia. Chance, Don M., et al (2008). An Introduction to Derivatives and Risk Management (7th ed.). Canada: Thomson South-Western. Trieschmann, James S., et al (2001). Risk Management and Insurance (11th ed.). United States of America: South-Western College Publishing. Andres, Tomas Q.D (1999). Risk Management & Disaster Control. Quezon City, Philippines: Giraffe Books. REFERENCES