The Background Of Risk Management

Published Date: 02 Nov 2017

RISK MANAGEMENT

As per the Risk Management assignment is consist of two tasks. In every task which talk about Explanation of Risk Management, How Risk Management affect different business functions, Evaluation Of Methods of assessing Risk in Business. In the Task2 which talks about all the main drivers of business risk, impact of the different types of risk, analysis of severity and like-hood of risk and Impact of break in business community. The risk management assignment which identify the risk, Assess the risk, consider controls of the risk, reassessing the risks, treat the risks, monitor the risk and also report movement of risk.

Risk management is the preventative process for managing risks. Risk management involves identifying risks, strategizing ways to avoid or mitigate those risks and developing a contingency plan in case risks cannot be prevented or avoided. According to The Medical and Public Health Law Site, health care risk management goes beyond the protection of a bbusiness's operations and finances; it involves understanding how risks can impact patients.

Define Risk Management in Health Care | How.com http://www.ehow.co/m/about_6398509_define-risk-management-health-care.html#ixzz2KW5NgBDE@

CONCEPT OF RISK MANAGEMENT:

Hazard

Risk

Risk:

A situation involving exposure to danger.

The possibility that something unpleasant will happen.

Hazard:

A biological, chemical or physical agent in, or condition of, food with the potential to cause an adverse health effect ( Codex Alimentarius Commission)

A condition or physical situation with a potential for a undesirable consequences (Society for risk analysis) http://www.dfid.gov.uk/r4d/PDF/Outputs/HPAI/WKS081002_Annex5.pdf

Task 1:

An Explanation of Risk Management

The risk assessment consist of five step which is mentioned below

Identify the Hazard

Decide who might be harmed and how

Evaluate the Risks and decide on precaution

Record your findings and implement them

Review your assessment and update if necessary

Identify the Hazard

First you need to work out how people could be harmed. When you work in a place everyday it is easy to overlook some hazards, so here are some tips to help you identify the ones that matter:

Walk around your workplace and look at what could reasonably be expected to cause harm.

Ask your employees or their representatives what they think. They may have noticed things that are not immediately obvious to you. For information on how you can do this please visit our worker involvement pages.

Visit the HSE website. HSE publishes practical guidance on where hazards occur and how to control them. There is much information on the hazards that might affect your business.

If you are a member of a trade association, contact them. Many produce very helpful guidance.

Check manufacturers’ instructions or data sheets for chemicals and equipment as they can be very helpful in spelling out the hazards and putting them in their true perspective.

Have a look back at your accident and ill-health records – these often help to identify the less obvious hazards.

Remember to think about long-term hazards to health (eg high levels of noise or exposure to harmful substances) as well as safety hazards.

Decide who might be harm and how

For each hazard you need to be clear about who might be harmed; it will help you identify the best way of managing the risk. That doesn’t mean listing everyone by name, but rather identifying groups of people (eg ‘people working in the storeroom’ or ‘passers-by’).

Evaluate the Risks and decide on precaution

Having spotted the hazards, you then have to decide what to do about them. The law requires you to do everything ‘reasonably practicable’ to protect people from harm. You can work this out for yourself, but the easiest way is to compare what you are doing with good practice.

First, look at what you’re already doing, think about what controls you have in place and how the work is organized. Then compare this with the good practice and see if there’s more you should be doing to bring yourself up to standard. In asking yourself this, consider:

Can I get rid of the hazard altogether?

If not, how can I control the risks so that harm is unlikely?

When controlling risks, apply the principles below, if possible in the following order:

try a less risky option (e.g. switch to using a less hazardous chemical);

prevent access to the hazard (eg by guarding);

Organize work to reduce exposure to the hazard (eg put barriers between pedestrians and traffic);

issue personal protective equipment (eg clothing, footwear, goggles etc); and

provide welfare facilities (eg first aid and washing facilities for removal of contamination).

Improving health and safety need not cost a lot. For instance, placing a mirror on a dangerous blind corner to help prevent vehicle accidents is a low-cost precaution considering the risks. Failure to take simple precautions can cost you a lot more if an accident does happen.

Involve staff, so that you can be sure that what you propose to do will work in practice and won’t introduce any new hazards.

Record your findings and implement them

Putting the results of your risk assessment into practice will make a difference when looking after people and your business.

