Best Options Broker 2020!
Great Choice For Beginners!
Free Trading Education!
Free Demo Account 1000$!
Get Your Sign-Up Bonus Now!
Only For Experienced Traders!
Risk management is a systematic process of identifying and assessing company risks and taking actions to protect a company against them. Some risk managers define risk as the possibility that a future occurrence may cause harm or losses, while noting that risk also may provide possible opportunities. By taking risks, companies sometimes can achieve considerable gains. However, companies need risk management to analyze possible risks in order to balance potential gains against potential losses and avoid expensive mistakes. Risk management is best used as a preventive measure rather than as a reactive measure. Companies benefit most from considering their risks when they are performing well and when markets are growing in order to sustain growth and profitability.
The task of the risk manager is to predict, and enact measures to control or prevent, losses within a company. The risk-management process involves identifying exposures to potential losses, measuring these exposures, and deciding how to protect the company from harm given the nature of the risks and the company’s goals and resources. While companies face a host of different risks, some are more important than others. Risk managers determine their importance and ability to be affected while identifying and measuring exposures. For example, the risk of flooding in Arizona would have low priority relative to other risks a company located there might face. Risk managers consider different methods for controlling or preventing risks and then select the best method given the company’s goals and resources. After the method is selected and implemented, the method must be monitored to ensure that it produces the intended results.
THE EVOLUTION OF RISK
The field of risk management emerged in the mid-1970s, evolving from the older field of insurance management. The term risk management was adopted because the new field has a much wider focus than simply insurance management. Risk management includes activities and responsibilities out-side of the general insurance domain, although insurance is an important part of it and insurance agents often serve as risk managers. Insurance management focused on protecting companies from natural disasters and basic kinds of exposures, such as fire, theft, and employee injuries, whereas risk management focuses on these kinds of risks as well as other kinds of costly losses, including those stemming from product liability, employment practices, environmental degradation, accounting compliance, offshore outsourcing, currency fluctuations, and electronic commerce. In the 1980s and 1990s, risk management grew into vital part of company planning and strategy and risk management became integrated with more and more company functions as the field evolved. As the role of risk management has increased to encompass large-scale, organization-wide programs, the field has become known as enterprise risk management.
TYPES OF RISK MANAGERS
AND TYPES OF RISK
Company managers have three general options when it comes to choosing a risk manager:
- Insurance agents who provide risk assessment services and insurance advice and solutions to their clients;
- Salaried employees who manage risk for their company (often chief financial officers or treasurers); and
- Independent consultants who provide risk-management services for a fee.
Because risk management has become a significant part of insurance brokering, many insurance agents work for fees instead of for commissions. To choose the best type of risk manager for their companies, managers should consider the company’s goals, size, and resources.
Managers also should be aware of the types of risks they face. Common types of risks include automobile accidents, employee injuries, fire, flood, and tornadoes, although more complicated types such as liability and environmental degradation also exist. Furthermore, companies face a number of risks that stem primarily from the nature of doing business. In Beyond Value at Risk, Kevin Dowd sums up these different types of risks companies face by placing them in five general categories:
- Business risks, or those associated with an organization’s particular market or industry;
- Market risks, or those associated with changes in market conditions, such as fluctuations in prices, interest rates, and exchange rates;
- Credit risks, or those associated with the potential for not receiving payments owed by debtors;
- Operational risks, or those associated with internal system failures because of mechanical problems (e.g., machines malfunctioning) or human errors (e.g., poor allocation of resources); and
- Legal risks, or those associated with the possibility of other parties not meeting their contractual obligations.
In addition, environmental risks constitute a significant and growing area of risk management, since reports indicate the number and intensity of natural disasters are increasing. For example, the periodical Risk Management reported that there were about five times as many natural disasters in the 1990s as in the 1960s. The year 2004 was one of the worst in history, with three major hurricanes hitting the state of Florida and a tsunami causing death and devastation in the Pacific Rim. Some observers blame the rising number of natural disasters on global warming, which they believe will cause greater floods, droughts, and storms in the future.
