ogm 651-enterprise risk management (erm)patipanerm.com/file/e04d2e9d441cad51420d623600d9ddd6.pdf ·...
TRANSCRIPT
AUG‐DEC 2018
1
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 1: OVERVIEW OF COURSE
1
Dr. Patipan Lim
Ph.D. Doctor of Philosophy in Development Administration (International Program) National Institute of Development Administration (NIDA), Bangkok Thailand
Teaching & Guess Speaker Experiences: King Mongkut’s University of Technology Thonburi (KMUTT)-
Graduate School of Management and Innovation (GMI) Mahidol University- School of Hospital Management Faculty of
Medicine Ramathibodi Hospital Private Sectors: Praram9 Hos, Konburee Sugar PLC
Experience SectorsBanking IndustryTelecommunicationHealthcare
Areas of Expertise Enterprise Risk ManagementBusiness Continuity & Crisis ManagementWorking in Turbulent EnvironmentStatistics and Data Analysis
2
AUG‐DEC 2018
2
TOPICS
GET TO KNOW EACH OTHER
RATIONALE OF ERM/PRM
ERM TODAY AND FUTURE RESEARCH
COURSE DESCRIPTIONS
SCANNING RISK KNOWLEDGE 3
SECTION 1:
GET TO KNOW EACH OTHER
4
AUG‐DEC 2018
3
SECTION 2:
RATIONALE OF ERM/PRM
5
GMI VISION GLOBAL RECOGNITION, MORAL INTEGRITY AND INNOVATIVE LEADERS
GMI MISSION TO CRAFT PROFESSIONAL LEADERS AND ADVANCE MANAGEMENT EDUCATION THROUGH INNOVATION-DRIVEN TEACHING, RELEVANT RESEARCH, AND SUSTAINABLE SOCIAL SERVICES
6
AUG‐DEC 2018
4
Mark Elliot Zuckerberg (born May 14, 1984) is an American computer programmerCofounder of Facebook
7
GLOBALIZATION HISTORICAL TIME
8
AUG‐DEC 2018
5
RATIONALE OF ERM/PRM-GLOBAL LEVELS
BENEFITS OF GLOBALIZATION
• EASY CONNECTED
• REDUCE OPERATION COST
• FAST COMMUNICATION
• SPEEDY TRAVEL
• MOVEMENT LABOR
• ADOPTION TECHNOLOGY
• INDUSTRIALIZATION
PITFALLS OF GLOBALIZATION
• SPREAD OF DISEASE
• INTENSE COMPETITORS
• LOST OF JOB
• POLUTION
• DEPENDENCY
RISK
9
RATIONALE OF ERM/PRM-MACRO LEVEL OF UNCERTAINTY
Asian financial crisis 1997 Tom Yum Kung period
Y2K Problems
Financial Crisis
Natural Disaster Political Stability Pandemic
September 11,2001 Terrorist attacks on US
10
AUG‐DEC 2018
6
As, open system (Scott, 2003), one organization tries to transform themselves as “corporation”.
To be as corporation, proprietorship, employed to two tools of funding strategies: merger and acquisition (M&A) or launch IPO-Corporate Accounting Fraud-
RATIONALE OF ERM/PRM-ORGANIZATION LEVEL-
Situation Causes Consequences
World Com
Communication and Technology industry Expand business with Takeover, M & A Strategy Stock price dramatically incline
Lack of transparency from top mgt due to unreal financial statement underreporting line costs Corporate unallocated revenue accounts
Go bankruptcy due to the disclosure of real financial statement
After this situation, SEC (Securities Exchange Commission) forced disclosure regulation to world listed-company.
11
SECTION 3:
ERM TODAY AND FUTURE RESEARCH
12
AUG‐DEC 2018
7
ALIGNMENT REGULATION-SEC FORCED LISTED COMPANIES
PREVENTIVE LOSS-NEED TO ACHIEVE CORPORATE GOALS
INCLINEED ORGANIZATIONAL PERFORMANCE –OPPORTUNITY MANAGEMENT
MATURITY OF ERM…..
1
2
3
13
Precondition of ERM
ERM Process
Corporate Performance
H1
H2
res1
res3
res2
0.79 *** 0.74 ***
R2=0.621
R2=0.623
R2=0.956S. Patipan (2018)
MATURITY OF ERM…..
14
AUG‐DEC 2018
8
CORPORATE PHILOSOPHYThrough happy employees, we desire to see smiles from customers.
VISIONWe serve convenience to all communities.
MISSIONTo create customer engagement with innovative products and services and to enhance good relations with community and society
Corporate Risks: Change of Customer Behavior…
CASE 1: ADAPTIVENESS
15
CASE 2: LACK OF SHRIMP
• บรษทผลตอาหารแชแชงทเปนอาหารทะเล และอาหารแปรรป รายไดหลก (50%)เปนการผลตตมซาแชแขง สงออกทงภายในและภายนอกประเทศ
เนองจากอปสงค (Demand) ของกงเปนทตองการมากตอการผลตของบรษท “แตจานวนกงลดลง เนองจากกงเปนโรคตายดวน (Shrimp Early Mortality Syndrome) สงผลใหราคาสงขนมากก
จากสถานการณดงกลาวหากทานเปน COO (Chief Operation Officer) ทานจะทาอยางไร
16
AUG‐DEC 2018
9
SECTION 4:
COURSE DESCRIPTIONS
17
ENTERPRISE RISK MANAGEMENT
PROJECT RISK MANAGEMENT
CRISIS MANAGEMENT
01
02
03
18
AUG‐DEC 2018
10
COURSE DESCRIPTIONS
40%
30% 30%
Week1-6
Week8-10
Week11-14
19
ACTIVITIES & GRADING
ACTIVITES COURSEOUTCOMES
ASSURANCE OF LEARNINGS (AOL)
KNOWLEDGE ANALYTICAL THINKING
CRITICALTHINKING
Class Activities 20%Assignment 30% Presentation 20%Examination 30% (Final Exam)
ERM
PRM
CRISIS & BCM
A
B+
B
20
AUG‐DEC 2018
11
SECTION 5:
SCANNING RISK KNOWLEDGE
21
ACTIVITY 1: SCANNING RISK KNOWLEDGE
1. Risk and problem are both same.
RIGHT WRONG
2. All staff level should involve in risk management.
3. Risk management should not much relate to corporate strategy.
4. Leader is the first determinants of ERM/PRM.
5. Risk Management should integrate to other part of organizationsrather than that of isolation.
6. Effective of ERM should drive from top-down approach.
7. PRM and ERM processes are distinctive.
8. All risks can be reduced the impact.
9. Risk should manage across entities.
10. Implementing ERM/PRM successfully depends on more external factors 22
AUG‐DEC 2018
12
23
PART 1: ENTERPRISE RISK MANAGEMENT (ERM)
24
AUG‐DEC 2018
13
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-Lim, LECTURE NOTE
WEEK 2: THE DEVELOPMENT OF ERM THEORIES
25
TOPICS
RISK MANAGEMENT PARADIGM’S SHIFT
VALUES OF ERM FOR FIRMS
GLOBAL RISKS
EXPLAINING ASSIGNMENT
26
AUG‐DEC 2018
14
SECTION 1:
RISK MANAGEMENT PARADIGM’S SHIFT
27
RISK MANAGEMENT PARADIGM’S SHIFT• Began to be studied after world war II• Insurance is the first industry adopted RM.• Quantify risk withthe geometric mean and minimizing risk by
spreading it across a set of independent event
THE BIRTH OF RM
• Focusing on modelling and optimization
RM IN QUANTITATIVE ANALYSIS
• Focusing on risk management process: identification, assessment, mitigating and monitoring
• Doing RM as a project based-isolation-. TRADITIONAL RISK MANAGEMENT
• Addressed all risk comprehensively instead of managing risk individually-Managing Risk Across Enterprise-.