Writing down the results of your risk assessment, and sharing them with your staff, encourages you to do this. If you have fewer than five employees you do not have to write anything down.

When writing down your results, keep it simple, for example ‘Tripping over rubbish: bins provided, staff instructed, weekly housekeeping checks’, or ‘Fume from welding: local exhaust ventilation used and regularly checked’.

We do not expect a risk assessment to be perfect, but it must be suitable and sufficient. As illustrated by our example risk assessments, you need to be able to show that:

a proper check was made;

you asked who might be affected;

you dealt with all the obvious significant hazards, taking into account the number of people who could be involved;

the precautions are reasonable, and the remaining risk is low; and

you involved your staff or their representatives in the process.

Review your assessment and update if necessary

Few workplaces stay the same. Sooner or later, you will bring in new equipment, substances and procedures that could lead to new hazards. It makes sense therefore, to review what you are doing on an ongoing basis.

Look at your risk assessment and think about whether there have been any changes? Are there improvements you still need to make? Have your workers spotted a problem? Have you learnt anything from accidents or near misses? Make sure your risk assessment stays up to date.

How Risk Management affects different business functions

The business function is basis on the mission of the organisation. There have under mentioned below

Internal Business Function

External Business Function

Internal Business Function:

The internal Business functions are contains of the major three departments.

Production

Selling

Support

Production:

The production are includes research & development,production & quality and Distribution/ logistics though.

Selling:

The selling department are includes Sales, Marketing, Marketing Research and Advertising though.

Support:

The Support departments which includes Buying/Purchasing, Management Accountancy, Chartered Accountants, Computing, HR/Personnel, Recruitment Consultancy.

External Business Functions:

There have two external functions are detailed below.

Management Consultancy.

Public Relations.

http://www.google.co.uk/imgres?imgurl=http://www.kent.ac.uk/careers/pics/business-Functions2.jpg&imgrefurl=http://www.kent.ac.uk/careers/

workin/business-functions.htm&h=440&w=639&sz=71&tbnid=

RcUAs35iRRN_BM:&tbnh=90&tbnw=131&prev=/search%3Fq%3Dbusiness%2Bfunctions%26tbm%3Disch%26tbo%3Du&zoom=1&q=business+functions&usg=__zPsxahL04oxI1Kbs4CveLnPG3kg=&docid=qEdlgn7k-2pJSM&hl=en&sa=X&ei=2WomUZr1Iqqx0AXUrIDYCQ&ved=0CC8Q9QEwAA&dur=4

Every business faces the same 5 key risks. The affect on internal and external function of the business. These are under pinned below.

Development Risk:

Can the original product or services idea actually be created?

Manufacturing Risk:

If the product can be developed, can it actually be produced in appropriate value?

Marketing Risk:

If the product can be made, can it be sold effectively?

Financial Risk:

If the product can be sold effectively, will the resulting company be profitable and can the profits actually be realized in a form that allows investors to receive cash.

Growth Risk:

If the company can achieve operating at one level, can profitability be maintained as the company grows and evolver.

Evaluate the methods of assessing risk in business.

Risk Assessment Context:

Estimation of the overall likelihood of occurrence of the adverse event considered.

Identification of the steps of the pathways having high risk of occurrence or high impact on overall risk estimate.

Approaches of Risk Assessment:

Risk Assessment systems:

-OIE vs Codex Alimentaris.

Risk Estimated:

-Qualitative vs Quantitative Approach

Risk Assessment Methodology:

Requirements:

- Clear definitions of terms:

Risk Questions

Hazard Identification

Qualitative Risk Assessment: risk categories and combination matrix

Transparency:

A risk assessment must be clearly set out, transparent and fully referenced in the resulting report.

The main step of risk assessment are

-Framing the risk question

-Identify the hazards

-Outlining the risk pathways

-Identifying data needs

-Collecting data

-Assessing the Risks

http://www.dfid.gov.uk/r4d/PDF/Outputs/HPAI/WKS081002_Annex5.pdf

Evaluation of Approaches to managing risk in Business

ERM Programme:

A process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of the entity's objectives.

Purpose and Objectives:

The purpose of ERM is to create, protect, and enhance member value and the credit union's viability by managing the uncertainties that could influences achieving its objectives. Implementing an effective ERM achieves the following key objectives.

