ogm 651-enterprise risk management (erm)patipanerm.com/file/e04d2e9d441cad51420d623600d9ddd6.pdf ·...

AUG‐DEC 2018

1

OGM 651-ENTERPRISE RISK MANAGEMENT(ERM)

Dr. Patipan Sae-LimLECTURE NOTE

WEEK 1: OVERVIEW OF COURSE

1

Dr. Patipan Lim

Ph.D. Doctor of Philosophy in Development Administration (International Program) National Institute of Development Administration (NIDA), Bangkok Thailand

Teaching & Guess Speaker Experiences: King Mongkut’s University of Technology Thonburi (KMUTT)-

Graduate School of Management and Innovation (GMI) Mahidol University- School of Hospital Management Faculty of

Medicine Ramathibodi Hospital Private Sectors: Praram9 Hos, Konburee Sugar PLC

Experience SectorsBanking IndustryTelecommunicationHealthcare

Areas of Expertise Enterprise Risk ManagementBusiness Continuity & Crisis ManagementWorking in Turbulent EnvironmentStatistics and Data Analysis

2

AUG‐DEC 2018

2

TOPICS

GET TO KNOW EACH OTHER

RATIONALE OF ERM/PRM

ERM TODAY AND FUTURE RESEARCH

COURSE DESCRIPTIONS

SCANNING RISK KNOWLEDGE 3

SECTION 1:

GET TO KNOW EACH OTHER

4

AUG‐DEC 2018

3

SECTION 2:

RATIONALE OF ERM/PRM

5

GMI VISION GLOBAL RECOGNITION, MORAL INTEGRITY AND INNOVATIVE LEADERS

GMI MISSION TO CRAFT PROFESSIONAL LEADERS AND ADVANCE MANAGEMENT EDUCATION THROUGH INNOVATION-DRIVEN TEACHING, RELEVANT RESEARCH, AND SUSTAINABLE SOCIAL SERVICES

6

AUG‐DEC 2018

4

Mark Elliot Zuckerberg (born May 14, 1984) is an American computer programmerCofounder of Facebook

7

GLOBALIZATION HISTORICAL TIME

8

AUG‐DEC 2018

5

RATIONALE OF ERM/PRM-GLOBAL LEVELS

BENEFITS OF GLOBALIZATION

• EASY CONNECTED

• REDUCE OPERATION COST

• FAST COMMUNICATION

• SPEEDY TRAVEL

• MOVEMENT LABOR

• ADOPTION TECHNOLOGY

• INDUSTRIALIZATION

PITFALLS OF GLOBALIZATION

• SPREAD OF DISEASE

• INTENSE COMPETITORS

• LOST OF JOB

• POLUTION

• DEPENDENCY

RISK

9

RATIONALE OF ERM/PRM-MACRO LEVEL OF UNCERTAINTY

Asian financial crisis 1997 Tom Yum Kung period

Y2K Problems

Financial Crisis

Natural Disaster Political Stability Pandemic

September 11,2001 Terrorist attacks on US

10

AUG‐DEC 2018

6

As, open system (Scott, 2003), one organization tries to transform themselves as “corporation”.

To be as corporation, proprietorship, employed to two tools of funding strategies: merger and acquisition (M&A) or launch IPO-Corporate Accounting Fraud-

RATIONALE OF ERM/PRM-ORGANIZATION LEVEL-

Situation Causes Consequences

World Com

Communication and Technology industry Expand business with Takeover, M & A Strategy Stock price dramatically incline

Lack of transparency from top mgt due to unreal financial statement underreporting line costs Corporate unallocated revenue accounts

Go bankruptcy due to the disclosure of real financial statement

After this situation, SEC (Securities Exchange Commission) forced disclosure regulation to world listed-company.

11

SECTION 3:

ERM TODAY AND FUTURE RESEARCH

12

AUG‐DEC 2018

7

ALIGNMENT REGULATION-SEC FORCED LISTED COMPANIES

PREVENTIVE LOSS-NEED TO ACHIEVE CORPORATE GOALS

INCLINEED ORGANIZATIONAL PERFORMANCE –OPPORTUNITY MANAGEMENT

MATURITY OF ERM…..