• Alignment with corporate strategy• Including internal environmental factor as process of implementing
ENTERPRISE RISK MANAGEMENT
28
AUG‐DEC 2018
15
ENTERPRISE RISK MANAGEMENT PLATFORM
GOVERNANCE
ENTERPRISE RISK MANAGEMENT
COMPLIANCE Ensure adherence to laws and regulations
Identify Risk Assessing Risk Responding Risk Monitoring Risk
Tone of the top Corp Strategy Establish risk culture Develop RM policies Embed Ownership
Reference: Marchetti (2012)
29
SECTION 2:
VALUES OF ERM FOR FIRMS
30
AUG‐DEC 2018
16
VALUES OF ERM FOR FIRMS
INCLINED SHAREHOLDER VALUE
Revenue and earninggrowth
Return on capital
Reduce Expense and Loss
Increasing organizational performance
INCLINED SHAREHOLDER VALUE
Revenue and earninggrowth
Return on capital
Reduce Expense and Loss
Increasing organizational performance
Reference: Manab, Kassim and Hussin
MAKING BETTER DECISION
Deduced management a better decision
Assisted in New Development Product
Seize Opportunity
MAKING BETTER DECISION
Deduced management a better decision
Assisted in New Development Product
Seize Opportunity
PREVENTIVE LOSS Reduced damage
Better Achieving Corporate Goals
Better Achieving Projects
Improved effectiveness and efficiency
Reduced loss in process and supply chain
PREVENTIVE LOSS Reduced damage
Better Achieving Corporate Goals
Better Achieving Projects
Improved effectiveness and efficiency
Reduced loss in process and supply chain
31
SECTION 3:
GLOBAL RISKS
32
AUG‐DEC 2018
17
ACTIVITY 2: LET’S DISCUSS GLOBAL CONCERNS
• TO YOUR OPINION, WHAT ARE THE GLOBAL CONCERNS?
33
GLOBAL RISKS
Reference: World Economic Forum (2018)
34
AUG‐DEC 2018
18
Reference: World Economic Forum (2018) 35
KEY GLOBAL RISKS-WORLD ECONOMIC FORUM-
I. ENVIRONMENTAL DANGERII. GEOPOLITICAL TENSIONIII. DISRUPTIVE TECHNOLOGY
https://www.youtube.com/watch?v=mnNmVqnDbyo
36
AUG‐DEC 2018
19
SECTION 4:
EXPLAINING ASSIGNMENT
37
ACTIVITY 3: SHARING YOUR OGANIZATIONAL CONCERNS
• TO YOUR OPINION, WHAT ARE YOUR ORGANIZATIONAL CONCERNS?
38
AUG‐DEC 2018
20
Missionsใหบรการสขภาพทมคณภาพ คมคา สะดวกสบาย นาเชอถอ ดวยทมงานทมความรบผดชอบ
Visionโรงพยาบาลทไดรบความไววางใจมากทสด
StrategyDigital Medical Care & Command Center/ Improve IT (Service Design/ Social Media/ Application)
Business ObjectivesListed Company & Digital Hospital in 2018
Risk
Strategic Risk
ปรบตวไมทน ตอความรวดเรวของเทคโนโลยทเปลยนแปลงไป
Operational Risk
กระบวนการทางาน ไมสอดคลองกบการพฒนาทเกดขน
การพฒนาบคลากรไมทนตอเทคโนโลยทเปลยนแปลง
Report/ Financial Risk
ความคมคาจากการลงทน
ไมสามารถการจดงบประมาณใหสอดคลองกบนโยบายและกลยทธของ รพ.ได
รายงานทางการเงนไมสามารถใชในการตดสนใจบรหารได
Compliance Risk
การทจรตในการจดซอจดจาง/ สญญาตางๆ ในการพฒนา หรอการใชเทคโนโลย
การละเมดขอมลผ ปวย/ ขอมลสาคญจากการใช Social Media/ Application
ALIGNEMENT ERM WITH CORPORATE STRATEGY
39
EXPLAINING ASSIGNMENT (ERM REPORT)• ERM REPORT = ASSIGNMENT 1 (WEEK 2) ASSIGNMENT 2 (WEEK 5)
& ASSIGNMENT 3 (WEEK 6)
• COMPONENTS OF REPORT:• 1) CORPORATE VISION, MISSION, STRATEGIES• 2) RISK IDENTIFICATION• 3) PROPOSED RISK ASSESSMENT TECHNIQUE• 4) RISK MATRIX• 5) RISK RESPONSE TOOLS AND CONTROL ACITIVITIES• 6) SOME KRIs
40
AUG‐DEC 2018
21
41
42
AUG‐DEC 2018
22
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 3: FUNDAMENTAL ERM
43
TOPICS
DEFINITIONS OF ERM
DEFINITIONS OF RISK
DETERMINANTS OF ERM
ROLES OF LEADER
44
AUG‐DEC 2018
23
SECTION 1:
DEFINITIONS OF ERM
45
Philip, Michael, Anil and Elzotbek (2014)46
AUG‐DEC 2018
24
Philip, Michael, Anil and Elzotbek (2014)47
DEFINITIONS OF ERM
ERM is a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievementof entity objectives.
48
AUG‐DEC 2018
25
DEFINITIONS OF ERM
ERM should do as an enterprise rather than a project base.
ERM should integrate with strategy rather than isolation.
49
SECTION 2:
DEFINITIONS OF RISK
50
AUG‐DEC 2018
26
DEFINITIONS OF RISK Risk, normally, defines as a multifaceted-term.
Risk is an event (-,+) that could affect corporate goals, project or any entities.
Risk VS Problems
UNCERTAIN DEVIATION FROM EXPECTED UPSIDE VOLATILITY
51
Impact to Organization
EVENT
Likely to happen
RISK
Happened
Is Likely to Recur.- Is a regular activity.- There’re definitely management plans.
PROBLEM
Future Present
RISK VS PROBLEM
52
AUG‐DEC 2018
27
REAL SITUATION BETWEEN RISK & PROBLEM• Suppose, executive management in well-
known private hospital so much concerns on the dense of car park.
• This hospital determines the corporate goal as “stimulate growth by 10 % compared to last year.
53
SECTION 3:
DETERMINANTS OF ERM
54
AUG‐DEC 2018
28
ACTIVITY 4: PRIORITIZE ERM DETERMINANTS
• EXECUTIVE SUPPORT (LEADER)
• ORGANIZATIONAL CULTURE
• READINESS OF CORPORATE STRATEGY
• ERM STANDARDS
• SPECIFIC RISK APPETILE
• ERM RESOURCES
• REGULATIONS
• LEVEL OF INTENSE COMPETITORS
55
SECTION 4:
ROLES OF LEADER
56
AUG‐DEC 2018
29
ROLES OF LEADER
• The most determinants of ERM is about leader.