Oversight: All critical risks have been identified and are being managed and monitored under a holistic approach consistent with the board approved risk apatite statement.

Owner and Responsibility: The ownership of risk is assigned to management individuals who are responsible for identifying, evaluating, mitigating and reporting risk exposure.

Assurance: The Board, management and members have reasonable assurance that risk is being appropriately managed within defined levels to bring value to the organization.

Benefits:

A credit union which successfully implements ERM should expect the following benefits:

More efficient use of capital and resources.

Reduced likelihood of operational loss

Lower compliance/auditing costs

Earlier detection of unlawful activities

Fewer surprises

Focus on lower cost prevention rather than higher cost resolution strategies

Cost savings by using risk information to streamline and improve processes

Increased awareness and integrated view of risks (existing and emerging)

Systematic, repeatable approach to mitigate risks and identify opportunities

Clearer, better informed decisions .

Role & Responsibilities:

The key role & responsibilities of the Board and Management are summarized in:

The Board of Directors governs the risk profile of the credit union

Management takes action to manage the risks to an acceptable level

Oversees of ERM framework - gains assurance on its effectiveness

Develops processes to implement Enterprise Risk Management in the credit union

Articulates risk appetite/risk tolerance in policy

Identifies process to develop risk profile

The Process:

ERM is an on-going and cyclical process. The Board and senior management set the tone for enterprise risk management in the credit union. This includes establishing the credit union’s risk appetite and how risks will be identified, measured and managed.

Reporting

On - going re-evaluation and update of ERM process & risk

Monitoring

Risk Identification

Risk Assessment & Measurement

Risk Response & Action

ENTERPRISE RISK MANAGEMENT CYCLE

Risk Identification :

Identification of risks should occur on an on-going basis for existing processes and on an adhoc basis as required for new product introductions, projects or changes contemplated to existing products and processes. There are several techniques that may be used to help identify risks including self-assessment questionnaires, surveys, workshops and interviews. To help with risk identification, risks should be considered within main risk categories such as strategic, credit, financial, operational and compliance risks.

Risk Assessment and Measurement:

Risk assessment includes consideration of the likelihood of a risk occurrence and the impact of a risk on the achievement of the credit union’s objectives within a specified timeframe. The likelihood of occurrence is often based on the probability or frequency (number of times) the risk might occur over a specified timeframe such as once a quarter, daily, twice a year, etc. The impact of occurrence is often stated as a dollar value of loss or percent of impact on earnings or capital, but can also be described in qualitative terms (e.g. reputation, service quality, regulatory compliance, etc.) that could result if the risk event

occurred. The magnitude or severity of a risk is based on the product of its likelihood and impact.

Risk Response and Action:

For each identified risk the credit union should establish an appropriate "response" option in order to optimize risk management. These generally range from accept to avoid. Four possible response options are identified below.

Response

Definition

Accept

The credit union decides to accept, manage and monitor the level of risk and to take no action to reduce the risk

Mitigate

The credit union is willing to accept some risk by implementing control processes to manage the risk with in establishment tolerance.

Transfer

The credit union chooses to transfer the risk to a third party (e.g. Obtaining insurance)

Avoid

The credit union feels the risk is unacceptable and will specifically avoid the risk (e.g. Cease selling a product or lending in a specific market).

Monitor:

Risks and risk response activities should be monitored by the responsible manager to ensure that significant risks remain within acceptable risk levels, that emerging risks and gaps are identified and that risk response and control activities are adequate and appropriate. Internal Audit and the Audit Committee (or other committee delegated to by the Board) play an important oversight role in confirming that management is monitoring and managing risks in accordance with established levels. Indicators that fall outside of acceptable risk levels

should be escalated with appropriate action plans to bring the risk back within established risk levels. Those risks that still remain above acceptable risk levels should be considered by the Board for their approval of any necessary resolution strategies. This activity will form the basis for reporting to the Board and on-going monitoring by management. It also helps to confirm that the level of

aggregate risk exposure is within the established risk appetite of the credit union as established in policy.