Furthermore, any given risk can lead to a variety of losses in different areas. For example, if a fire occurs, a company could lose its physical property such as buildings, equipment, and materials. In this situation, a company also could lose revenues, in that it could no longer produce goods or provide services. Furthermore, a company could lose human resources in such a disaster. Even if employees are not killed or injured, a company would still suffer losses because employers must cover benefits employees draw when they miss work.
ASSESSING RISKS ASSOCIATED
WITH DOING BUSINESS
One way managers can assess the risks of doing business is by using the risk calculator developed by Robert Simons, a professor at the Harvard Business School. Although the risk calculator is not a precise tool, it does indicate areas where risks and potential losses exist, such as the rate of expansion and the level of internal competition. Using the risk calculator, managers can determine if their company has a safe or dangerous amount of risk. The risk calculator measures three kinds of internal pressures: risk stemming from growth, corporate culture, and information management. Rapid growth, for example, could be a risk and lead to losses, because if a company grows too quickly, it may not have enough time to train new employees adequately. Hence, unchecked growth could lead to lost sales and diminished quality.
Managers can assess the increased risk associated with growth by determining if sales goals are set by top management without input from employees. If a company sets sales goals in this manner, then it has a high level of risk in that the goals may be too difficult for employees to meet. In cases where employees feel extreme pressure in trying to achieve goals, they may take unnecessary risks. Similarly, companies that rely heavily on performance-based pay also tend to have higher levels of risk.
To assess risk arising from corporate culture, managers should determine what percentage of sales comes from new products or services developed by risk-taking employees. If the percentage is high, then the amount of risk is also high, because such a company depends significantly on new products and the related risks. In addition, a corporate culture that allows or encourages employees to work independently to develop new products increases company risk, as does a high rate of new product or service failures.
Finally, managers can determine business risks resulting from information management by determining if they and their subordinates spend a lot of time gathering information that should already be available. Another way of assessing these risks is by managers considering whether they look at performance data frequently and whether they notice if reports are missing or late.
RISK MANAGEMENT METHODS
Risk managers rely on a variety of methods to help companies avoid and mitigate risks in an effort to position them for gains. The four primary methods include exposure or risk avoidance, loss prevention, loss reduction, and risk financing. A simple method of risk management is exposure avoidance, which refers to avoiding products, services, or business activities with the potential for losses, such as manufacturing cigarettes. Loss prevention attempts to root out the potential for losses by implementing such things as employee training and safety programs designed to eradicate risks. Loss reduction seeks to minimize the effects of risks through response systems that neutralize the effects of a disaster or mishap.
The final option risk managers have is to finance risks, paying for them either by retaining or transferring their costs. Companies work with risk managers insofar as possible to avoid risk retention. However, if no other method is available to manage a particular risk, a company must be prepared to cover the losses—that is, to retain the losses. The deductible of an insurance policy is an example of a retained loss. Companies also may retain losses by creating special funds to cover any losses.
Risk transferring takes place when a company shares its risk with another party, such as an insurance provider, by getting insurance policies that cover various kinds of risk that can be insured. In fact, insurance constitutes the leading method of risk management. Insurance policies usually cover (a) property risks such as fire and natural disasters, (b) liability risks such as employer’s liability and workers’ compensation, and (c) transportation risks covering air, land, and sea travel as well as transported goods and transportation liability. Managers of large corporations may decide to manage their risks by acquiring an insurance company to cover part or all of their risks, as many have done. Such insurance companies are called captive insurers.
Risk managers also distinguish between preloss and postloss risk financing. Preloss risk financing includes financing obtained in preparation for potential losses, such as insurance policies. With insurance policies, companies pay premiums before incurring losses. On the other hand, postloss financing refers to obtaining funds after losses are incurred (i.e., when companies obtain financing in response to losses). Obtaining a loan and issuing stocks are methods of postloss financing.