• Therefore, organizations could do nothing in ERM if there is nothing any supports from leader.
57
Military, 1990s todescribe the increasingly convoluted and complex geo-political landscape in which it was operating
58
AUG‐DEC 2018
30
V……..VOLATILITY
U………..UNCERTAINTY
C………….COMPLEXITY
A…………..AMBUIGUITY
https://www.youtube.com/watch?v=9yg_BLNSYZU&t=0s&list=LLT1QYOFb5WOOJ1ZwAHdQ8Ig&index=14
59
60
AUG‐DEC 2018
31
VOLATILITY
Liability to change rapidly and unpredictably, especially for the worse.
The nature, speed, volume, and magnitude ofchange that is not in a predictable pattern(Sullivan, 2012 January 16)
61
UNCERTAINTY
Inability to know everything fully
These volatile times make it difficult for leaders to use past issues and events as predictors of future outcomes, making forecasting extremely difficult and decision-making challenging (Sullivan, 2012 January 16).
62
AUG‐DEC 2018
32
COMPLEXITY
The state or quality of being intricate or complicated
Interconnected & Independencies
63
AMBUIGUITY
Open to more than one interpretation
Lack of Clarifying Meaning
Casual Relationship is Unclear.
64
AUG‐DEC 2018
33
STRATEGIC SOLUTIONS FOR LEADERS IN TURBULENT ENVIRONMENT
• CLASSICAL MANAGEMENT APPROACH
INPUT-PROCESS-OUTPUT
OPTIMIZATION
LINEAR RELATION (CAUSE AND EFFECT)
ROUTINE, WELL DEFINED AND PREDICTABLE ENVIRONMENT
FIXED FUTURE PROJECTIONS
• PARADIGM’S SHIFT OF MANAGEMENT TOOLS
AGILE ORGANIZATION (ADAPTABTION)
CLEAR VISION BUT FLEXIBLE IMPLEMENTATION
RISKS AND SIMULATION
SYSTEM THINKING
65
66
AUG‐DEC 2018
34
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 4: ERM FRAMEWORK
67
TOPICS
ERM STANDARD
ERM GOVERNANCE
INTERNAL ENVIRONMENT
RISK IDENTIFICATION
OVERVIEW OF ERM FRAMEWORK
68
AUG‐DEC 2018
35
SECTION 1:
ERM STANDARD
69
ERM STANDARD • Currently, Two famous standard of ERM are: COSO, ISO..
COSO ERMISO 31000 70
AUG‐DEC 2018
36
71
SECTION 2:
ERM GOVERNANCE
72
AUG‐DEC 2018
37
ERM GOVERNANCE
• ERM Governance should ready before implementing ERM as cycle.
GOVERNANCE
ENTERPRISE RISK MANAGEMENT
COMPLIANCE Ensure adherence to laws and regulations
Identify Risk Assessing Risk Responding Risk Monitoring Risk
Tone of the top Corp Strategy Establish risk culture Develop RM policies Embed Ownership
Reference: Marchetti (2012)73
SECTION 3:
OVERVIEW OF ERM FRAMEWORK
74
AUG‐DEC 2018
38
OVERVIEW OF ERM FRAMEWORK
75
Dimension 2 : Level of Assess
องคประกอบของการบรหารความเสยง(วธการประเมน)
Dimension 1 : Achievement of Objectives (Type of Risk)
ลาดบขนการประเมน(โครงสรางขององคกร)
วตถประสงคการประเมนความเสยง (ประเภทความเสยง)
Dimension 3 : Components of ERM (Method)
DIMENSION 1 STRATEGIC OBJECTIVE
• PROTECT BUSINESS FROM FAILURE OF IMPLEMENTING STRATEGIES, OR EVEN CONTENTS
OPERATIONAL OBJECTIVE
• OPERATING PROCESSES THRU HUMAN, IT SYSTEM OR MANUAL MUST BE EFFECTIVE.
REPORTING OBJECTIVE
• BOTH FINACIAL AND NON-FINANCIAL REPORT SHOULD CONSIDER.
COMPLIANCE OBJECTIVE
• TRY TO COMPLY BUSINESS LAWS, REGULATORY, STANDARDS
76
AUG‐DEC 2018
39
DIMENSION 1
COSO will consider Strategic Risk Operational Risk Reporting/Financial Risk Compliance Risk
We will need top consider more. Strategic Risk Operational Risk Reporting/Financial Risk (Credit, Liquidity, Market) Compliance Risk External Risk/Macro Reputation Risk Political Risk
77
DIMENSION 2• Implementing ERM should do
all organization not just onlyfocusing on Board of Directoror top level.
• Risk should initially assessfrom team, unit, project(PRM), department, and soon.
TOP DOWN
BOTTOM-UP
78
AUG‐DEC 2018
40
DIMENSION 3 INTERNAL ENVIRONMENT
RISK IDENTIFICATION
RISK ASSESSMENTRISK MITIGATION
RISK MONITORING
79
SECTION 4:
INTERNAL ENVIRONMENT
80
AUG‐DEC 2018
41
INTERNAL ENVIRONMENT• Before constructor builds the house,
he/she should pay attention on base/ foundation of architecture.
• If internal environment does not ready, please do not implement ERM.
81
INTERNAL ENVIRONMENT
• The internal environment encompasses the tone of an organization, influencing the risk consciousness of its people, and is the basis for all other components of enterprise risk management, providing discipline and structure. Internal environment factors include an entity’s risk management philosophy; its risk appetite; oversight by the board of directors; the integrity, ethical values, and competence of the entity’s people; and the way management assigns authority and responsibility, and organizes and develops its people.
82
AUG‐DEC 2018
42
INTERNAL ENVIRONMENT
• RISK MANAGEMENT PHILOSOPHY
• RMC (RISK MANAGEMENT COMMITTEE OR ANY RELATED BOD.
• ERM POLICY AND PROCEDURE
83
SECTION 5:
RISK IDENTIFICATION
84
AUG‐DEC 2018
43
RISK IDENTIFICATION• Management identifies potential events that, if they occur, will affect
the entity, and determines whether they represent opportunities or whether they might adversely affect the entity’s ability to successfully implement strategy and achieve objectives.
85
RISK IDENTIFICATION CONCEPTS
CONCEPTS Identify risk with link to corporate vision, mission, strategy, and objective
Identify risk not a problem
Consider both internal and external factor given main four types of risk
86
AUG‐DEC 2018
44
EXAMPLE
87
RISK IDENTIFICATION (IOP)
• STRATEGIC PLAN• WORKFLOW• LAW &
REGULATORY• EXTERNAL NEWS
INPUT
• EVENT INVENTORY
• WORKSHOP• QUESTIONAIRE• WORKFLOW
PROCESS• RISK
REGISTER
OUTPUT
88
AUG‐DEC 2018
45
RISK IDENTIFICATION PROCESSES
EVENT INVENTORY WORKSHOP QUESIONAIRE AND SURVEY PROCESS FLOW
COSO (2014)89
RISK IDENTIFICATION OUTPUT
90
AUG‐DEC 2018
46
ACTIVITY 5: IDENTIFICATION INDUSTRIAL RISKS
91
92
AUG‐DEC 2018
47
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 5: ERM FRAMEWORK (2)93
TOPICS
RISK APPETITE & TOLERANCE
TYPES OF ASSESSING RISK
DEVELOPMENT ASSESSING TOOLS
RISK MATRIX (MAP)
94
AUG‐DEC 2018
48
SECTION 1:
RISK APPETITE & TOLERANCE
95
RISK APPETITE • Risk appetite can be defined as ‘the amount and type of risk that an
organisation is willing to take in order to meet their strategicobjectives. Organisations will have different risk appetites dependingon their sector, culture and objectives. A range of appetites exist fordifferent risks and these may change over time.