Reporting:

The Board, audit committee and senior management will require the results of the ERM process to be reported to them in their oversight capacity and to gain assurance that risks are being managed within approved risk levels. At a minimum, ERM reports to the audit committee (or other designated committee) and/or Board should:

summarize the nature and magnitude of significant risks;

highlight all significant risks and those risks that exceed their acceptable risk levels;

identify the timeframe and status of any additional risk management activities that may be required to bring risks within approved risk levels;

identify any negative trends of higher risk areas and any changes to risk management activities;

highlight any new risks including their risk assessment, risk response and

management activities:

identify any material emerging risks; and

summarize any exceptions to established policies or limits for key risks.

On a periodic basis, the Board should review all high risk areas (even those that are appropriately mitigated within acceptable levels) in order to have a full understanding of all the significant risks facing the credit union.

http://www.dico.com/design/Publications/En/ERM%202011/ERM_Framework_September_2011.pdf

TASK 2 RISK ASSESSMENT

All the main drivers of business risk:

Here is my own priority list of key risk drivers that every entrepreneur and every investor should evaluate and minimize in starting a business:

Team experience and depth risk. Here I’m talking about both the experience and track record of the founders in starting a business, as well as their experience and knowledge of the business domain. Like most professionals, when I get a business plan, I flip first to the founders section to see if it is a balanced team who has been there and done that.

Market and opportunity risk. There is always less risk with a well-defined problem in a large and growing market. All the people in China is a large and growing market, but all the people with cancer is much more well-defined. It’s hard to make money in a shrinking market, or with a solution that is "nice to have" versus painfully needed.

Competitive risk. Think seriously about the number and clout of your competitors. Having none is a red flag (may mean no market), but having more than a couple of large ones may mean this is a crowded space. Even in an open space, you need intellectual property, like patents, to keep potential competitors from overrunning you.

Financial risk. Very few businesses can be started without money. You as the founder will be expected to put your own "skin in the game." The business plan should be realistic about how much cash will be required to break-even, and how big the return will be for investors in the first five-year timeframe.

Market entry strategy risk. The selection of an inappropriate pricing, marketing, or distribution strategy is a large potential risk. For example, many new social websites proclaim that they will offer a free service, and live on ad revenues (not likely in the first year without a huge marketing investment).

Political and economic risk. Sometimes founders are just in the wrong place at the wrong time. Recessions are a tough time to sell luxury goods. Under-developed countries may have a strong need for your product, but are often unstable and dangerous. Four specifics include tax rates, tariffs, expropriation of assets, and repatriation of profits.

Technology risk. New technologies, especially those characterized as "paradigm shifts" or "disruptive" may have long and costly acceptance cycles, or may run into unpredictable performance or manufacturing problems. Medical technologies have costly legal testing requirements, approval processes, and insurance validation.

Businesses with high attrition rate risk. Certain business sectors have historical high failure rates and are routinely avoided by investors and many founders. These include food service, retail, consulting, work at home, and telemarketing. On the Internet, I would add new social networking sites, and new matchmaking sites.

Operational risk. Some businesses require huge support or administrative infrastructures. For example, vehicle fuel improvements require service stations and maintenance shops nationwide, before they are viable. Even small operations can have breakdowns of specialized equipment and complex support processes.

Environmental risk. A nuclear reactor built on an earthquake fault line is a huge risk. Evaluate your business and location for sensitivity to floods, hurricanes, and catastrophic pollution problems, like the oil spill in the Gulf of Mexico.

http://www.examiner.com/article/ten-high-risk-drivers-every-entrepreneur-faces

Impact of the different type of risks

Business process outsourcing risk:

Despite the fact that outsourcing leads to important benefits for an organization, but it includes some risks that need an effective and serious management .During the last two decades, companies reported some dangers and threats that are resulted from outsourcing of central and important activities in companies which causes competitive advantages for company, and they try to outsource their subordinate activities. Today, a true and thoughtful management of outsourcing contracts are considered as an important challenge and it is more emphasized to do an exact control on outsourcing relations. (Amaral, Billington & Tsay, 2004).Here, we proceed risk concept and then we will discuss different type of BPO risks.

- measuring possibility and severity of damages. (Lowrance, 1976)

- The consequences of an event that affect the project (Kliem and loudin, 1997)

- The possibility of a negative event with bad consequences (Haimes,Y.Y,1998)

- The potential failure point (Trepper, 1998).