1

2

3

13

Precondition of ERM

ERM Process

Corporate Performance

H1

H2

res1

res3

res2

0.79 *** 0.74 ***

R2=0.621

R2=0.623

R2=0.956S. Patipan (2018)

MATURITY OF ERM…..

14

AUG‐DEC 2018

8

CORPORATE PHILOSOPHYThrough happy employees, we desire to see smiles from customers.

VISIONWe serve convenience to all communities.

MISSIONTo create customer engagement with innovative products and services and to enhance good relations with community and society

Corporate Risks: Change of Customer Behavior…

CASE 1: ADAPTIVENESS

15

CASE 2: LACK OF SHRIMP

• บรษทผลตอาหารแชแชงทเปนอาหารทะเล และอาหารแปรรป รายไดหลก (50%)เปนการผลตตมซาแชแขง สงออกทงภายในและภายนอกประเทศ

เนองจากอปสงค (Demand) ของกงเปนทตองการมากตอการผลตของบรษท “แตจานวนกงลดลง เนองจากกงเปนโรคตายดวน (Shrimp Early Mortality Syndrome) สงผลใหราคาสงขนมากก

จากสถานการณดงกลาวหากทานเปน COO (Chief Operation Officer) ทานจะทาอยางไร

16

AUG‐DEC 2018

9

SECTION 4:

COURSE DESCRIPTIONS

17

ENTERPRISE RISK MANAGEMENT

PROJECT RISK MANAGEMENT

CRISIS MANAGEMENT

01

02

03

18

AUG‐DEC 2018

10

COURSE DESCRIPTIONS

40%

30% 30%

Week1-6

Week8-10

Week11-14

19

ACTIVITIES & GRADING

ACTIVITES COURSEOUTCOMES

ASSURANCE OF LEARNINGS (AOL)

KNOWLEDGE ANALYTICAL THINKING

CRITICALTHINKING

Class Activities 20%Assignment 30% Presentation 20%Examination 30% (Final Exam)

ERM

PRM

CRISIS & BCM

A

B+

B

20

AUG‐DEC 2018

11

SECTION 5:

SCANNING RISK KNOWLEDGE

21

ACTIVITY 1: SCANNING RISK KNOWLEDGE

1. Risk and problem are both same.

RIGHT WRONG

2. All staff level should involve in risk management.

3. Risk management should not much relate to corporate strategy.

4. Leader is the first determinants of ERM/PRM.

5. Risk Management should integrate to other part of organizationsrather than that of isolation.

6. Effective of ERM should drive from top-down approach.

7. PRM and ERM processes are distinctive.

8. All risks can be reduced the impact.

9. Risk should manage across entities.

10. Implementing ERM/PRM successfully depends on more external factors 22

AUG‐DEC 2018

12

23

PART 1: ENTERPRISE RISK MANAGEMENT (ERM)

24

AUG‐DEC 2018

13


Dr. Patipan Sae-Lim, LECTURE NOTE

WEEK 2: THE DEVELOPMENT OF ERM THEORIES

25

TOPICS

RISK MANAGEMENT PARADIGM’S SHIFT

VALUES OF ERM FOR FIRMS

GLOBAL RISKS

EXPLAINING ASSIGNMENT

26

AUG‐DEC 2018

14

SECTION 1:

RISK MANAGEMENT PARADIGM’S SHIFT

27

RISK MANAGEMENT PARADIGM’S SHIFT• Began to be studied after world war II• Insurance is the first industry adopted RM.• Quantify risk withthe geometric mean and minimizing risk by

spreading it across a set of independent event

THE BIRTH OF RM

• Focusing on modelling and optimization

RM IN QUANTITATIVE ANALYSIS

• Focusing on risk management process: identification, assessment, mitigating and monitoring

• Doing RM as a project based-isolation-. TRADITIONAL RISK MANAGEMENT

• Addressed all risk comprehensively instead of managing risk individually-Managing Risk Across Enterprise-.