COSO (2004)
any significant residual risk in the yellow areaexceeds the company’s risk appetite, callingfor management to take action to reduce thelikelihood and/or impact of the risk to bring itwithin the company’s risk appetite
96
AUG‐DEC 2018
49
RISK TOLERANCE • Risk tolerances are the acceptable levels of variation relative to the
achievement of objectives. . . . Operating within risk tolerances provides management greater assurance that the entity remains within its risk appetite, which, in turn, provides a higher degree of comfort that the entity will achieve its objectives.
97
EXAMPLE
COSO (2014) 98
AUG‐DEC 2018
50
EXAMPLE
COSO (2004) 99
MAPPING WITH CORPORATE PACKAGE
100
AUG‐DEC 2018
51
SECTION 2:
TYPES OF ASSESSING RISK
101
RISK INHERENT VS RISK RESIDUAL
RISK INHERENT (BEORE TAKING ANY ACTIONS
RISK RESIDUAL
(AFTER TREATMENT)
102
AUG‐DEC 2018
52
TYPES OF ASSESSING RISK
QUALITATIVE QUANTITATIVE
103
TYPES OF ASSESSING RISK
104
AUG‐DEC 2018
53
QUALITATIVE APPROACH
• Qualitative approach is more well-known and practically than quantitative one due to the limitation of historical data.
• While some qualitative risk assessments are put forth in subjective terms, and others in more objective ones, the quality of the assessments depends largely on the knowledge and judgment of the individuals involved, their understanding of potential events, and the surrounding context and dynamics.
105
QUALITATIVE APPROACH
106
AUG‐DEC 2018
54
QUANTITATIVE APPROACH • Quantitative techniques can be used when enough information
exists to estimate risk likelihood or impact using interval or ratio measures.
• An important consideration in quantitative assessment is availability of accurate data, either internally or externally sourced, and one of the challenges in using these techniques is obtaining enough valid data points.
107
2 QUALITATIVE APPROACHES
PROBABILISTIC TECHNIQUES
NON PROBABILISTIC TECHNIQUES
108
AUG‐DEC 2018
55
PROBABILISTIC TECHNIQUES
• Probability-based techniques measure the likelihood and impact of a range of outcomes based on distributional assumptions of the behaviorof events.
109
EXAMPLE: PROBABILISTIC TECHNIQUES-VaR-• VaR (Value-at-Risk) models are based on distributional assumptions about change
in the value of an item or group of items, which is not expected to be exceeded with a given confidence level over a defined time period. These models are used to estimate extreme ranges of value change expected to occur infrequently, such as the estimated level of loss that would not be expected to be exceeded with 95% or 99% confidence (COSO, 2004)
110
AUG‐DEC 2018
56
EXAMPLE: PROBABILISTIC TECHNIQUES-Other Tools• CASH FLOW AT RISK (estimates a change in the cash flows of an organization or
business unit relative to a targeted cash flow expectation with a given confidence over a defined time horizon)
• LOSS DISTRIBUTION
111
NON-PROBABILISTIC TECHNIQUES
• Non-probabilistic techniques are used to quantify the impact of a potential event, based on distributional assumptions, but without assigning likelihood of event occurrence. Thus, these techniques require that management determine likelihood separately.
112
AUG‐DEC 2018
57
NON-PROBABILISTIC TECHNIQUES• SENSITIVE ANALYSIS- is used to assess the impact of normal, or routine, changes in
potential events.
• SCENARIO ANALYSIS
113
NON-PROBABILISTIC TECHNIQUES
• STRESS TEST-assesses the impact of events having extreme impact. Stress testing differs from scenario analysis in that it focuses on the direct impact of a change in only one event or activity under extreme circumstances, as opposed to focusing on changes on a more normal scale as in scenario analysis. (Low Likelihood, High Impact)
114
AUG‐DEC 2018
58
SECTION 3:
DEVELOPMENT ASSESSING TOOLS
115
ACTIVITY 6DISCUSS YOUR SCALE
116
AUG‐DEC 2018
59
SECTION 4:
RISK MATRIX (MAP)
117
RISK MATRIX
ALIGNMENT WITH CORPORATE RISK APPETITE, TOLERANCE
118
AUG‐DEC 2018
60
RISK MATRIX
119
120
AUG‐DEC 2018
61
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 6: ERM FRAMEWORK (3)121
TOPICS
RISK RESPONSE
CONTROL ACTIVITIES
RISK MONITORING
EXPLAINING HOMEWORK
122
AUG‐DEC 2018
62
SECTION 1:
RISK RESPONSE
123
WRAP-UP (WHAT WE ARE NOW)
WHAT WILL DO NEXT TO MANAGE SUCH RISK?
DO ANY ALL RISKS CAN MANAGE?
124
AUG‐DEC 2018
63
RISK RESPONSE STRATEGIES
COSO (2004)
Most of risk in orgshould reduce strategy
125
FOCUS ON RISK REDUCTION STRATEGIES
ROOT CAUSE ANALYSIS
1
FAILURE MODE EFFECT ANALYSIS (FMEA)
2
126
AUG‐DEC 2018
64
ROOT CAUSE ANALYSIS
• account for the process of finding out real/true cause driven the risk
• The benefit of root cause is about to reduce likelihood of risk
127
FAILURE MODE EFFECT ANALYSIS (FMEA)
• Failure Mode and Effects Analysis (FMEA) is a structured way toidentify and address potential problems, or failures and their resultingeffects on the system or process before an adverse event occurs.
• FMEA has its aim to reduce the impact of risk.
128
AUG‐DEC 2018
65
FOCUS ON RISK REDUCTION STRATEGIES
• EXAMPLE
129
ACTIVITY 7 • HIGH PROBABILIY TO SUE FROM PATIENCE DUE TO THE MISTAKE FROM SURGERY
• DISASTER ON FIRE DUE TO OLD BUILDING
• BAD IMAGE DUE TO OVERBOOKING MODEL IN AIRLINE INDUSTRY
• DEPENDENCY FROM GOVERNMENT POLICY
SELECTING RISK RESPONSE STRATEGIES
130
AUG‐DEC 2018
66
EX: RISK RESPONSE STRATEGIES
131
EX: RISK RESPONSE STRATEGIES
• Some complicated risk can not manage with only one response way.
132
AUG‐DEC 2018
67
EX: RISK RESPONSE STRATEGIES
• Some complicated risk can not manage with only one response way.
133
CONCLUSIONS
• NOT ALL RISKS CAN REDUCE ITS SEVERITY.
• SOME RISKS NEED MORE THAN ONE RESPONSE WAY
• SOME RESPONSE WAY COULD EITHER REDUCE THE LIKELIHOOD OR IMPACE ALL BOTH.