During the implementation phase, company managers work with risk managers to determine the company goals and the best methods for risk management. Generally, companies implement a combination of methods to control and prevent risks effectively, since these methods are not mutually exclusive, but complementary. After risk management methods have been implemented, risk managers must examine the risk management program to ensure that it continues to be adequate and effective.
EMERGING AREAS OF RISK
In the 1990s, new areas of risk management began to emerge that provide managers with more options to protect their companies against new kinds of exposures. According to the Risk and Insurance Management Society (RIMS), the main trade organization for the risk management profession, among the emerging areas for risk management were operations management, environmental risks, and ethics.
As forecast by RIMS, risk managers of corporations started focusing more on verifying their companies’ compliance with federal environmental regulations in the 1990s. According to Risk Management, risk managers began to assess environmental risk such as those arising from pollution, waste management, and environmental liability to help make their companies more profitable and competitive. Furthermore, tighter environmental regulations also goaded businesses to have risk managers check their compliance with environmental policies to prevent possible penalties for noncompliance.
Companies also have the option of obtaining new kinds of insurance policies to control risks, which managers and risk managers can take into consideration when determining the best methods for covering potential risks. These nontraditional insurance policies provide coverage of financial risks associated with corporate profits and currency fluctuation. Hence, these policies in effect guarantee a minimum level of profits, even when a company experiences unforeseen losses from circumstances it cannot control (e.g., natural disasters or economic downturns). Moreover, these nontraditional policies ensure profits for companies doing business in international markets, and hence they help prevent losses from fluctuations in a currency’s value.
Risk managers can also help alleviate losses resulting from mergers. Stemming from the wave of mergers in the 1990s, risk managers became a more integral part of company merger and acquisition teams. Both parties in these transactions rely on risk management services to determine and control or prevent risks. On the buying side, risk managers examine a selling company’s expenditures, loss history, insurance policies, and other areas that indicate a company’s potential risks. Risk managers also suggest methods for preventing or controlling the risks they find.
Finally, risk managers have been called upon to help businesses manage the risks associated with increased reliance on the Internet. The importance of online business activities in maintaining relationships with customers and suppliers, communicating with employees, and advertising products and services has offered companies many advantages, but also exposed them to new security risks and liability issues. Business managers need to be aware of the various risks involved in electronic communication and commerce and include Internet security among their risk management activities.
ENTERPRISE RISK MANAGEMENT
As the field of risk management expanded to include managing financial, environmental, and technological risks, the role of risk managers grew to encompass an organization-wide approach known as enterprise risk management (ERM). This approach seeks to implement risk awareness and prevention programs throughout a company, thus creating a corporate culture able to handle the risks associated with a rapidly changing business environment. Practitioners of ERM incorporate risk management into the basic goals and values of the company and support those values with action. They conduct risk analyses, devise specific strategies to reduce risk, develop monitoring systems to warn about potential risks, and perform regular reviews of the program.
In the United States, the Sarbanes-Oxley Act of 2002 provided the impetus for a number of large firms to implement enterprise risk management. Passed in the wake of scandals involving accounting compliance and corporate governance, the act required public companies to enact a host of new financial controls. In addition, it placed new, personal responsibility on boards of directors to certify that they are aware of current and future risks and have effective programs in place to mitigate them. “Fueled by new exchange rules, regulatory initiatives around the globe, and a bevy or reports that link good corporate governance with effective risk management, attention is turning to ERM,” Lawrence Richter Quinn noted in Financial Executive. “[Some executives believe that it] will save companies from any number of current and future ills while providing significant competitive advantages along the way.”
In late 2004 the London-based Treadway Commission’s Committee of Sponsoring Organizations (COSO) issued Enterprise Risk Management-Integrated Framework, which provided a set of “best practice” standards for companies to use in implementing ERM programs. The COSO framework expanded on the work companies were required to do under Sarbanes-Oxley and provided guidelines for creating an organization-wide focus on risk management. According to Financial Executive, between one-third and one-half of Fortune 500 companies had launched or were considering launching ERM initiatives by the end of 2004.