• Alignment with corporate strategy• Including internal environmental factor as process of implementing


28

AUG‐DEC 2018

15

ENTERPRISE RISK MANAGEMENT PLATFORM

GOVERNANCE


COMPLIANCE Ensure adherence to laws and regulations

Identify Risk Assessing Risk Responding Risk Monitoring Risk

Tone of the top Corp Strategy Establish risk culture Develop RM policies Embed Ownership

Reference: Marchetti (2012)

29

SECTION 2:


30

AUG‐DEC 2018

16


INCLINED SHAREHOLDER VALUE

Revenue and earninggrowth

Return on capital

Reduce Expense and Loss

Increasing organizational performance

INCLINED SHAREHOLDER VALUE

Revenue and earninggrowth

Return on capital

Reduce Expense and Loss

Increasing organizational performance

Reference: Manab, Kassim and Hussin

MAKING BETTER DECISION

Deduced management a better decision

Assisted in New Development Product

Seize Opportunity

MAKING BETTER DECISION

Deduced management a better decision

Assisted in New Development Product

Seize Opportunity

PREVENTIVE LOSS Reduced damage

Better Achieving Corporate Goals

Better Achieving Projects

Improved effectiveness and efficiency

Reduced loss in process and supply chain

PREVENTIVE LOSS Reduced damage

Better Achieving Corporate Goals

Better Achieving Projects

Improved effectiveness and efficiency

Reduced loss in process and supply chain

31

SECTION 3:

GLOBAL RISKS

32

AUG‐DEC 2018

17

ACTIVITY 2: LET’S DISCUSS GLOBAL CONCERNS

• TO YOUR OPINION, WHAT ARE THE GLOBAL CONCERNS?

33

GLOBAL RISKS

Reference: World Economic Forum (2018)

34

AUG‐DEC 2018

18

Reference: World Economic Forum (2018) 35

KEY GLOBAL RISKS-WORLD ECONOMIC FORUM-

I. ENVIRONMENTAL DANGERII. GEOPOLITICAL TENSIONIII. DISRUPTIVE TECHNOLOGY

https://www.youtube.com/watch?v=mnNmVqnDbyo

36

AUG‐DEC 2018

19

SECTION 4:

EXPLAINING ASSIGNMENT

37

ACTIVITY 3: SHARING YOUR OGANIZATIONAL CONCERNS

• TO YOUR OPINION, WHAT ARE YOUR ORGANIZATIONAL CONCERNS?

38

AUG‐DEC 2018

20

Missionsใหบรการสขภาพทมคณภาพ คมคา สะดวกสบาย นาเชอถอ ดวยทมงานทมความรบผดชอบ

Visionโรงพยาบาลทไดรบความไววางใจมากทสด

StrategyDigital Medical Care & Command Center/ Improve IT (Service Design/ Social Media/ Application)

Business ObjectivesListed Company & Digital Hospital in 2018

Risk

Strategic Risk

ปรบตวไมทน ตอความรวดเรวของเทคโนโลยทเปลยนแปลงไป

Operational Risk

กระบวนการทางาน ไมสอดคลองกบการพฒนาทเกดขน

การพฒนาบคลากรไมทนตอเทคโนโลยทเปลยนแปลง

Report/ Financial Risk

ความคมคาจากการลงทน

ไมสามารถการจดงบประมาณใหสอดคลองกบนโยบายและกลยทธของ รพ.ได

รายงานทางการเงนไมสามารถใชในการตดสนใจบรหารได

Compliance Risk

การทจรตในการจดซอจดจาง/ สญญาตางๆ ในการพฒนา หรอการใชเทคโนโลย

การละเมดขอมลผ ปวย/ ขอมลสาคญจากการใช Social Media/ Application

ALIGNEMENT ERM WITH CORPORATE STRATEGY

39

EXPLAINING ASSIGNMENT (ERM REPORT)• ERM REPORT = ASSIGNMENT 1 (WEEK 2) ASSIGNMENT 2 (WEEK 5)