134
AUG‐DEC 2018
68
SECTION 2:
CONTROL ACTIVITIES
135
CONTROL ACTIVITIES
• After risk response setting, the next role is about to set control activity.
• Control activities are the policies and procedures that help ensure that management’s risk responses are carried out.
• Control activity includes a range of activities – as diverse as approvals, authorizations, verifications, reconciliations, reviews of operating performance, security of assets, and segregation of duties
136
AUG‐DEC 2018
69
RISK RESPONSE AND CONTROL ACTIVITY
COSO (2004)137
RISK RESPONSE AND CONTROL ACTIVITY
COSO (2004)138
AUG‐DEC 2018
70
SECTION 3:
RISK MONITORING
139
RISK MONITORINGINTERNAL
ENVIRONMENT
RISK IDENTIFICATION
RISK ASSESSMENT
RISK MITIGATION
RISK MONITORING
140
AUG‐DEC 2018
71
RISK MONITORING• Risk monitoring is about the process to assess the effectiveness of risk
response strategies as well as its control activity.
• Do such risk management plan still applicable to current situation?
EFFECTIVE CONTROL ACTIVITY
INEFFECTIVE CONTROL ACTIVITY DUE TO UNCONTROLABLE FACTORS
BOTH INTERNAL AND EXTERNAL FACTORS
141
RISK MONITORING-KRIs-
• Apart from monitoring the effectiveness of control activity, one essential indicator is about “KEY RISK INDICATOR (KRI)” which is gathered to follow up the risk residual.
• Key risk indicators are metrics used by organizations to provide anearly signal of increasing risk exposures in various areas of theenterprise
• In some instances, they may represent key ratios that managementthroughout the organization track as indicators of evolving risks, andpotential opportunities, which signal the need for actions that need tobe taken.
142
AUG‐DEC 2018
72
RISK MONITORING-KRIs-
COSO (2010)143
RISK MONITORING-KRIs-• How are the difference between KPI & KRI?
INPUT PROCESS OUTPUT
KRI KPI• Good KRI should report risk situation as an early-warning then it should
measure the process rather than the result which KPI put in place.
144
AUG‐DEC 2018
73
RISK MONITORING-KRIs-
RISK KPI KRI
SUE DUE TO OPEATIONAL MISTAKE IN HOSPITAL
NUMBER OF SUE CASE PER YEAR
NUMBER OF INCIDENT AND COMPLAIN
145
RISK MONITORING- LEADING KRIs-
146
AUG‐DEC 2018
74
RISK MONITORING- LEADING KRIs-
147
SECTION 4:
EXPLAINING HOMEWORK
148
AUG‐DEC 2018
75
EXPLAINING HOMEWORK
• ASSIGNMENT 3 Put Further on ERM Report
• ASSIGNMENT 4 Selected One Paper, Article, Well-known Real Case Study Related to ERM…
149
EXPLAINING HOMEWORK
• ASSIGNMENT 4 Selected One Paper, Article, Well-known Real Case Study Related to ERM…
WEEK 7: Present Your Selected Paper (10 Minutes) Doing a PPT Slide which covers:
Rationale & Objectives Methodology Result Conclusion Discussion What you could learn from this article?
150
AUG‐DEC 2018
76
151
152
AUG‐DEC 2018
77
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 7: PRESENTATION153
ASSESSMENT CRITERIA
154
AUG‐DEC 2018
78
ASSESSMENT CRITERIA
155
156
AUG‐DEC 2018
79
PART 2: PROJECT RISK MANAGEMENT (PRM)
157
158
AUG‐DEC 2018
80
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 8: BASIC KNOWLEDGE OF PRM
159
TOPICS
THE ROLE OF PROJECT IN ORGANZATION
PROJECT RISK MANAGEMENT STANDARD
EXPLAIN ASSIGNEMENT
CAUSES OF PROJECT FAILURE
160
AUG‐DEC 2018
81
SECTION 1:
THE ROLE OF PROJECT IN ORGANZATION
161
THE ROLE OF PROJECT IN ORGANZATION
MISSION
VISION
CORPORATE STRATEGIES
BUSINESS OBJECTIVE
DEPARTMENT STRATEGIESINITIATED PROJECT 1 INITIATED PROJECT 2 INITIATED PROJECT 3 INITIATED PROJECT 3
162
AUG‐DEC 2018
82
THE ROLE OF PROJECT IN ORGANZATION
• Do corporate achieve strategy when project delay?
• Do corporate achieve strategy when lack of PM competent?
• Do corporate achieve strategy when budget runs?
• Do corporate achieve strategy when intense dependency of supplier?
163
SECTION 2:
PROJECT RISK MANAGEMENT STANDARD
164
AUG‐DEC 2018
83
PROJECT RISK MANAGEMENT STANDARD
• Project Management Institute (PMI) is the most well-known relating project management standard for both academia and practitioners.
165
PROJECT RISK MANAGEMENT STANDARD
166
AUG‐DEC 2018
84
PROJECT RISK MANAGEMENT STANDARD-CERTIFICATE PROCESS
FULLFILL ELIGIBLE CRITERIA
COMPLETE APPLLICATION
APPLICATION REVIEW PAYMENT
SCHEDUAL TEST
APPOINT
https://www.pmi.org/certifications/process167
PROJECT RISK MANAGEMENT STANDARD-EXAM CONTENT
• With your advanced skills in risk management, you perform a specialized function attuned to the needs of a project environment that is increasingly global, virtual and complex. The PMI Risk Management Professional (PMI-RMP)® highlights your ability to identify and assess project risks, mitigate threats and capitalize on opportunities. In this capacity, you enhance and protect the needs of your organization.
168
AUG‐DEC 2018
85
PROJECT RISK MANAGEMENT STANDARD-EXAM CONTENT
https://www.pmi.org/-/media/pmi/documents/public/pdf/certifications/risk-management-exam-outline.pdf 169
SECTION 3:
EXPLAIN ASSIGNEMENT
170
AUG‐DEC 2018
86
EXPLAIN ASSIGNEMENT 5-PRM REPORT
• SELECT ONE PROJECT: 1) You are the main role in the project or any2) How is the linkage between project and corporate strategies
• COMPONENTS OF REPORT:• 1) RATIONALE AND OBJECTIVE OF PROJECT• 2) RISK IDENTIFICATION• 3) PROPOSED RISK ASSESSMENT TECHNIQUE• 4) RISK MATRIX• 5) RISK RESPONSE TOOLS AND CONTROL ACITIVITIES• 6) SOME KRIs
171
SECTION 4:
CAUSES OF PROJECT FAILURE
172
AUG‐DEC 2018
87
ACTIVITY 9BRAINSTROM CAUSES OF PROJECT FAILURE
173
CAUSES OF PROJECT FAILURE
HAMED (2013)174
AUG‐DEC 2018
88
175
176
AUG‐DEC 2018
89
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 9: PRM FRAMEWORK(1)
177
TOPICS
RATIONALE OF PRM
DEFINITION OF PROJECT RISK
OVERALL PRM FRAMEWORK
PROJECT RISK IDENTIFICATION
PROJECT RISK ASSESSMENT178
AUG‐DEC 2018
90
SECTION 1:
RATIONALE OF PRM
179
RATIONALE OF PRM
• Project Risk Management is not an optional activity: it isessential to successful project management (PMI).