Revised by Laurie Collier Hillstrom
Braunstein, Adam. “Strategies for Risk Management.” CIO (24 February 2005). Available from .
D’Arcangelo, James R. “Beyond Sarbanes-Oxley: Section 404 Exercises Can Provide the Starting Point for a Comprehensive ERM Program.” Internal Auditor (October 2004).
Dowd, Kevin. Beyond Value at Risk. New York: Wiley: 1998.
Lam, James. Enterprise Risk Management: From Incentives to Controls. Hoboken, NJ: John Wiley, 2003.
Mills, Evan. “The Coming Storm: Global Warming and Risk Management.” Risk Management (May 1998): 20.
Quinn, Lawrence Richter. “ERM: Embracing a Total Risk Model.” Financial Executive (January-February 2005).
Risk and Insurance Management Society, Inc. “(RIMS) Website.” Available from http://www.rims.org.
Simons, Robert. “How Risky Is Your Company?” Harvard Business Review (May 1999): 85.
Telegro, Dean Jeffery. “A Growing Role: Environmental Risk Management in 1998.” Risk Management (March 1998): 19.
White, Larry. “Management Accountants and Enterprise Risk Management.” Strategic Finance (November 2004).
Risk Management in Finance
In the financial world, risk management is the process of identification, analysis and acceptance or mitigation of uncertainty in investment decisions. Essentially, risk management occurs when an investor or fund manager analyzes and attempts to quantify the potential for losses in an investment, such as a moral hazard, and then takes the appropriate action (or inaction) given the fund’s investment objectives and risk tolerance.
What is Risk Management?
What is Risk Management?
Risk management occurs everywhere in the realm of finance. It occurs when an investor buys U.S. Treasury bonds over corporate bonds, when a fund manager hedges his currency exposure with currency derivatives, and when a bank performs a credit check on an individual before issuing a personal line of credit. Stockbrokers use financial instruments like options and futures, and money managers use strategies like portfolio diversification, asset allocation and position sizing to mitigate or effectively manage risk.
Inadequate risk management can result in severe consequences for companies, individuals, and the economy. For example, the subprime mortgage meltdown in 2007 that helped trigger the Great Recession stemmed from bad risk-management decisions, such as lenders who extended mortgages to individuals with poor credit; investment firms who bought, packaged, and resold these mortgages; and funds that invested excessively in the repackaged, but still risky, mortgage-backed securities (MBS).
- Risk management is the process of identification, analysis and acceptance or mitigation of uncertainty in investment decisions.
- Risk is inseparable from return in the investment world.
- A variety of tactics exist to ascertain risk; one of the most common is standard deviation, a statistical measure of dispersion around a central tendency.
- Beta, also known as market risk, is a measure of the volatility, or systematic risk, of an individual stock in comparison to the entire market.
- Alpha is a measure of excess return; money managers who employ active strategies to beat the market are subject to alpha risk.
How Risk Management Works
We tend to think of “risk” in predominantly negative terms. However, in the investment world, risk is necessary and inseparable from desirable performance.
A common definition of investment risk is a deviation from an expected outcome. We can express this deviation in absolute terms or relative to something else, like a market benchmark.
While that deviation may be positive or negative, investment professionals generally accept the idea that such deviation implies some degree of the intended outcome for your investments. Thus to achieve higher returns one expects to accept the more risk. It is also a generally accepted idea that increased risk comes in the form of increased volatility. While investment professionals constantly seek, and occasionally find, ways to reduce such volatility, there is no clear agreement among them on how this is best to be done.
How much volatility an investor should accept depends entirely on the individual investor’s tolerance for risk, or in the case of an investment professional, how much tolerance their investment objectives allow. One of the most commonly used absolute risk metrics is standard deviation, a statistical measure of dispersion around a central tendency. You look at the average return of an investment and then find its average standard deviation over the same time period. Normal distributions (the familiar bell-shaped curve) dictate that the expected return of the investment is likely to be one standard deviation from the average 67% of the time and two standard deviations from the average deviation 95% of the time. This helps investors evaluate risk numerically. If they believe that they can tolerate the risk, financially and emotionally, they invest.