& ASSIGNMENT 3 (WEEK 6)

• COMPONENTS OF REPORT:• 1) CORPORATE VISION, MISSION, STRATEGIES• 2) RISK IDENTIFICATION• 3) PROPOSED RISK ASSESSMENT TECHNIQUE• 4) RISK MATRIX• 5) RISK RESPONSE TOOLS AND CONTROL ACITIVITIES• 6) SOME KRIs

40

AUG‐DEC 2018

21

41

42

AUG‐DEC 2018

22



WEEK 3: FUNDAMENTAL ERM

43

TOPICS

DEFINITIONS OF ERM

DEFINITIONS OF RISK

DETERMINANTS OF ERM

ROLES OF LEADER

44

AUG‐DEC 2018

23

SECTION 1:

DEFINITIONS OF ERM

45

Philip, Michael, Anil and Elzotbek (2014)46

AUG‐DEC 2018

24

Philip, Michael, Anil and Elzotbek (2014)47

DEFINITIONS OF ERM

ERM is a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievementof entity objectives.

48

AUG‐DEC 2018

25

DEFINITIONS OF ERM

ERM should do as an enterprise rather than a project base.

ERM should integrate with strategy rather than isolation.

49

SECTION 2:

DEFINITIONS OF RISK

50

AUG‐DEC 2018

26

DEFINITIONS OF RISK Risk, normally, defines as a multifaceted-term.

Risk is an event (-,+) that could affect corporate goals, project or any entities.

Risk VS Problems

UNCERTAIN DEVIATION FROM EXPECTED UPSIDE VOLATILITY

51

Impact to Organization

EVENT

Likely to happen

RISK

Happened

Is Likely to Recur.- Is a regular activity.- There’re definitely management plans.

PROBLEM

Future Present

RISK VS PROBLEM

52

AUG‐DEC 2018

27

REAL SITUATION BETWEEN RISK & PROBLEM• Suppose, executive management in well-

known private hospital so much concerns on the dense of car park.

• This hospital determines the corporate goal as “stimulate growth by 10 % compared to last year.

53

SECTION 3:

DETERMINANTS OF ERM

54

AUG‐DEC 2018

28

ACTIVITY 4: PRIORITIZE ERM DETERMINANTS

• EXECUTIVE SUPPORT (LEADER)

• ORGANIZATIONAL CULTURE

• READINESS OF CORPORATE STRATEGY

• ERM STANDARDS

• SPECIFIC RISK APPETILE

• ERM RESOURCES

• REGULATIONS

• LEVEL OF INTENSE COMPETITORS

55

SECTION 4:

ROLES OF LEADER

56

AUG‐DEC 2018

29

ROLES OF LEADER

• The most determinants of ERM is about leader.

• Therefore, organizations could do nothing in ERM if there is nothing any supports from leader.

57

Military, 1990s todescribe the increasingly convoluted and complex geo-political landscape in which it was operating

58

AUG‐DEC 2018

30

V……..VOLATILITY

U………..UNCERTAINTY

C………….COMPLEXITY

A…………..AMBUIGUITY

https://www.youtube.com/watch?v=9yg_BLNSYZU&t=0s&list=LLT1QYOFb5WOOJ1ZwAHdQ8Ig&index=14

59

60

AUG‐DEC 2018

31

VOLATILITY

Liability to change rapidly and unpredictably, especially for the worse.

The nature, speed, volume, and magnitude ofchange that is not in a predictable pattern(Sullivan, 2012 January 16)

61

UNCERTAINTY

Inability to know everything fully

These volatile times make it difficult for leaders to use past issues and events as predictors of future outcomes, making forecasting extremely difficult and decision-making challenging (Sullivan, 2012 January 16).