• To be precise, it becomes an integral part of every aspect ofmanaging the project, in every phase and in every processgroup.
• Project Risk Management is not a substitute for the otherproject management processes. It adds the value of projectdue to the handling of uncertainty events.
180
AUG‐DEC 2018
91
RATIONALE OF PRM-CRITICAL SUCCESS FACTORS-
PMI(PRACTICE STANDARD: P6) 181
SECTION 2:
DEFINITION OF PROJECT RISK
182
AUG‐DEC 2018
92
DEFINITION OF PROJECT RISK
•Project risk is an uncertain event or condition that, if it occurs, has a positive or a negative effect on a project’s objectives
•Risk defines in two dimensions: uncertainty (probability), effect on project objectives (impact)
183
DEFINITION OF PROJECT RISK
NEWTON (2015)184
AUG‐DEC 2018
93
SECTION 3:
OVERALL PRM FRAMEWORK
185
OVERALL PRM FRAMEWORK
PMI (P 17) 186
AUG‐DEC 2018
94
PLAN RISK MANAGEMENT (STEP 1)
• The objectives of the Plan Risk Management process are to develop the overall risk management strategy for the project, to decide how the risk management processes will be executed, and to integrate Project Risk Management with all other project management activities.
187
SECTION 4:
PROJECT RISK IDENTIFICATION
188
AUG‐DEC 2018
95
PROJECT RISK IDENTIFICATION-SAME AS ERM-
• STRATEGIC PLAN• WORKFLOW• LAW & REGULATORY• EXTERNAL NEWS
INPUT
• EVENT INVENTORY
• WORKSHOP• QUESTIONAIRE• WORKFLOW
PROCESS• RISK REGISTER
OUTPUT
189
PROJECT RISK IDENTIFICATION-SAME AS ERM
PMI (P 28-29)190
AUG‐DEC 2018
96
PROJECT RISK IDENTIFICATION-HOW TO WRITE RISK TITLE
• EFFECT DUE TO CAUSE
• EX: PROJECT DELAY DUE TO INEFFECTIVE VENTOR
• EX: BUDGET RUN DUE TO HIGH COST OF STAFF
191
SECTION 5:
PROJECT RISK ASSESSMENT
192
AUG‐DEC 2018
97
PROJECT RISK ASSESSMENT
QUALITATIVE QUANTITATIVE
193
PROJECT RISK ASSESSMENT-QUALITATIVE
RISK TITLE IDENTIFY CAUSES OF RISK
PRIORITIZE RISK THRU LIKELIHOOD
& IMPACT
PUT RISK TO THE MAP
194
AUG‐DEC 2018
98
PROJECT RISK ASSESSMENT-QUANTITATIVE
PMI (P 41)195
196
AUG‐DEC 2018
99
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 10: PRM FRAMEWORK (2)
197
TOPICS
PROJECT RISK RESPONSE/MITIGATION
PROJECT RISK MONITORING
PRM REPORT (ASSIGNMENT 6)
PREPARING PRM PRESENT
198
AUG‐DEC 2018
100
SECTION 1:
PROJECT RISK RESPONSE/MITIGATION
199
PROJECT RISK RESPONSE/MITIGATION
AVOIDANCE SHARING
REDUCTION ACCEPTANCE
RESPONSE
Impa
ct
Likelihood
Low competent of PMO
Project delay due to work loadof PM
Budget run due to ineffectiveness of the project
Low quality of Project due to Unsystematic design
200
AUG‐DEC 2018
101
PROJECT RISK RESPONSE/MITIGATIONRISK TITLE RESPONSE
STRATEGYCONTROL ACTIVITY
Low competent of PMO Accept Do nothing
Project delay due to work load of PM
Reduction 1. Prioritize PM activity2. Hire additional PM
Budget run due to ineffectiveness of the project
Avoidance Abortion of Project
Low quality of Project due to Unsystematic design
Sharing Hire outsource for designing project processes
201
PROJECT RISK RESPONSE/MITIGATION-CSFs-
PMI(P:44)202
AUG‐DEC 2018
102
SECTION 2:
PROJECT RISK MONITORING
203
PROJECT RISK MONITORING• The primary objectives of risk monitoring and controlling are to track
identified risks, monitor residual risks, identify new risks, ensure that risk response plans are executed at the appropriate time, and evaluate their effectiveness throughout the project life cycle.
Control activity status KRIs Result
204
AUG‐DEC 2018
103
PROJECT RISK MONITORING
• BEFORE MITIGATE RISK
RISK INHERENT
• CONTROL• KRIs
RESPONSE• AFTER
RISK RESIDUAL
205
PROJECT RISK MONITORING206
1 2 3 4 5
5
4
3
2
1
E9
O1 O2
C3
F5
S4F7
O8
AUG‐DEC 2018
104
ADJUST RISK RATING
207
E9
F6
O1 O2
C3
F5
S4F7
O8
E9
F6
O1
O2C3
F5 S4
F7 O8
E9
F6 O1
O2
C3
F5 S4
F7 O8
N
N
กอนจดการความเสยง ผลการตดตามครงท 1ผลการตดตามครงท 2
+ ผลการประเมนปตอไป
EMERGING RISKS
SECTION 3:
PRM REPORT
208
AUG‐DEC 2018
105
ASSIGNMENT 6FURTHER CONDUCT PRM REPORT IN YOUR SELECTED PROJECT
209
SECTION 4:
PREPARING PRM PRESENT
210
AUG‐DEC 2018
106
PREPARING PRM PRESENT
• PREPARING A BEAUTIFUL DESIGN SLIDES GIVEN THE GOOD CONTENTS
• PRESENTER SPENDS TIME APPROXIMATING 10-15 MINUTE
211
212
AUG‐DEC 2018
107
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 11: PRESENTATION213
ASSESSMENT CRITERIA
214
AUG‐DEC 2018
108
ASSESSMENT CRITERIA
215
216
AUG‐DEC 2018
109
PART 3: CRISIS AND BUSINESS CONTINUITY MANAGEMENT
217
218
AUG‐DEC 2018
110
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 12: CRISIS MANAGEMENT
219
TOPICS
INTRODUCTION TO ORGANIZATIONAL CRISES: CASE STUDY
WHAT IS A CRISIS?