For example, during a 15-year period from August 1, 1992, to July 31, 2007, the average annualized total return of the S&P 500 was 10.7%. This number reveals what happened for the whole period, but it does not say what happened along the way. The average standard deviation of the S&P 500 for that same period was 13.5%. This is the difference between the average return and the real return at most given points throughout the 15-year period.
When applying the bell curve model, any given outcome should fall within one standard deviation of the mean about 67% of the time and within two standard deviations about 95% of the time. Thus, an S&P 500 investor could expect the return, at any given point during this period, to be 10.7% plus or minus the standard deviation of 13.5% about 67% of the time; he may also assume a 27% (two standard deviations) increase or decrease 95% of the time. If he can afford the loss, he invests.
Risk Management and Psychology
While that information may be helpful, it does not fully address an investor’s risk concerns. The field of behavioral finance has contributed an important element to the risk equation, demonstrating asymmetry between how people view gains and losses. In the language of prospect theory, an area of behavioral finance introduced by Amos Tversky and Daniel Kahneman in 1979, investors exhibit loss aversion. Tversky and Kahneman documented that investors put roughly twice the weight on the pain associated with a loss than the good feeling associated with a profit.
Often, what investors really want to know is not just how much an asset deviates from its expected outcome, but how bad things look way down on the left-hand tail of the distribution curve. Value at risk (VAR) attempts to provide an answer to this question. The idea behind VAR is to quantify how large a loss on investment could be with a given level of confidence over a defined period. For example, the following statement would be an example of VAR: “With about a 95% level of confidence, the most you stand to lose on this $1,000 investment over a two-year time horizon is $200.” The confidence level is a probability statement based on the statistical characteristics of the investment and the shape of its distribution curve.
Of course, even a measure like VAR doesn’t guarantee that 5% of the time will be much worse. Spectacular debacles like the one that hit the hedge fund Long-Term Capital Management in 1998 remind us that so-called “outlier events” may occur. In the case of LTCM, the outlier event was the Russian government’s default on its outstanding sovereign debt obligations, an event that threatened to bankrupt the hedge fund, which had highly leveraged positions worth over $1 trillion; if it had gone under, it could have collapsed the global financial system. The U.S. government created a $3.65-billion loan fund to cover LTCM’s losses, which enabled the firm to survive the market volatility and liquidate in an orderly manner in early 2000.
Beta and Passive Risk Management
Another risk measure oriented to behavioral tendencies is a drawdown, which refers to any period during which an asset’s return is negative relative to a previous high mark. In measuring drawdown, we attempt to address three things:
- the magnitude of each negative period (how bad)
- the duration of each (how long)
- the frequency (how often)
For example, in addition to wanting to know whether a mutual fund beat the S&P 500, we also want to know how comparatively risky it was. One measure for this is beta (known as “market risk”), based on the statistical property of covariance. A beta greater than 1 indicates more risk than the market and vice versa.
Beta helps us to understand the concepts of passive and active risk. The graph below shows a time series of returns (each data point labeled “+”) for a particular portfolio R(p) versus the market return R(m). The returns are cash-adjusted, so the point at which the x and y-axes intersect is the cash-equivalent return. Drawing a line of best fit through the data points allows us to quantify the passive risk (beta) and the active risk (alpha).
The gradient of the line is its beta. For example, a gradient of 1.0 indicates that for every unit increase of market return, the portfolio return also increases by one unit. A money manager employing a passive management strategy can attempt to increase the portfolio return by taking on more market risk (i.e., a beta greater than 1) or alternatively decrease portfolio risk (and return) by reducing the portfolio beta below 1.