Strategic Risk:

Most of outsourcing activities result in strategic risks for banks because most banks definitely need strategy development, customers' satisfaction, and effective services transference (Adeloy, 2002).So, strategic risk could be created by the lack of proper programming, and technology implementation such as internet, or

because of failure in assessing outsourcing decisions. (Mann & et.al, 2001)If there are some outsourcing causes, there will be various strategic risk that should be assessed; 1- organizations provide particular beneficial information for external organization (Kogut & Zander, 1992). Therefore company should check

issues related to Intellectual property at the time of selecting external sourcing structure (Gottfredson & et.al, 2005); which is called "Diffusion risk" by Walker group (1988). However, it is named "poaching" by (Aron & et.al, 2005). One other type of strategic risks is seller's shirk or moral dangers (Eisenbardt, 1989) which is created by the changes in paying salaries and seller's shirk .Banks lose most of their important source and facilities for competition in strategic risk. Possibly outsourcing decreases banks flexibility and affect internal and external forces velocity and maybe slacken the velocity of their guidance control and creates highest level of independence to service providers (M.J. Earl, 1996).

Main concern that result form strategic:

1- Third person may do some activities that are not compatible with general strategic goals of institute.

2-failure to do proper checking of outsourcing services providers.

3- Lack of specialty for supervising services providers (Publications for supervising the committee of BallBanking).Bandyopadhyaye suggest that organizations should understand these risks to control strategic risk.

He recognized that in order to understand strategic risk, organizations should determine their abilities, and in this case they create long- term advantages by the use of new systems.(Bandyopadhyaye & et. al,1999)

Psycho-social risks:

As companies may hurt their employees' spirit because of outsourcing, so they should consider their employees. Since the low level of spirit of employees have reverse effect on organizations utilization. It is remarkable that most of IT employees were fired because of outsourcing, and this can make most of companies sad who asked for outsourcing (Yang & et.al, 2007).The outsourcing

decrease the level of demands for unskilled workers and also it tends the law wages and high unemployment.

- Contractor company's Bankruptcy risk and lack of financial constancy

As a duty outsourcing, it includes lots of cost and difficult to return it to internal part in this case there exists contractor company's risk and lack of financial constancy. Financial failure risk is defined as a risk that results from financial ruin of contractor company, and the only choice for the company is to employ the employees of from financial ruin of contractor company, and the only choice for the company is to employ the employees of contractor company which may face with its internal strike (Barthelemy, 2003). When decreasing the costs is the objective of outsourcing, there may exist some cases such as on time deadline of receiving interest and long-term economy. However, there are two reasons which are related to each other: 1- companies sum production costs at low level which includes costs transference, replacing costs, and parallel running costs, 2- possibly, companies may estimate management costs at lower level (Adeley, 2002).

- Weak performance risk of internal company and measurement problems of contractor of the company

Some businesses as banking do not outsource all of their business processes, and this is because of performance risk. For this reason, there are potential bankruptcy cases in banking industry which threats banks' fame. So, managers should analyze services providers abilities. The lack of potential sources show

providers' inability. (Quelin & Duhamel, 2003). The most important issue about outsourcing is organizational commitment.

http://www.ijbssnet.com/journals/Vol._2_No._12;_July_2011/25.pdf

3 Analysis of Severity and likelihood of risk:

We all know that every startup is risky. No risk means no reward. Yet every investor has his own "rules of thumb" on what makes a specific startup too high a risk for his investment taste. You need to know these guidelines to set your expectations on funding.

Of course, if you intend to fund the business yourself, or have a rich uncle, external investment funding concerns are not a problem. Yet, it’s still worthwhile to understand the issues so you can minimize your own risk of failure. Here is a summary of the "big picture" high risk considerations:

Inexperienced team. I’ve said many times that investors fund people, not ideas. They look for people with real experience in the business domain of the startup, and people with real experience running a startup. An expert in software is considered high risk in manufacturing, and a Fortune 100 executive running a startup is high risk.

Historically high failure rate category. Certain business sectors have historical high failure rates and are routinely avoided by investors. These include food service, retail, consulting, work at home, and telemarketing. On the Internet, I would add new social networking sites, and new matchmaking sites.

Dependent on government regulations. If your business model is dependent on government approvals, that can take a long time, or require political connections. All new medicines, for example, require expensive and extensive testing for side effects before FDA approval. Of course, successful approvals may also mean high returns.