62

AUG‐DEC 2018

32

COMPLEXITY

The state or quality of being intricate or complicated

Interconnected & Independencies

63

AMBUIGUITY

Open to more than one interpretation

Lack of Clarifying Meaning

Casual Relationship is Unclear.

64

AUG‐DEC 2018

33

STRATEGIC SOLUTIONS FOR LEADERS IN TURBULENT ENVIRONMENT

• CLASSICAL MANAGEMENT APPROACH

INPUT-PROCESS-OUTPUT

OPTIMIZATION

LINEAR RELATION (CAUSE AND EFFECT)

ROUTINE, WELL DEFINED AND PREDICTABLE ENVIRONMENT

FIXED FUTURE PROJECTIONS

• PARADIGM’S SHIFT OF MANAGEMENT TOOLS

AGILE ORGANIZATION (ADAPTABTION)

CLEAR VISION BUT FLEXIBLE IMPLEMENTATION

RISKS AND SIMULATION

SYSTEM THINKING

65

66

AUG‐DEC 2018

34



WEEK 4: ERM FRAMEWORK

67

TOPICS

ERM STANDARD

ERM GOVERNANCE

INTERNAL ENVIRONMENT

RISK IDENTIFICATION

OVERVIEW OF ERM FRAMEWORK

68

AUG‐DEC 2018

35

SECTION 1:

ERM STANDARD

69

ERM STANDARD • Currently, Two famous standard of ERM are: COSO, ISO..

COSO ERMISO 31000 70

AUG‐DEC 2018

36

71

SECTION 2:

ERM GOVERNANCE

72

AUG‐DEC 2018

37

ERM GOVERNANCE

• ERM Governance should ready before implementing ERM as cycle.

GOVERNANCE


COMPLIANCE Ensure adherence to laws and regulations

Identify Risk Assessing Risk Responding Risk Monitoring Risk

Tone of the top Corp Strategy Establish risk culture Develop RM policies Embed Ownership

Reference: Marchetti (2012)73

SECTION 3:


74

AUG‐DEC 2018

38


75

Dimension 2 : Level of Assess

องคประกอบของการบรหารความเสยง(วธการประเมน)

Dimension 1 : Achievement of Objectives (Type of Risk)

ลาดบขนการประเมน(โครงสรางขององคกร)

วตถประสงคการประเมนความเสยง (ประเภทความเสยง)

Dimension 3 : Components of ERM (Method)

DIMENSION 1 STRATEGIC OBJECTIVE

• PROTECT BUSINESS FROM FAILURE OF IMPLEMENTING STRATEGIES, OR EVEN CONTENTS

OPERATIONAL OBJECTIVE

• OPERATING PROCESSES THRU HUMAN, IT SYSTEM OR MANUAL MUST BE EFFECTIVE.

REPORTING OBJECTIVE

• BOTH FINACIAL AND NON-FINANCIAL REPORT SHOULD CONSIDER.

COMPLIANCE OBJECTIVE

• TRY TO COMPLY BUSINESS LAWS, REGULATORY, STANDARDS

76

AUG‐DEC 2018

39

DIMENSION 1

COSO will consider Strategic Risk Operational Risk Reporting/Financial Risk Compliance Risk

We will need top consider more. Strategic Risk Operational Risk Reporting/Financial Risk (Credit, Liquidity, Market) Compliance Risk External Risk/Macro Reputation Risk Political Risk

77

DIMENSION 2• Implementing ERM should do

all organization not just onlyfocusing on Board of Directoror top level.

• Risk should initially assessfrom team, unit, project(PRM), department, and soon.

TOP DOWN

BOTTOM-UP

78

AUG‐DEC 2018

40

DIMENSION 3 INTERNAL ENVIRONMENT

RISK IDENTIFICATION

RISK ASSESSMENTRISK MITIGATION

RISK MONITORING

79

SECTION 4:


80

AUG‐DEC 2018

41

INTERNAL ENVIRONMENT• Before constructor builds the house,

he/she should pay attention on base/ foundation of architecture.

• If internal environment does not ready, please do not implement ERM.