SOURCES OF ORGANIZATIONAL CRISES
AGILE LEADER
THE LIFE CYCLE OF CRISIS
220
AUG‐DEC 2018
111
SECTION 1:
INTRODUCTION TO ORGANIZATIONAL CRISES: CASE STUDY
221
ACTIVITY 10: CONDUCT CASE STUDY
222
AUG‐DEC 2018
112
CASE 1: DISRUPTIVE THECHNOLOGY• โรงพยาบาลเอกชนชอดง………………………….• VISION…… “The Most Trust Hospital in BKK”• MISSION….. “ใหบรการทางการแพทยดวยความสะดวกดวยเทคโนโลยชน
นา”
“จากพนธกจดงกลาว โรงพยาบาลไดนาเทคโนโลยดานการแพทยระดบโลก ไมวาจะเปน Medical Equipment ทครอบคลมหลายกลมโรคซบซอน ศลยกรรมพลาสตก ตลอดจนระบบบรการคนไข ยอดลงทนทงสน 2 พนลานบาท”
“สามปตอมา โรงพยาบาลคแขง นาเขา Medical Equipment รนใหม ทางานไดมประสทธภาพมากกวา ประมาณการเงนลงทน 5 พนลานบาท” จากสถานการณดงกลาว หากทานเปน CEO จะดาเนนการอยางไร”
223
CASE 2: LACK OF SHRIMP• บรษทผลตอาหารแชแชงทเปนอาหารทะเล และอาหารแปรรป รายไดหลก (50%)
เปนการผลตตมซาแชแขง สงออกทงภายในและภายนอกประเทศ
เนองจากอปสงค (Demand) ของกงเปนทตองการมากตอการผลตของบรษท “แตจานวนกงลดลง เนองจากกงเปนโรคตายดวน (Shrimp Early Mortality Syndrome) สงผลใหราคาสงขนมากก
จากสถานการณดงกลาวหากทานเปน COO (Chief Operation Officer) ทานจะทาอยางไร
224
AUG‐DEC 2018
113
CASE 3: CENTRALIZATION VS DECENTRALIZATION
Faculty of Medicine
School of Med.. Premium Service Primary Care
BOD.
จากการกระจายกลมบรการ คณะแพทยนควรบรหารงาน Support (HR, FINANCE,PROCUREMENT, IT…) ในแบบ centralization หรอ decentralization
225
CASE 4: STIMULATE GROWTH CEO บรษทจดการกองทนขนาดใหญกลาววา บรษทจะตองถกปดตวลง เนองจากผถอหนไมพอใจในผลการดาเนนการ 5 ปทผานมา CEO จงประกาศตอทประชมใหญ วา “หากรายไดบรษทไมเพมขน 30% พวกเราจะตกงานทกคน”
จากสถานการณดงกลาว หากทานเปน
Chief Marketing Office (CMO.)
Chief Finance Office (CFO.)
Chief People Office (CPO.)
ทานจะทาอะไร อยางไร
226
AUG‐DEC 2018
114
STRATEGIC SOLUTIONS FOR LEADERS IN TURBULENT ENVIRONMENT
• CLASSICAL MANAGEMENT APPROACH
INPUT-PROCESS-OUTPUT
OPTIMIZATION
LINEAR RELATION (CAUSE AND EFFECT)
ROUTINE, WELL DEFINED AND PREDICTABLE ENVIRONMENT
FIXED FUTURE PROJECTIONS
• PARADIGM’S SHIFT OF MANAGEMENT TOOLS
AGILE ORGANIZATION (ADAPTABTION)
CLEAR VISION BUT FLEXIBLE IMPLEMENTATION
RISKS AND SIMULATION
SYSTEM THINKING
227
SECTION 2:
WHAT IS A CRISIS?
228
AUG‐DEC 2018
115
WHAT IS A CRISIS?
• Practitioner most often uses crisis interchangeably with a number of other terms: disaster, business disruption, emergency and so on.
Not high impact as crisisNatural Disaster Happen t= 0
• Crandall W, Parnell J, Spillan J. (2014) defined crisis as “low probability but too high impact”, as well as “ambiguity cause” means that the origins and the effects of crisis might not be known initially.
• Crisis is given in the context of swift decision making thru “leader skill”.
229
SECTION 3:
SOURCES OF ORGANIZATIONAL CRISES
230
AUG‐DEC 2018
116
SOURCES OF ORGANIZATIONAL CRISES
EXTERNAL LANDSCAPE
• POLITICAL AND LEGAL FORCES• ECONOMIC FORCES• SOCIAL FORCES• TECHNOLOGICAL FORCES
INTERNAL LANDSCAPE
• INTERNAL POLICY FORCES• CULTURE FORCES• PEOPLE/STAFF FOCRES 231
SECTION 4:
THE LIFE CYCLE OF CRISIS
232
AUG‐DEC 2018
117
THE LIFE CYCLE OF CRISIS
PRECONDITION
TRIGGER EVENT
CRISIS
POSTCRISIS
BEFORE
DURING
AFTER233
SECTION 5:
AGILE LEADER
234
AUG‐DEC 2018
118
V……..VOLATILITY
U………..UNCERTAINTY
C………….COMPLEXITY
A…………..AMBUIGUITYhttps://www.youtube.com/watch?v=9yg_BLNSYZU&t=0s&list=LLT1QYOFb5WOOJ1ZwAHdQ8Ig&index=14
235
LEADERSHIP AGILITY
https://www.youtube.com/watch?v=X3-nhw-wPcA
236
AUG‐DEC 2018
119
LEADERSHIP AGILITY
Reference:Nick, Pasmore and Tom
237
VUCA VOLATILITY: Clear Set of Vision, Navigate Forward Information, Adaptive Capability
UNCERTAINTY: Risk Management, Operating under Multiple-Outcomes
COMPLEXITY: Understand Key Stakeholders
AMBUIGUITY: Communication Skills, System thinking context
LEADERS SKILL NEED
238
AUG‐DEC 2018
120
SURVIVE IN VUCA
Building Leadership Agility
Communicate effectively
Quick Decisions
Navigate through Complexity
Execution Focused
Managing Cross Culture
Building Leadership Agility
Communicate effectively
Quick Decisions
Navigate through Complexity
Execution Focused
Managing Cross Culture
Reference:EY India
Human Capital Selection
Linkage the selection process with organization vision, missions, goals and competency
Ability to leverage technology for collaboration
Super High Flexibility
Human Capital Selection
Linkage the selection process with organization vision, missions, goals and competency
Ability to leverage technology for collaboration
Super High Flexibility
HR Functions
Align internal HR processes, systems, frameworks to build a change-capable-workforce.
Set up change management unit
Categorize staff by performance based
Managing Talents to work as a team ****
HR Functions
Align internal HR processes, systems, frameworks to build a change-capable-workforce.
Set up change management unit
Categorize staff by performance based
Managing Talents to work as a team ****
239
•LEADER SHOULD NOT THE ONEWHO LEADS BUT HE/SHE WILLHAVE LOTS PEOPLE TO FOLLOW.
240
AUG‐DEC 2018
121
241
242
AUG‐DEC 2018
122
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 13: CRISIS MANAGEMENT(2)
243
TOPICS
A STRATEGIC APPROACH TO CRISIS MANAGEMENT
FORMING CRISIS MANAGEMENT TEAM & WRITING A PLAN
TAKING ACTION
CRISIS COMMUNICATION
244
AUG‐DEC 2018
123
SECTION 1:
A STRATEGIC APPROACH TO CRISIS MANAGEMENT
245
A STRATEGIC APPROACH TO CRISIS MANAGEMENT• Effective crisis management requires that managers understand both
the sources of crisis events and the strategies needed to identify and plan for them.