Large initial investment required. If your startup involves new electronic chips, that may require a huge investment (more than $1B) to ramp-up manufacturing. By definition, all but the largest investors will pass, and it becomes high-risk to all investors. New drugs often fall in this category, due to long clinical trials and FDA approvals required.

Businesses with small return potential. Businesses with a low growth rate or a small opportunity (less than $1B) are considered high risk by investors, who get measured on portfolio return over time. That eliminates from consideration family businesses, small niches, and business areas with declining growth.

Poor public image businesses. Most investors like to maintain a squeaky clean image, so would consider it high risk to invest in businesses on the margin of legality or social acceptability. Don’t expect investor enthusiasm for your gambling site, porn site, gaming, or debt collection business.

Operations in another country. Investors in one country are generally reluctant to invest in a company outside their realm of operational knowledge. We all know that the success "rules" in Russia are different from the USA, so cross-boundary investments are considered high risk, even if you have operating experience there.

These rules of thumb should not be viewed as barriers, but just another factor that needs to be addressed specifically in your business case and investor presentation. It’s better to be proactive on these, rather than hope your investor is too naïve to notice. Your challenge, if your interest is in one of these areas, is to point out quickly why the high risk is mitigated in your case.

In summary, it pays to have some insight into how investors will likely see you, since this allows you to prepare the best case, both for your own decisions, and for approaching an investor. It’s never smart to switch your plans to a "less risky" business that you know nothing about, because your lack of experience there simply moves that alternative to the high risk category.

http://gust.com/angel-investing/startup-blogs/2013/01/06/7-startup-high-risk-factors-that-scare-investors/

Suggested Risk Management Strategies

Developing an appropriate risk management strategy takes considerable effort and planning. One approach might be a good idea to look at each functional area of your business and plan your risk management strategy at a strategic, tactical operational and execution level. However, before you get all excited and jump into the exercise of identifying risks, you need to define your business goals.

Risk - Business Strategy Fit

Your business strategy and goals should already be in place. Once you have identified your goals into measurable units, it becomes easier to do the risk assessment exercise. Risk assessment and its management must always roll back to your goals. Be careful on what you decide are going to be your corporate goals. I find the putting things down into a matrix format helps me. If I cannot fit things into a box, then I have to give the strategy and goals more thought. Row headings outline each functional area and column headings outline the time-lines.

Tactical plan

Tactical plan is where you define how you are going to achieve your strategic objectives. For example if your marketing and sales objective is to increase customer base to 300% in five years, then your tactical plan defines the accomplishments that need to happen in years four, three, two and one. If you think of a ladder, the topmost step is strategic objective while the rungs that lead to the top rung is your tactical plans.

Operational plan

Your operational plan is where you define the accomplishments you need to do in the first year to meet your tactical objectives.

Execution plan

Your execution plan is weekly, monthly and quarterly plans to meet your operational goals.

Does everything fit

When you do your planning, make sure your financial, marketing and sales, HR and operations plan are all in sync, i.e.; if you need to increase revenues by 300%, you need to hire more people, you need to increase production capacity accordingly. Usually your corporate goals would either be financial or marketing &sales in nature and your HR and operations goals will be a function of these two. You can’t have a financial goal of increase revenues by 300% and cutting staff at all.

The risk management process:

Undertaking a risk management exercise without having a clear idea of your objectives is an exercise in futility.

Once you have your goals defined, you need to figure out what risks will impact your goals. By this I mean what events could occur that will hamper you desire to meet stated objectives. Undertaking a risk management exercise without having a clear idea of your objectives is an exercise in futility.

In one of my earlier posts, I have mentioned a few risk management tools to help you with this exercise. Developing a risk management strategy is a 3-step process:

Identify your risks

Quantify your risks, and

Develop a risk response plan

Say you decide your business strategy is going to be to just one: and that is to increase revenue to 10 million in 5 years. It’s usually hard to look out into the future for more than one year. The rapid descent into recession in the latter half of 2008 bears testimony to that. How many people would have access to the necessary data to make that call? In fact how many would even know how to read the economic data to arrive at the right conclusions? Not many. Even the vast majority of those who had access to detailed economic indicates and data failed to see the speed of descent. So I would focus my risk management efforts starting from Execution to Operational to Tactical to Strategic. Remember: set goals by moving from strategic to execution and assess risks in the reverse order.

