RISK MANAGEMENT IN DECISION MAKING
CHAPTER 5
RISK
“Risk is a condition in which there is a possibility of an adverse deviation from a desired outcome that is expected … .” (Vaughn)
2
TYPES OF RISK
3
Any (-) deviation from what is expected-means only chances of loss not gain; such as fire, flood, accidents - pure risk
Any (+/-) deviation from what is expected – speculative risk- The chances to either gain or loss, such as playing casino, investment in stock etc.
INTEGRATED RISK MANAGEMENT
Integrated (Enterprise-holistic) RM is a formal approach to the problem of dealing with all risks that endanger the strategic mission.
4
ADOPTING INTEGRATED RM
Integrated RM involves:
Strategic systems-to identify significant risks & determine
root causes
Management systems-to disseminate business risk assessment & control methods in the organization & establish accountability
Process systems - to establish a common language of risk and RM methods
5
CRO DUTIES
The CRO (chief risk officer) must:
define consistent approach to RM
create organization-wide awareness
measure operational and financial risk
develop organizational risk map
develop other methods, tools, and practices
develop outcome measurements
6
WHAT IS A RISK ASSESSMENT?
A risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc. that may cause harm, particularly to people.
A risk assessment will protect your workers and your business, as well as complying with law.
7
HOW TO DO A RISK ASSESSMENT (FIVE STEPS)
8
Identify
Identify hazards and risk factors that have the potential to cause harm (hazard identification).
Analyze and evaluate
Analyze and evaluate the risk associated with that hazard (risk analysis, and risk evaluation).
Determine
Determine appropriate ways to eliminate the hazard, or control the risk when the hazard cannot be eliminated (risk control).
Record
Record your findings and implement them
Review
Review your assessment and update if necessary
When should a risk assessment be done?
9
A hazard is ‘something with the potential to cause harm’ and a risk is ‘the likelihood of that potential harm being realized’.
Before new processes or activities are introduced.
Before changes are introduced to existing processes or activities, including when products, machinery, tools, equipment change or new information concerning harm becomes available.
When hazards are identified.
SAMPLE RISK ASSESMENT FORM
10
HOW ARE RISKS RANKED OR PRIORITIZED?
11
SEVERITY RATINGS
12
High: major fracture, poisoning, significant loss of blood, serious head injury, or fatal disease
Medium: sprain, strain, localized burn, dermatitis, asthma, injury requiring days off work
Low: an injury that requires first aid only; short-term pain, irritation, or dizziness
PROBABILITY RATINGS
13
High: likely to be experienced once or twice a year by an individual
Medium: may be experienced once every five years by an individual
Low: may occur once during a working lifetime
RISK RATINGS
14
RECOMMENDED ACTIONS OF RISK RATINGS
15
Immediately dangerous: stop the process and implement controls
High risk: investigate the process and implement controls immediately
Medium risk: keep the process going; however, a control plan must be developed and should be implemented as soon as possible
Low risk: keep the process going, but monitor regularly. A control plan should also be investigated
Very low risk: keep monitoring the process
RISK AVOIDANCE
Risks are avoided when the organization refuses to accept the risk for even an instant.
Example: A firm that considers manufacturing some product but, because of the hazards involved, elects not to do so.
If avoidance is used extensively, the firm may not be able to achieve its primary objectives.
For this reason, avoidance is, in a sense, the RM technique of last resort.
Avoidance should be used in the case of risks for which both the frequency and the severity are high.
16
RISKS PROCESS FLOW DIAGRAM
17
RISK MATRIX (MAP)
A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces.
The goal of a risk map is to improve an organization's understanding of its risk profile and appetite, clarify thinking on the nature and impact of risks, and improve the organization's risk assessment model.
18
RISK MATRIX
19
IDENTIFY : LATE DEPARTURE OF FLIGHT
20
IDENTIFY : PLANE CRASH
21
RISK MATRIX
22
ATTITUDE OF RISK
23
RESIDUAL RISK
24
Risk Management in Organizations
Risk management within organizations can be strategic, operational or tactical.
Strategic: Risks to organizations goals and objectives
Operational: Decisions and action plans on measures taken to deal with the assessed risks
Tactical: Used by officers at their workplace, to deal with immediate situations
25
OBJECTIVE OF ERM (ENTERPRIZE RISK MANAGEMENT) SYSTEM
26
DATA RISK REGISTER (PRIMARY DOCUMENT OF ERM SYSTEM)
27
Outcome of ERM system
28
DESIGN OF ERM SYSTEMS
29
ERM CONCLUDED
30
REFERENCES
International Organization for Standardization, Space Systems Risk Management, ISO 17666,
Cox, L.A. Jr., 'What's Wrong with Risk Matrices?', Risk Analysis, Vol. 28, No. 2, 2008, doi:10.1111/j.1539-6924.2008.01030.x
Thomas, Philip, Reidar Bratvold, and J. Eric Bickel, 'The Risk of Using Risk Matrices,' SPE Economics & Management, Vol. 6, No. 2, pp. 56-66, 2014, doi:10.2118/166269-PA.
Hubbard, Douglas W.; Seiersen, Richard (2016). How to Measure Anything in Cybersecurity Risk. Wiley. pp. Kindle Locations 2636–2639.
31
REFERENCES
Enterprise Risk Management Committee (May 2003). "Overview of Enterprise Risk Management" (PDF). Casualty Actuarial Society. Retrieved 2019-10-04.
"ERM SAM Goals" (PDF). CAS Centennial Goal and SAM Goals. Casualty Actuarial Society. March 2008. Retrieved 2019-10-04.
"Enterprise Risk Management Web Site". Casualty Actuarial Society. 2008. Retrieved 2019-10-04.
"Executive Summary: CAS Board of Directors Meeting" (PDF). Casualty Actuarial Society. June 17, 2007. Archived from the original (PDF) on June 27, 2010. Retrieved 2019-10-04.
"Credential Overview". Society of Actuaries. 2008. Retrieved 2008-09-15.
"CERA Fast Facts". Society of Actuaries. 2008. Retrieved 2019-10-04.
32
MUST WATCH
https://www.youtube.com/watch?v=P-O3NIie3ck
https://www.youtube.com/watch?v=Sera-ColoWk
33
THANK YOU
34
.MsftOfcThm_Accent1_Fill { fill:#4472C4; } .MsftOfcThm_Accent1_Stroke { stroke:#4472C4; }
.MsftOfcThm_Accent1_Fill { fill:#4472C4; } .MsftOfcThm_Accent1_Stroke { stroke:#4472C4; }