Scribd Logo
Carica

Benvenuto in Scribd!

  • Lecture 1 - RM Approach Impact of Risk On Organisations

    Caricato da

    Sue Said
    79 visualizzazioni28 pagine
    Class Notes - Risk Management

    Titolo originale

    Lecture 1 - RM Approach Impact of Risk on Organisations

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Class Notes - Risk Management

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    79 visualizzazioni28 pagine

    Lecture 1 - RM Approach Impact of Risk On Organisations

    Caricato da

    Sue Said
    Class Notes - Risk Management

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 28

    Foundations of Risk Management

    Part One: Introduction to Risk Management


    Lecture 1: Risk Management Approach & Impact of Risk on Organisations

    Mark L. Zammit MBA (Henley) CIRM


    BKF2050, 2nd Year, Banking & Finance, 2015

    READING LIST
    Hopkin, Paul (2010); Fundamentals of Risk Management; Kogan Page
    Chapters 1 to 4

    Risk is the effect of uncertainty on objectives. Note that an effect


    may be positive, negative or a deviation from the expected. Also,
    risk can be described by an event, a change in circumstances or a
    consequence.
    ISO Guide 73, ISO 31000
    Risk is the combination of the probability of an event and its
    consequence. Consequences can range from positive to
    negative.
    Institute of Risk Management
    The uncertainty of an event occurring that could have an impact
    on the achievement of the objectives. Risk is measured in terms
    of consequences and likelihood.
    Institute of Internal Auditors

    Which of the 3 definitions is the most accepted?


    Risk is the effect of uncertainty on objectives. Note that an effect
    may be positive, negative or a deviation from the expected. Also,
    risk can be described by an event, a change in circumstances or
    a consequence.
    ISO Guide 73, ISO 31000

    Risks can be defined and categorised into 3


    distinct Categories:
    HAZARD RISKS (PURE RISK)
    CONTROL RISKS (UNCERTAINTY)
    OPPORTUNITY RISKS (SPECULATION)

    Example of Risk Types Computer Viruses


    Virus Infection in a new computer = HAZARD RISK
    Installation and/or upgrade of a software package = CONTROL RISK
    Selection of a new software package = OPPORTUNITY RISK

    Name of Risk
    Statement of Risk (scope of risk and events)
    Nature of Risk
    Stakeholders in the Risk
    Risk Attitude, Appetite, Tolerance
    Likelihood and Magnitude
    Control Standard
    Incident Experience
    Responsibility
    Recommendations
    Implementation of improvements
    Auditing Responsibilities

    The inherent level of risk is defined as the level of risk which is present before
    any actions have been taken to change the likelihood or magnitude of the risk
    itself.

    MANAGED RISK

    INHERENT RISK

    Example Crossing the Road


    Inherently dangerous unless there are no controls in place:

    People look both ways before crossing


    Drivers are aware that people may cross the road
    Other controls may be necessary such as:

    Traffic lights
    Zebra Crossing
    Police/Warden assisted crossings for Schools

    Gross (Inherent)
    risk

    Controls to reduce
    likelihood

    Likelihood

    4
    3
    2

    Controls to reduce
    impact

    1
    Net (Residual)
    risk

    Impact

    Source: Anderson, R (2010) adapted

    MAGNITUDE (Impact)

    LIKELIHOOD (Probability)

    After the Financial Crisis of 2008 the importance given to Risk and its impact
    on organisations was greatly enhanced.
    Proactive Approach to Risk and Risk Management allows organisations to
    achieve:
    1. More Efficient Operations
    2. More Effective Processes
    3. More Efficacious Strategies

    Risk Exposure

    Potential Reward

    Risk VS Reward: The Ferrari Case

    MAGNITUDE

    LIKELIHOOD

    HAZARD RISK

    CONTROL RISK

    OPPORTUNITY RISK

    HAZARD RISK
    Pure risk
    Theft, fire, flood
    etc

    Categories of Disruption

    People
    Premises
    Assets
    Suppliers
    Information Technology
    Communications

    CONTROL RISK
    Uncertainty
    Project Management

    OPPORTUNITY RISK
    Positive Risk
    Speculation, Investment,
    business relocation

    It is normal practice for organisations to tolerate a small amount of risk


    exposure as it would be more cost-effective (less expensive) for them
    rather than actually investing in more risk averse systems.
    Example..............

    Petty theft of office stationery


    Shoplifting in supermarkets

    Project Management and Change Implementation both are examples of


    operations that involve Control Risk as they deal with uncertainty
    which is inevitable in undertaking a project.
    Contingency Planning
    Time Constraints and penalties
    Budgets and forecasts
    Unexpected events (eg. Weather, Natural disasters, loss of key
    personnel)
    Over focus on Control Risks may suppress the entrepreneural
    effort

    Opportunity risks are those which are deliberately taken by the


    organisation in order to achieve their mission and strategic goals.

    Types of Opportunity Investment Risks:


    Marketplace risk financial investments and speculation
    Commercial risk investing in different operations to gain competitive
    advantage
    Strategic risk risk aggressive or risk averse organisation

    1950 - The practice of Risk Management became pivotal through the


    prohibitive cost of insurance.
    1970 The concept of Total Cost of Risk became a focal point in Europe and
    non-insurable risk was looked into.
    1990 Risk is no longer heavily linked to Insurance and the latter is deemed
    as only a control function of hazard risk.
    2000 - The emergence of Financial, Commercial, Marketplace and
    reputational risks start emerging.
    2002 Enterprise Risk Management comes to the forefront of Risk
    Management. Introduction of Sarbanes-Oxley Act

    2008 Global Financial Crises put emphasis on the role of Risk


    Management in Corporate success of Financial Institutions.

    Institute of Risk Management (IRM)


    Risk Management is the process which aims to help organisations understand,
    evaluate and take action on all their risks with a view to increasing the
    probability of success and reducing the likelihood of failure.
    HM Treasury
    Risk Management is all the processes involved in identifying, assessing and
    judging risks, assigning ownership, taking actions to mitigate or anticipate
    them, and monitoring and reviewing progress.
    London School of Economics
    Risk Management is the selection of those risks a business should take and
    those which should be avoided or mitigated, followed by action to avoid or
    reduce risk.

    Business Continuity Institute


    The culture, processes and structures that are put in place to effectively manage
    potential opportunities and adverse effects.

    HOLISTIC approach (Planning-Implementing-Measuring-Learning) to managing


    risk (refer to Appendix C).
    Levels of risk management sophistication:
    Reform
    - Hazard management
    Conform - Control management
    Perform
    - Opportunity management
    Deform
    - Inactivity
    Bow-Tie representation of risk: CAUSE - RISK EFFECT

    Thank you
    Mark L Zammit MBA (Henley) CIRM
    Email: mzamm13@um.edu.mt

    Potrebbero piacerti anche