Uber analysis pdf

RISK MANAGEMENT IN DECISION MAKING

CHAPTER 5

RISK

“Risk is a condition in which there is a possibility of an adverse deviation from a desired outcome that is expected … .” (Vaughn)

2

TYPES OF RISK

3

Any (-) deviation from what is expected-means only chances of loss not gain; such as fire, flood, accidents - pure risk

Any (+/-) deviation from what is expected – speculative risk- The chances to either gain or loss, such as playing casino, investment in stock etc.

INTEGRATED RISK MANAGEMENT

Integrated (Enterprise-holistic) RM is a formal approach to the problem of dealing with all risks that endanger the strategic mission.

4

ADOPTING INTEGRATED RM

Integrated RM involves:

Strategic systems-to identify significant risks & determine

root causes

Management systems-to disseminate business risk assessment & control methods in the organization & establish accountability

Process systems - to establish a common language of risk and RM methods

5

CRO DUTIES

The CRO (chief risk officer) must:

define consistent approach to RM

create organization-wide awareness

measure operational and financial risk

develop organizational risk map

develop other methods, tools, and practices

develop outcome measurements

6

WHAT IS A RISK ASSESSMENT?

A risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc. that may cause harm, particularly to people.

A risk assessment will protect your workers and your business, as well as complying with law.

7

HOW TO DO A RISK ASSESSMENT (FIVE STEPS)

8

Identify

Identify hazards and risk factors that have the potential to cause harm (hazard identification).

Analyze and evaluate

Analyze and evaluate the risk associated with that hazard (risk analysis, and risk evaluation).

Determine

Determine appropriate ways to eliminate the hazard, or control the risk when the hazard cannot be eliminated (risk control).

Record

Record your findings and implement them

Review

Review your assessment and update if necessary

When should a risk assessment be done?

9

A hazard is ‘something with the potential to cause harm’ and a risk is ‘the likelihood of that potential harm being realized’.

Before new processes or activities are introduced.

Before changes are introduced to existing processes or activities, including when products, machinery, tools, equipment change or new information concerning harm becomes available.

When hazards are identified.

SAMPLE RISK ASSESMENT FORM

10

HOW ARE RISKS RANKED OR PRIORITIZED?

11

SEVERITY RATINGS

12

High: major fracture, poisoning, significant loss of blood, serious head injury, or fatal disease

Medium: sprain, strain, localized burn, dermatitis, asthma, injury requiring days off work

Low: an injury that requires first aid only; short-term pain, irritation, or dizziness

PROBABILITY RATINGS

13

High: likely to be experienced once or twice a year by an individual

Medium: may be experienced once every five years by an individual

Low: may occur once during a working lifetime

RISK RATINGS

14

RECOMMENDED ACTIONS OF RISK RATINGS

15

Immediately dangerous: stop the process and implement controls

High risk: investigate the process and implement controls immediately

Medium risk: keep the process going; however, a control plan must be developed and should be implemented as soon as possible

Low risk: keep the process going, but monitor regularly. A control plan should also be investigated

Very low risk: keep monitoring the process

RISK AVOIDANCE

Risks are avoided when the organization refuses to accept the risk for even an instant.

Example: A firm that considers manufacturing some product but, because of the hazards involved, elects not to do so.

If avoidance is used extensively, the firm may not be able to achieve its primary objectives.

For this reason, avoidance is, in a sense, the RM technique of last resort.

Avoidance should be used in the case of risks for which both the frequency and the severity are high.

16

RISKS PROCESS FLOW DIAGRAM

17

RISK MATRIX (MAP)

A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces.

The goal of a risk map is to improve an organization's understanding of its risk profile and appetite, clarify thinking on the nature and impact of risks, and improve the organization's risk assessment model.

18

RISK MATRIX

19

IDENTIFY : LATE DEPARTURE OF FLIGHT

20

IDENTIFY : PLANE CRASH

21

RISK MATRIX

22

ATTITUDE OF RISK

23

RESIDUAL RISK

24

Risk Management in Organizations

Risk management within organizations can be strategic, operational or tactical.

Strategic: Risks to organizations goals and objectives

Operational: Decisions and action plans on measures taken to deal with the assessed risks

Tactical: Used by officers at their workplace, to deal with immediate situations

25

OBJECTIVE OF ERM (ENTERPRIZE RISK MANAGEMENT) SYSTEM

26

DATA RISK REGISTER (PRIMARY DOCUMENT OF ERM SYSTEM)

27

Outcome of ERM system

28

DESIGN OF ERM SYSTEMS

29

ERM CONCLUDED

30

REFERENCES

International Organization for Standardization, Space Systems Risk Management, ISO 17666,

Cox, L.A. Jr., 'What's Wrong with Risk Matrices?', Risk Analysis, Vol. 28, No. 2, 2008, doi:10.1111/j.1539-6924.2008.01030.x

Thomas, Philip, Reidar Bratvold, and J. Eric Bickel, 'The Risk of Using Risk Matrices,' SPE Economics & Management, Vol. 6, No. 2, pp. 56-66, 2014, doi:10.2118/166269-PA.

Hubbard, Douglas W.; Seiersen, Richard (2016). How to Measure Anything in Cybersecurity Risk. Wiley. pp. Kindle Locations 2636–2639.

31

REFERENCES

Enterprise Risk Management Committee (May 2003). "Overview of Enterprise Risk Management" (PDF). Casualty Actuarial Society. Retrieved 2019-10-04.

"ERM SAM Goals" (PDF). CAS Centennial Goal and SAM Goals. Casualty Actuarial Society. March 2008. Retrieved 2019-10-04.

"Enterprise Risk Management Web Site". Casualty Actuarial Society. 2008. Retrieved 2019-10-04.

"Executive Summary: CAS Board of Directors Meeting" (PDF). Casualty Actuarial Society. June 17, 2007. Archived from the original (PDF) on June 27, 2010. Retrieved 2019-10-04.

"Credential Overview". Society of Actuaries. 2008. Retrieved 2008-09-15.

"CERA Fast Facts". Society of Actuaries. 2008. Retrieved 2019-10-04.

32

MUST WATCH

https://www.youtube.com/watch?v=P-O3NIie3ck

https://www.youtube.com/watch?v=Sera-ColoWk

33

THANK YOU

34

.MsftOfcThm_Accent1_Fill { fill:#4472C4; } .MsftOfcThm_Accent1_Stroke { stroke:#4472C4; }

.MsftOfcThm_Accent1_Fill { fill:#4472C4; } .MsftOfcThm_Accent1_Stroke { stroke:#4472C4; }