Risk Management is a set of coordinated activities to direct and control an organisation with regard to risk (ISO 31000)
It is the application of management policies, procedures, and practices to the task of identifying, analyzing, assessing, treating, and monitoring the various risks that might prevent an organisation from achieving its objectives
Throughout this process, they communicate and consult with stakeholders and monitor and review the risk and the controls that are modifying the risk in order to ensure that no further risk treatment is required.
Risk management focus on anticipating what might not go to plan and putting in place actions to reduce uncertainty to a tolerable level.
In general terms, “risk management” refers to the architecture (principles, framework and process) for managing risks effectively.
Risk management is all about asking and answering basic six questions which are
1. What are we trying to do?
This involves understanding the scope, the context and the environment within which we are having to manage risk and this brings about a first step in risk management process which is risk initiation
2. What might affect us?
Are there things out there in the future which could either hinder us in achieving our objectives or may even help us in achieving our objectives (risk identification)
3. Which of those things might affect us are most important?
This involve prioritizing those things that might affect us in two key dimensions, how likely is it to happen and if it did happen, what could effect have on our objectives either positive or negative (risk analysis and evaluation)
Risk Management..
4. What should we do about it?
This is involves designing some responses to key risks. For bad risks we can avoid, minimize them or protect ourselves from them and for good risks we could try to maximize or exploit them (risk treatment)
5. Has it worked?
This involve checking and modifying our approaches for risk if the things we planned to do about risk didn’t work as we planned (risk monitoring)
6. What changed?
Project life is constantly changing, very dynamic and we need to make sure that we spot the new risks that have arisen since the last time we looked and took action. (risk reporting and review)
Then if we build our risk process around those six simple questions, then risk management becomes easy and natural process to do it.
Objectives of Risk Management
▪Encourage proactive management
▪Increase the likelihood of achieving objectives
▪Be aware of the need to identify and treat risk throughout the organisation
▪Comply with relevant legal and regulatory requirements ▪Improve stakeholder confidence and trust
▪Improve operational effectiveness and efficiency ▪Reduce shocks and unwelcome surprises
▪Establish a reliable basis for decision making and planning
Benefits of Risk Management Forecasts probable Issues:
▪Organisations that tend to focus more on risk management tend to be more proactive as compared to other organisations which can be reactive
▪Risk management forces the organisations to take a hard look at each of their business process and decide what can possibly go wrong
▪This detailed what-if analysis helps organisations become more proactive and forecast probable issues.
▪Organisations that extensively use risk management have fewer business disruption as such issues are foreseen and taken care of at an early stage.
▪The proactive approach is very helpful since it helps organisations to identify failed issues at an early stage.
Benefits of Risk Management.. Avoiding Catastrophic Events:
▪Risk management prepare organisations for all kinds of shocks
▪Risk management try to foresee the small shocks which affect the day
to day business of any organisation
▪Though such events have a very low probability of occurring, however, if they do occur, through risk management then organisations will be prepared to deal with them without going disruption.
Benefits of Risk Management.
Enables Growth:
▪Risk management sounds like a defensive business activity
▪It has a negative connotation and the assumption is that the activity is
performed to avoid losses
▪However, during risk management, organisations are forced to study their processes and risk factors in details
▪When new products, programs, projects have to be launched or when new markets have to be entered, organisations have a ready framework that can be deployed in order to avoid risks.
▪Hence, in a way, risk management ends up enabling organisations to take calculated risks and accelerate their growth
Benefits of Risk Management.
Business Process Improvement:
▪The day to day processes of risk management force organisations to collect more and more information about their processes and operations.
▪As a result, organisations are able to identify the parts of the process which are inefficient or where there is scope for improvement
▪Organisation/ project team members are supposed to continuously monitor the working of various department in relation to external entities and look for the things that can go wrong.
▪The end results is that during the process many opportunities are identified and process are improved
Benefits of Risk Management.
Enables Better Budgeting:
▪Organisations that have risk management processes in place have better control of their finances as opposed to other organisations.
▪This is because they often have a close look at their financial numbers and try trim any waste.
▪The end result is that these organisations have a better knowledge of their processes.
▪They can create more efficient budgets wherein funds can be allocated to achieve the goals of the organisation in the most optimized manner possible.
▪In such organisations, budgets do not have to rely on guesswork.
Should we take risk management?
▪The bottom line is that the risk management process is highly beneficial
▪In the short run, it might seem like these activities only incur additional costs.
▪However, over the course of time, these activities save the organisations significant sums of money.
▪The benefits far outweigh the costs associated with these activities.
▪Hence, considering them as a cost center is a narrow-minded view that could cost the organisation dearly in the long run