For each of the above risks, your risk management strategy needs to process the following steps.

1. Identify the risk that could impact your goal

Remember that the impact could be positive or negative. A great place to start would be a SWOT – Strengths, Weaknesses, Opportunities and Threats. Events that could increase your Weakness and Threats are good candidates for negative risks and events that decrease them are good candidates for positive risks. Similarly, events that could increase your Strengths and Opportunities are good candidates for positive risks and events that decrease them are good candidates for negative risks.

Other tools you can use are PEST analysis (Political, Economical, Social and Technological factors). Use the goals framework to identify and associate each risk into their respective buckets.

You cannot do this exercise alone. You need to brainstorm with your colleagues, mentors, employees – and if you have never done this before – a risk management consultant. Within each functional area of your organization, you can even look at each process and identify risks along each process.

For example; the objective of marketing and sales process is to make a sale – product development, pricing, promotions, lead generation, lead contact, moving the lead to sale, offering the product as a demo, gain prospect’s trust and establish relationship, close the sale. Of course, not all of the above may apply to your business and I may not have included all the tasks. But you understand what I am getting at. Once you have identified each step along the process, then it become s bit easier to think, "What could go wrong in this step?" or "If I am flooded with orders, can my production team handle the volume?"

The questions you ask are the risks. Document them. This document is your risk register.

2. Quantify the risks you have identified

Here is where we leave the realm of science and precision and enter into the world or art. For each of the identified risk, figure out its probability of occurring. You could define the occurrence of each risk as percentage or just as "High", "Medium" and "Low". It all boils down to your judgment and experience; and more importantly, your perception of the future.

Against each risk in the risk register, determine the impact if each risk were to occur. If you two of your key employees quit, will it positively or negatively impact your goals? Write down details on how the risk will impact your business.

Arrive at a risk rating by combining the impact and the probability of occurrence. I prefer numbers so that I can rank them, but its your choice on what you use for a risk rating.

Example on how to arrive at a risk rating: Suppose you determine that the impact of a certain key employee leaving your organization will cost you $40,000. You also determine that the probability of this risk occurring is 40%. The risk rating in this case would be 16000. Go through this exercise with each of your risks. I am guessing by the end of this, the risk with the highest rating will have the highest priority and the others will follow in decreasing order of ratings.

3. Plan a response to each identified risk

Now that you have rated each of your risk, you can then decide what to do if the risk were to occur. You can:

Mitigate the risk: This implies that you find ways to reduce the probability of the risk occurring or try to reduce its impact. Usually, it’s the latter we can control.

Accept the risk: Sometimes we just have to accept the fact that there is nothing you can do if the risk occurs.

Transfer the risk: Think insurance. You are transferring your risk of something bad happening to another party for which you typically pay a premium.

Avoid the risk: This typically would mean changing your goals and objectives entirely. The most radical form of risk avoidance would be to shut down your business.

Exploit the risk: If a positive risk were to occur how would you exploit this opportunity to further your goals and objectives?

One final point. Do not let your initial plan gather dust. Frequently, considerable effort is expended to develop the initial plan and is documented. No one ever looks at it for the next year. Do yourself a favor: review and update your risks at least every quarter. You’ll be surprised on how the risk priorities change in as little as three months.

http://www.atlanticcanadabusinessblog.com/index.php/2009/04/23/strategy/how-to-develop-an-effective-business-risk-management-strategy/

Approaches to crisis management:

A FRAMEWORK FOR CRISIS MANAGEMENT & CRISIS MANAGEMENT PLANNING:

The United Kingdoms Department of Business , Enterprises & Regulatory Reform describes a crisis as an abnormal situation, or even perception, which is beyond the scope of everyday business and which threatens the operation, safety and reputation of an organization.

The department advocates that businesses plans: ... The crisis should be dealt with as an operational management issue that is simple being undertaken in extreme circumstances. The crisis management framework for response is normally based on existing management structures and responsibilities. It must also reflect (or improve upon) existing lines of communication, both within the company and with other organizations which may be affected. This approach, when developed in conjunction with the operation managers, will confirm ownership of plans and prepare the proposed framework for practical implementation.