Alpha and Active Risk Management
If the level of market or systematic risk were the only influencing factor, then a portfolio’s return would always be equal to the beta-adjusted market return. Of course, this is not the case: Returns vary because of a number of factors unrelated to market risk. Investment managers who follow an active strategy take on other risks to achieve excess returns over the market’s performance. Active strategies include tactics that leverage stock, sector or country selection, fundamental analysis, position sizing, and technical analysis.
Active managers are on the hunt for an alpha, the measure of excess return. In our diagram example above, alpha is the amount of portfolio return not explained by beta, represented as the distance between the intersection of the x and y-axes and the y-axis intercept, which can be positive or negative. In their quest for excess returns, active managers expose investors to alpha risk, the risk that the result of their bets will prove negative rather than positive. For example, a fund manager may think that the energy sector will outperform the S&P 500 and increase her portfolio’s weighting in this sector. If unexpected economic developments cause energy stocks to sharply decline, the manager will likely underperform the benchmark, an example of alpha risk.
The Cost of Risk
In general, the more an active fund and its managers shows themselves able to generate alpha, the higher the fees they will tend to charge investors for exposure to those higher-alpha strategies. For a purely passive vehicle like an index fund or an exchange-traded fund (ETF), you might pay 15 to 20 basis points in annual management fees, while for a high-octane hedge fund employing complex trading strategies involving high capital commitments and transaction costs, an investor would need to pay 200 basis points in annual fees, plus give back 20% of the profits to the manager.
The difference in pricing between passive and active strategies (or beta risk and alpha risk respectively) encourages many investors to try and separate these risks (e.g. to pay lower fees for the beta risk assumed and concentrate their more expensive exposures to specifically defined alpha opportunities). This is popularly known as portable alpha, the idea that the alpha component of a total return is separate from the beta component.
For example, a fund manager may claim to have an active sector rotation strategy for beating the S&P 500 and show, as evidence, a track record of beating the index by 1.5% on an average annualized basis. To the investor, that 1.5% of excess return is the manager’s value, the alpha, and the investor is willing to pay higher fees to obtain it. The rest of the total return, what the S&P 500 itself earned, arguably has nothing to do with the manager’s unique ability. Portable alpha strategies use derivatives and other tools to refine how they obtain and pay for the alpha and beta components of their exposure.
Risk Management Process
Introduction – Risk Management Process
There are methods of “Risk definition and control”, which are documented in a systematic approach known as “Risk Management Process”. This Risk Management Process provides a reasonable defense mechanism against the potential risk that an organization is about to face. Risk Management training can, therefore, be defined as “a group of actions that are integrated within the wider context of a company organization, which are directed toward assessing and measuring possible risk management techniques.
There is eight major and minor risks management process in the above picture. Try to spot them if you can! (Answer at the end)
Download Corporate Valuation, Investment Banking, Accounting, CFA Calculator & others
From the picture, we can infer that Walters Inc. has to implement the Risk Management process at the earliest. So let’s try to understand this risk management process as well as the phase involved in it.
The Story of Risk Management Process…
Each organization has a “mission” and a “vision” for its formation. And therefore, in general terms, it must address the problem of protecting itself against events that bring potential risk management strategies to the organization as a whole. Earlier, companies faced different types of risk management strategies in a specific or unconnected manner. But today It also elaborates on the risk management strategies necessary for managing the same. Company risks are normally classified into three broad categories:
1. Risks inherent to the external context
- The emergence of unfavorable laws and regulations
- Absurd changes in market conditions
- Technological innovations that favor competitors
2. Risks inherent to operative management
- Noncompliance with contractual requirements
- Possible loss of market share
- Possible loss of skills
- Possible physical damage to personnel
- Possible environmental pollution
3. Risks inherent to financial management
- Difficulty in collecting accounts receivables
- Unfavorable changes in exchange rates
- Imbalances in liquidity
Each of these risks management process may lead to direct or indirect damage to the organization, with economic implications in the short, medium and long-term. From this point of view, therefore, the attention given to Risk Management techniques, in terms of the quality and quantity of allocated resources, must be consistent. This not only stands true for the type of risk management strategies, but also for the potential negative event could occur and the gravity of its consequences.
