Risk Management

RISK MANAGEMENT
involves understanding, analysing and
addressing risk to make sure
organisations achieve their objectives.
 1.
Types of Risk
Management
Let’s start with the first set of slides
 Types of Risk Management

▧ Strategic risk - One may consider the opening of a

competitor in your niche a typical risk
▧ Compliance risk - You may not see this coming. This is
often new regulations or legislation that will change the
way you must do business.
▧ Financial risk - There’s nothing worse than having
completed that huge order and hoping that the client will
pay you before the 30 day payment option you gave them.
▧ Operational risk - Using broken equipment like this will
take a business down without some backup plan. Imagine
what could happen if your partner or key employee dies
suddenly, an operational calamity.
ARE YOU PREPARED IN
HANDLING
EMERGENCIES?
 2.
Risk Management Steps
 Risk Management Steps

▧ Step 1: Identify the Risk.

▧ Step 2: Analyze the risk.
▧ Step 3: Evaluate or Rank the Risk.
▧ Step 4: Treat the Risk.
▧ Step 5: Monitor and Review the risk.
 3.
Risk Management Tools
 Quantitative Risk Management Tools

Failure modes and Sensitivity / Specificity A decision tree

effects analysis (FMEA) analysis

Decision trees
An evaluation to should be coupled with
determine how and This analysis shows the expected monetary
where a process might what would happen if value technique to show
fail. Action is then taken predictions fail to the financial impacts of
to address the parts of materialise. different outcomes.
the process where
failure is likely.
 Qualitative Risk Management Tools
Red, amber, green
Risk categorisation Risk urgency
(RAG)
assessment

Grouping risks by
The criteria for This technique
different categories, for
each group will normally focuses on the timing
example the root cause,
depend on the quality element of risks. Priority
will allow for a
and time impact, as well is given to the most
coordinated risk
as the likelihood of imminent risks.
management approach.
occurrence. Red risks
are the ones that will
have the biggest impact
and green risks will have
no or a very low impact.
 Risk Identification
The Delphi technique Root cause analysis Diagramming
developed by Project Is looking at the cause of techniques
RAND by Olaf Helmer, the problem to find out Are compact
Norman Dalkey, and whether the full effects versions of the risks.
Nicholas Rescher can be prevented. They can include cause
and effect diagrams,
flow charts and
Is where a panel of influence diagrams.
experts are asked to
answer questionnaires in
a series of rounds. The Benchmarking
idea is to question Is a comparison between
‘deeply’ enough to get periods or departments.
unbiased information Anomalies in
that the experts agree benchmarking data can
on. spot risks that may have
been missed, if analysis
was done in isolation.
 4.
Risk Management
Standards
 Risk Management Standards

A number of standards have been developed

worldwide to help organisations implement risk
management systematically and effectively. These
standards seek to establish a common view on
frameworks, processes and practice, and are
generally set by recognised international standards
bodies or by industry groups. Risk management is a
fast-moving discipline and standards are regularly
supplemented and updated.
 About ISO
ISO is an independent, non-governmental international
organization with a membership of 161 national standards bodies.

Through its members, it brings together experts to share

knowledge and develop voluntary, consensus-based, market
relevant International Standards that support innovation and
provide solutions to global challenges.
 What are Standards?
International Standards make things work. They give world-
class specifications for products, services and systems, to
ensure quality, safety and efficiency. They are instrumental in
facilitating international trade.

ISO has published 22144 International Standards and related

documents, covering almost every industry, from technology,
to food safety, to agriculture and healthcare. ISO International
Standards impact everyone, everywhere.
 ISO 31000:2009
Risk Management -- Principles and Guidelines

When implemented and maintained in accordance with this

International Standard, the management of risk enables an
organization to, for example:
—encourage proactive management;
— be aware of the need to identify and treat risk
throughout the organization;
— improve the identification of opportunities and threats;
— comply with relevant legal and regulatory requirements
and international norms;
— improve stakeholder confidence and trust;
— effectively allocate and use resources for risk treatment;
— improve operational effectiveness and efficiency;
— improve loss prevention and incident management;
— minimize losses;
— improve organizational learning; and
— improve organizational resilience.
 5.
Risk Management
Careers
 Risk Management Careers
▧ Audit and Assurance Supervisor -

▧ Risk & Assurance Adviser

▧ Operational Risk Consultant

▧ Enterprise Risk Management Consultant

▧ Risk & Assurance Adviser

▧ Enterprise Risk & Regulatory Change Director

▧ Project Risk & Value Manager

▧ Operational Risk Manager

▧ Sector Risk Analyst

▧ Sector Risk Partner

 “
“If you don’t invest in risk management, it
doesn’t matter what business you’re in, it’s
a risky business.”
~ Gary Cohn ~
 Thanks!

Any questions?
 Members

▧ Denice Marie Dadulla

▧ Genedine Louise Magbitang
▧ Errol John Navarette
▧ Paulyn T. Romero