INTERNAL ANALYSIS
EXTERNAL ANALYSIS
STRATEGY FORMULATION ZZZZZZ
STRATEGY EXCUTION ZZZZZZ
STRATEGY CONTROL
SWOT
Crandall W, Parnell J, Spillan J. (2014) 246
AUG‐DEC 2018
124
SECTION 2:
FORMING CRISIS MANAGEMENT TEAM & WRITING A PLAN
247
FORMING CRISIS MANAGEMENT TEAM & WRITING A PLAN
• CMT: CRISIS MANAGEMENT TEAM
INTERNAL ANALYSIS
EXTERNAL ANALYSIS
STRATEGY FORMULATION ZZZZZZ
STRATEGY EXCUTION ZZZZZZ
STRATEGY CONTROL
Identify the crisis threats org facing
Develop Plan Lead Training
Actively Manage Lead post crisis Org Learning
Crandall W, Parnell J, Spillan J. (2014)
248
AUG‐DEC 2018
125
CMT CHARACTERISTICS• ABILITY TO WORK AS A TEAM
• WORK UNDER PRESSURE
• GOOD LISTENING SKILL
• VERBAL SKILL
• CRITICAL THINKING
• VISUALIZATION
249
CMT COMPOSITIONS
C LEVEL
HR
MACOM
FACILITY TEAM
FIN&ACC
LEGAL
OPERATION
OUTSIDE CONSULT
250
AUG‐DEC 2018
126
BASIC COMPONENTS OF CRISIS PLAN
COVER PAGE
TABLE OF CONTENTS
CMT
CMT ROLE
ACTIVATION CMT
COMMANDCENTER LOCAITON
RESPONSEPLANFOR SPECIFICCRISIS
251
SECTION 3:
TAKING ACTION
252
AUG‐DEC 2018
127
TAKING ACTION
INTERNAL ANALYSIS
EXTERNAL ANALYSIS
STRATEGY FORMULATION ZZZZZZ
STRATEGY EXCUTION ZZZZZZ
STRATEGY CONTROL
Identify the crisis threats org facing
Develop Plan Lead Training
Actively Manage Lead post crisis Org Learning
Crandall W, Parnell J, Spillan J. (2014)
CRISIS COMMUNICATION
253
TAKING ACTION-BEGINNING OF A CRISIS
LEADERSHIP IN CMT
SITUATIONAL ASSESSMENT
MITIGATING STRATEGIES
INITIAL COMMUNICATION
GATHER INFORMATION
NEED
GOOD DECISION MAKING GOOD TEAMWORK COMPETENT COMMUNICATION PRIORITIZE & DELIGATE SMART PLANNING
254
AUG‐DEC 2018
128
• DAMAGE CONTAINMENT MINIMIZING LOSS
TAKING ACTION-DURING CRISIS
• COMMUNICATING WITH INTERNAL & EXTERNAL STAKEHOLDERS
• EVALUATING255
• Organizations need BCP “Business Continuity Plan” (Week14) to continue its business.
TAKING ACTION-BACK ON ITS FEET
• Organizations can continue when staff, outsource, IT, building can normally operate.
• Both physical and mental staff should take into account.
256
AUG‐DEC 2018
129
SECTION 4:
CRISIS COMMUNICATION
257
CRISIS COMMUNICATION
INTERNAL ANALYSIS
EXTERNAL ANALYSIS
STRATEGY FORMULATION ZZZZZZ
STRATEGY EXCUTION ZZZZZZ
STRATEGY CONTROL
Identify the crisis threats org facing
Develop Plan Lead Training
Actively Manage Lead post crisis Org Learning
Crandall W, Parnell J, Spillan J. (2014)
CRISIS COMMUNICATION
258
AUG‐DEC 2018
130
BASIC CRISIS COMMUNICATION• Crisis communication is the direct role of leader.
It is the important process to protect the loss of goodwill.
initial
• Think about uniqueness of dialogue• Objective the key massage
internal
• Command & Control Function• Organization’s Employee
external
• Designating a Spokesperson• Communicate with Media
259
ACTIVITY 11: TELL YOUR STORY
260
AUG‐DEC 2018
131
261
262
AUG‐DEC 2018
132
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 14: BUSINESS CONTINUITY MANAGEMENT
(BCM)263
TOPICS
RATIONALE OF BCM
BCM STANDARD
BCM FRAMEWORK
CASE STUDY IN THAI COMPANIES
264
AUG‐DEC 2018
133
SECTION 1:
RATIONALE OF BCM
265
BUSINESS CONTINUITYMANAGEMENT
POLITICAL INSTABILITY
NATURAL DISASTER
STRIKE
266
AUG‐DEC 2018
134
RATIONALE OF BCMI. INCLINING UNCERTAIN EVENTS LEADING TO DISCONTINUITY
2549 2549-2552 2553 2554
267
แผนหนไฟ
แผนอบตภยหม
Business Continuity Management/Plan
คนรอด……..
องคกรรอด..
เอาชนะคแขง..
งานบรหารความเสยง คณะแพทยศาสตรโรงพยาบาลรามาธบด 4
AUG‐DEC 2018
135
RATIONALE OF BCMII. INCLINING UNCERTAIN EVENTS LEADING TO DISCONTINUITY
269
RATIONALE OF BCM
ทานจะ Operate งาน IPD, OPD, OR อยางไร เมอเกดเหตนาทวมใหญรอบ รพ. (สงจากพนดน 1.5 M)
หรอหากเกดไฟไหม…. จะปฏบตงานไดแบบเดมหรอไม หรอถาตองลด Scope งาน จะเลอกทางานอะไร และไมทาอะไร และจะทาแบบเดม แลวใครจะตองทา………………………….
270
AUG‐DEC 2018
136
ACTIVITY 8: TELL YOU STORY
HOW YOUR ORGANIZATION ARE SURVIVED?
271
SECTION 2:
BCM STANDARD
272
AUG‐DEC 2018
137
BCM STANDARD
BS 25999
ISO 22301
PRIO
R
NO
W
273
CERTIFIED BY BCMI-SINGAPORE
งานบรหารความเสยง คณะแพทยศาสตรโรงพยาบาลรามาธบด 8
AUG‐DEC 2018
138
CERTIFIED BY PECB-ISO
งานบรหารความเสยง คณะแพทยศาสตรโรงพยาบาลรามาธบด 9
BCM BS 25999 VS ISO 22301 FRAMEWORK
BCM Planning Methodology
Project Management
Risk Analysis and Review
Business Impact Analysis
Recovery StrategyPlan Development
Testing and Exercising
Program Management
BS25999ISO 22301
งานบรหารความเสยง คณะแพทยศาสตรโรงพยาบาลรามาธบด 10
AUG‐DEC 2018
139
SECTION 3:
BCM FRAMEWORK
277
BCM ISO 22301 FRAMEWORK
PLAN
Initial Program
Understand ORG
Existing System
BC Policy
ORG Structure
Competency
DO
Risk
BIA
Strategy
Measurement
BC Plan
Communication
Testing
CHECK
Monitoring System
Internal Audit
Management Review
ACT
Non-Confirm&Corrective Action
Continuity Improve
278
AUG‐DEC 2018
140
SECTION 4:
CASE STUDY IN THAI COMPANIES
279
CASE STUDY IN THAI COMPANIES
• WHY K-BANK HAS THREE HEAD OFFICE BUILDINGS ??
280
AUG‐DEC 2018
141
281
282
AUG‐DEC 2018
142
OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)
Dr. Patipan Sae-LimLECTURE NOTE
WEEK 15: WRAP-UP SESSION
283
TOPICS
PART 1: ENTERPRISE RISK MANAGEMENT
PART 2: PROJECT RISK MANAGEMENT
PART 3: CRISIS AND BUSINESS CONTINUITY MANAGEMENT
QUESTION & ANSWER
PART 4: TREND OF FUTURE RESEARCH
284
AUG‐DEC 2018
143
285