A theoretical approach from an organization viewpoint suggests that factors such as a corporation size, ranking and type of ownership and operations have specific influences on corporate responses to crisis events.

During the next five years, 83 per cent of companies will face a crisis that will negatively impact the profitability of a company 20 and 30 per cent, according to the new research by Oxford-Metrica, an independent adviser on risks, value, reputation and governance (Aon, 2006). Crisis Management is the process by which the organisation manages a wider impact, such as media relations, and enables it to commence recovery.

Irrespective the size an institute affected , the primary aims or benefits of crisis management would normally include:

Ability to assess the situation from inside and outside the Institution as all stakeholders might perceived it.

Techniques to direct action(s) to contain the likely or perceived damage spread.

Better institutional resilience for all stakeholders.

Compliance with regulatory and ethical requirements, e.g corporate [social responsibility].

Much better management of serious management of serious incidents or any incident that could become serious.

Improved staff awareness of their roles and exceptions within the institution.

Increase ability, confidence and morale within the institution.

Enhanced risk management insofar that obvious risks will be identified, mitigated (where possible) and through crisis and business continuity management- as prepared for.

Protected and often enhanced reputation a much reduce risk of post event litigation.

Crisis Management Model:

Successfully diffusing a crisis requires an understanding of how to handle a crisis -before it occurs. Gonzalez-Herrero and Pratt created a four-phase crisis management model process that includes: issue management, planning-prevention, the crisis, and post-crisis. The art is to define what the crisis specifically is or could be and what he caused it or could it.

Management Crisis Planing:

No corporation looks forward to facing a situation that causes a significant disruption to their business, especially one that stimulates extensive media coverage. Public scrutiny can result in a negative financial, political, legal and government impact. Crisis management planing deals with providing the best response to a crisis.

http://books.google.co.uk/books?id=3eua8cb24LAC&pg=PA33&dq=operation+environment+in+crisis+management+in+business&hl=en&sa=X&ei=TMknUYXcJ9SX0QWI6oGIAw&ved=0CHMQ6AEwCA#v=onepage&q=operation%20environment%20in%20crisis%20management%20in%20business&f=false

Impact of Breaks in Business Continuity:

Business Continuity Planing

When a crisis will undoubtedly cause a significant disruption to an organization, a business continuity plan can help minimize the disruption. First, one must identify the critical functions and processes that are necessary to keep the organization running. Then each critical function and or/and process must have its own contingency plan in the event that one of the function /processes ceases or fails. Testing these contingency plans by rehearsing the required actions in a simulation will allow for all involved to become more sensitive and aware the possibilities of a crisis . As a result, in the events of an actual crisis, the team members will act more quickly and effectively.

http://books.google.co.uk/books?id=3eua8cb24LAC&pg=PA33&dq=operation+environment+in+crisis+management+in+business&hl=en&sa=X&ei=TMknUYXcJ9SX0QWI6oGIAw&ved=0CHMQ6AEwCA#v=onepage&q=operation%20environment%20in%20crisis%20management%20in%20business&f=false

RECOMMENDATION & CONCLUSION:

As per the risk assignment basis on two task. In the task one there have a explantation of Risk Assignment, Risk management is effect to the business function, evaluation the method of assessing risk in business, evaluation of approaches to managing risk in business.

The task 2 which is basis on all the main drivers of business risk, impact of the different types of risk, analysis of severity and likelihood, suggested risk management strategies, approaches to crisis management and impact of breaks in business community,

The recommendation of Risk Management assignment is

Identify the risks

Managing the risks

Implement the Safe drivers

Approach the Crisis Management

The impact of the organization of the basis of Financial Risk, Operation Risk, Managing Risk

The conclusion of this assignment is to safety measure is first palace on the basis of financial risk in the new business. There have already mentioned in assignment.

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so. Douglas Adams

"when the map and the territory don’t agree, always believe the territory" Gause and Weinberg – describing Swedish Army Training

"THERE ARE IDIOTS. Look around." Larry Summers

There are more things in heaven and earth, Horatio,

Than are dream of in your philosophy.

W Shakespeare Hamlet, scene v

The fact that people are full of greed, fear, or folly is predictable. The sequence is not predictable. Warren Buffett

§