A complete risk management process aims to protect:
# Value already created by the organization
# Future opportunities
Phases of Risk Management Process
Generally, risk management process is strongly connected to one another. Hence they cannot be taken care of in a fragmented manner. At the same time nor they can be taken care of by an individual department of an organization. by independent functions and/or departments, but a dedicated process is necessary that requires a structured organization and effective communication mechanisms. Traditionally, the phases of a Risk Management process are as follows:
- context definition
- risk identification
- risk assessment
- risk control
- checking and supervision
- process review
To be effective, each of these phases must be fully integrated within the company organization.
1. Context definition
Context definition stresses the following important things:
- The first and foremost thing is identifying the areas of risk. Risks may arise due to a specific combination of market, product or service, manufacturing or distribution process as well as other external factors.
- Next thing is to identify and define an assessment activity schedule.
- Based on that it becomes necessary to organize resources, and also defining duties and responsibilities.
2. Risk identification
The next phase of Risk management process is risk Identification Process, it is important to identify the potential risks and then give their detailed description. Hence all possible sources of risk management training such as the positions of the stakeholders, market changes, manufacturing errors or work accidents should be thoroughly analyzed. The process of identifying potential risks management techniques must include:
- Objectives that the organization has set.
- Scenarios that the organization may face in carrying out its business.
- Procedures that the organization adopts for its management and operational purposes.
Effective risk identification finally requires the support of reasonable confirmations, which states if the analysis about the risk has been correct or not. These confirmations may be:
- Confirmation stating that the event has already occurred (Direct confirmation)
- Confirmation stating that the event has already occurred in a similar situation. (Indirect confirmation)
- Confirmation stating the cause-effect relationships stressing on the probability of the event. (Deductive nature)
In this way, a “risk profile” is outlined that is specific to each organization.
3. Risk assessment
When the risks have been identified, it must be assessed based on the following parameters:
- The probability that the negative event will occur;
- The seriousness of the direct or indirect consequences of the event itself.
The assessment made in such cases is largely dependent upon
- Criticality of the situation,
- Relevance, availability of statistical data
- Confirmed analysis procedures.
The other important job in this step of risk management process is to assess the level of risks. This step helps in making the action plan in the context of that particular risk.
|Extreme / High-Risk||Serious danger. Immediate action required in this type of risk. Identify and implement controls to reduce risk to as low as reasonably practical. The controls can be temporary or permanent|
|Medium Risk||Moderate danger. Action as soon as possible to implement controls to reduce the risk to as low as reasonably practical. Actions can be for a long & short term.|
|Low Risk||It may range from Minor to negligible danger. Assess if further action can be taken. Steps should be taken to monitor the controls so the hazard is maintained as “low ” (If the hazard cannot be eliminated completely).|
# Likelihood Scale
|4||Very likely||Happens more than once a year in this industry|
|3||Likely||Happens about once a year in this industry|
|2||Unlikely||Happens every 10 years or more in this industry|
|1||Very unlikely||Has only happened once in this industry|
# Consequence scale
|4||Severe||Financial losses greater than $50,000|
|3||High||Financial losses between $10,000 and $50,000|
|2||Moderate||Financial losses between $1000 and $10,000|
|1||Low||Financial losses less than $1000|
The following formula is used to calculate risk rating: Likelihood x Consequences = Risk rating, For example, you may decide the likelihood of a fire is ‘unlikely’ (a score of 2) but the consequences are ‘severe’ (a score of 4). Then using the tables above, a fire, therefore, has a risk rating of 8 (i.e. 2 x 4 = 8).
Best Options Broker 2020!
Great Choice For Beginners!
Free Trading Education!
Free Demo Account 1000$!
Get Your Sign-Up Bonus Now!
Only For Experienced Traders!
