Risk is event or action that keep on organization from achieving its objectives. Uncertainty is notation that wheatear or nor an event will occur is unknown. Organization need to identify ,assess and manage risk to achieve their objectives.
BENFIT OF RISK MANAGEMENT
- Increase shareholder value or profit increase.
- Better resource utilization.
- Fewer shocks and unwelcomed surprise.
- Increase stakeholder confidence.
- Better planning and cost control.
- Quick response to new opportunity.
- Less disruption in operations.
- Better decision making.
TYPE OF RISK
1.STRATEGIC RISK
- Exist globally, Macro level,
- Eg:- competitors action, political risk, overall economic climate, law changes etc..
- Difficult to mitigation.
2.OPERATIONAL RISK
- Due to indicate or failed internal process, people or system.
- Eg:-human resource risk, technological risk.
- Can be mitigated
- subsets of operational risk ,legal and compliance risk.
3.FINANCIAL RISK
- Connected to financial help of the company.
- Eg:-capital availability ,interest rate risk, enough fund for machinery, not money for change technology .etc….
4.HAZARD RISK
- They are insurable risk
- Eg:-natural disaster(with property insurance),employee dead with keyperson life insurance.
VOLATILITY AND TIME
- Volatility and time are features that impact the risk.
- Volatility refers to inconsistency of results.
- More volatility increase risk and vice versa.
- A project has covering a longer period of time has increased risk and vice versa.
INTERNAL AND EXTERNAL RISK
INTERNAL RISKS
- Infrastructure events.
- Process related events.
- Internal technological events.
EXTERNAL RISKS
- Competitors action.
- Regulations.
- Supply chain disruptions.
- Political risk.
RISK MANAGEMENT PROCESS
- Risk identification.
- RIsk assessment.
- Risk prioritization.
- Response planning.
- Risk monitoring.
1.RISK IDENTIFICATION
Management analysis the company’s internal business, external environment, business processes existing control and any other area of potential risk to identify all possible risk that might impact or otherwise prevent the company from achieving its objectives.
INTERNAL RISK FACTOR
- Communication methods.
- Labor relation.
- Training and capability of employees.
- Financial risk.
- Operational risk.
EXTERNAL RISK FACTOR
- Regulatory changes.
- Industry competition.
- Supplier and customers relationship.
- International risk.
- Natural disaster.
RISK IDENTIFICATION TOOLS
- Checklists.
- Risk questionnaires and survey.
- Swot analysis.
- Value chain analysis.
- Business process analysis.
- Process mapping.
- Brain storming session with employees, management, or staff members.
- Interview and self assessment.
- Scenario analysis.
2.RISK ASSESSMENT
It is the process analyzing the potential effect of identified risk. Exposure of risk is accessed according to :
LOSS FREQUANCY : Measure how often loss occurs.
LOSS SEVERITY OR IMPACT: Measures the seriousness of the lost in the term of cost at the time it occurs.
3.RISK PRIORITIZATION
After the risk identification and assessment, the company company must decide which risk and rank highest the priority and thus should be addressed first. Four terms are used to express the measure of potential loss that could occur a specific risk:
- Expected loss .
- Unexpected loss.
- Maximum possible loss.
- Maximum possible loss.
4. RESPONSE RISK.
5 Different response for each specific risk.
- AVOID OR ELIMINATING RISK: Completely and nearly eliminate a risk that has the potential to damage the organization
- REDUCING OR MITIGATING THE RISK: Management accept that risk exist but looks for way to reduce it.
- TRANSFERING AND SHAERING THE RISK: Management move the risk partially or wholly to another entity.
- RISK RETENTION: Planned acceptance of loss by deductibles, deliberate non insurance , and loss sensitivity plan where some, but not all risk is consciously retained rather than transferred.
- EXPLOITING AND ACCEPTING THE RISK : A company deliberate expose itself to risk to generate profit.
- RISK MONITORING: It is a process which tracks and evaluate the level of risk in an organization. Condition can change. New risk may appear or identified risk threaten generally.
RISK APPETITE AND RISK TOLERANCE
RISK APPETITE: The broadly defined level of risk an organization willing to accept in pursuit of value.
RISK TOLERANCE: Express acceptable level of risk variation around objective.