# Risk rating table
|12-16||Severe||Needs immediate corrective action|
|8-12||High||Needs corrective action within 1 month|
|4-8||Moderate||Needs corrective action within 3 months|
|1-4||Low||Does not currently require corrective action|
Example- Crack in the Pathway of a company main office
The assessor rates the likelihood as high (likely). The reasons for the same are: The path is frequently used by employees and visitors daily. Therefore there is a high probability that someone will be exposed to the hazard. The assessor rates consequences of a trip in this section of a path as moderate, with a sprain or break as the worst case scenarios. Therefore the risk management process rating for this particular hazard was assessed as high. Your risk evaluation should consider:
- the importance of the activity to your business
- the amount of control you have over the risk
- potential losses to your business
- any benefits or opportunities presented by the risk.
4. Risk Control
In this phase of risk management process, the decision-making process becomes particularly important. It includes one or more of the following conditions:
- Transfer of the risk
- Exclusion of the risk
- Reduction of the risk
- Acceptance of the risk or an amount of the risk
The selected one of the options from the above conditions will depend on the specific company situation. Also, it should consider the cost-benefit analysis. It can stress the quantitative aspects in reference to short, medium and long-term period.
Here the company transfers the risk to another party that is ready to accept the risk. This generally includes the risk management process insurance companies that are ready to take up the risk management techniques. But in such a case risks such as liabilities of a criminal nature cannot be transferred.
This condition foresees the non-execution of the activity that involves a risk that cannot be transferred and/or is considered to be unacceptable. Naturally, the result is a loss of opportunity that the activity at risk management training would have represented in any case.
Risk reduction takes into account the managerial, technological and behavioral action that lowers the probability of risk. This, in turn, reduces the seriousness of its consequences.
Acceptance of an amount of the risk
Some risks that are not transferred or not excluded are accepted. The acceptance applies when the risk has:
- Low probability of the event
- Consequences are of little relevance
- Great benefits if successful
Communication of risk is another important step in the risk management process. In this step the following things must be properly documented in detail in a Risk Management Report:
- The profile
- The matrix
- The risk treatment
- The control planning
The above things must be presented to all personnel who are involved in any manner. If required targeted training courses should be developed, making the Risk Management training Report an effective management instrument. The Risk Management Report establishes the document of reference for the entire Risk Management process.
The Planning step defines the risk control methods, that is:
- Interpretation, sending or storing of incoming data for the control process;
- Appropriate level and localization for the decisions and actions the operative procedures and/or practice;
- Control instruments
- Interpretation, sending or storing of output data from the control process.
The planning activity is documented in the Risk Management strategies Plan. As the planning step is mainly directed toward coordinating all activities and their communication it is recommended that the position of a Risk Manager is created.
7. Checking and Supervision
One time plan is not enough in risk management process. It is important that Checking and supervision are carried out time and again. The checking and supervision results must be always documented, evaluated and recorded.
8. Process review
Risk Management Process is not a one time but a dynamic process. And that is why it must be reviewed in a sufficiently frequent manner. It must be based upon the experience gathered in a direct manner (w.r.t the organization) or indirectly (outside of the organization. The purpose of such an activity should be:
- Evaluating possible evolutions that concern any phase of the process
- Evaluating the efficiency and effectiveness of the adopted Risk Management Plan
- Evaluating the checking and supervising results.
If revisions are made, another Risk Management process Report must be created which is updated with respect to the changes that were made.
This is all about the Risk Management process. The picture below gives the answers to the spot the risks in Walters Inc.
Spot the Risks Answers!
If you find other risks involved in this picture, please feel free to mention them in the comments below, so that you can have your own share in improving Walter’s Inc.
This has been a guide to risk management process here we have discussed the different phases of risks that are involved in our day to day life at your working environment.you may also learn more about risk management process from the following articles
All in One Financial Analyst Bundle (250+ Courses, 40+ Projects)
Best Options Broker 2020!
Great Choice For Beginners!
Free Trading Education!
Free Demo Account 1000$!
Get Your Sign-Up Bonus Now!
Only For Experienced Traders!