81


• The internal environment encompasses the tone of an organization, influencing the risk consciousness of its people, and is the basis for all other components of enterprise risk management, providing discipline and structure. Internal environment factors include an entity’s risk management philosophy; its risk appetite; oversight by the board of directors; the integrity, ethical values, and competence of the entity’s people; and the way management assigns authority and responsibility, and organizes and develops its people.

82

AUG‐DEC 2018

42


• RISK MANAGEMENT PHILOSOPHY

• RMC (RISK MANAGEMENT COMMITTEE OR ANY RELATED BOD.

• ERM POLICY AND PROCEDURE

83

SECTION 5:

RISK IDENTIFICATION

84

AUG‐DEC 2018

43

RISK IDENTIFICATION• Management identifies potential events that, if they occur, will affect

the entity, and determines whether they represent opportunities or whether they might adversely affect the entity’s ability to successfully implement strategy and achieve objectives.

85

RISK IDENTIFICATION CONCEPTS

CONCEPTS Identify risk with link to corporate vision, mission, strategy, and objective

Identify risk not a problem

Consider both internal and external factor given main four types of risk

86

AUG‐DEC 2018

44

EXAMPLE

87

RISK IDENTIFICATION (IOP)

• STRATEGIC PLAN• WORKFLOW• LAW &

REGULATORY• EXTERNAL NEWS

INPUT

• EVENT INVENTORY

• WORKSHOP• QUESTIONAIRE• WORKFLOW

PROCESS• RISK

REGISTER

OUTPUT

88

AUG‐DEC 2018

45

RISK IDENTIFICATION PROCESSES

EVENT INVENTORY WORKSHOP QUESIONAIRE AND SURVEY PROCESS FLOW

COSO (2014)89

RISK IDENTIFICATION OUTPUT

90

AUG‐DEC 2018

46

ACTIVITY 5: IDENTIFICATION INDUSTRIAL RISKS

91

92

AUG‐DEC 2018

47



WEEK 5: ERM FRAMEWORK (2)93

TOPICS

RISK APPETITE & TOLERANCE

TYPES OF ASSESSING RISK

DEVELOPMENT ASSESSING TOOLS

RISK MATRIX (MAP)

94

AUG‐DEC 2018

48

SECTION 1:

RISK APPETITE & TOLERANCE

95

RISK APPETITE • Risk appetite can be defined as ‘the amount and type of risk that an

organisation is willing to take in order to meet their strategicobjectives. Organisations will have different risk appetites dependingon their sector, culture and objectives. A range of appetites exist fordifferent risks and these may change over time.

COSO (2004)

any significant residual risk in the yellow areaexceeds the company’s risk appetite, callingfor management to take action to reduce thelikelihood and/or impact of the risk to bring itwithin the company’s risk appetite

96

AUG‐DEC 2018

49

RISK TOLERANCE • Risk tolerances are the acceptable levels of variation relative to the

achievement of objectives. . . . Operating within risk tolerances provides management greater assurance that the entity remains within its risk appetite, which, in turn, provides a higher degree of comfort that the entity will achieve its objectives.

97

EXAMPLE

COSO (2014) 98

AUG‐DEC 2018

50

EXAMPLE

COSO (2004) 99

MAPPING WITH CORPORATE PACKAGE

100

AUG‐DEC 2018

51

SECTION 2:


101

RISK INHERENT VS RISK RESIDUAL

RISK INHERENT (BEORE TAKING ANY ACTIONS

RISK RESIDUAL

(AFTER TREATMENT)

102

AUG‐DEC 2018

52


QUALITATIVE QUANTITATIVE

103


104

AUG‐DEC 2018

53

QUALITATIVE APPROACH

• Qualitative approach is more well-known and practically than quantitative one due to the limitation of historical data.

• While some qualitative risk assessments are put forth in subjective terms, and others in more objective ones, the quality of the assessments depends largely on the knowledge and judgment of the individuals involved, their understanding of potential events, and the surrounding context and dynamics.

105

QUALITATIVE APPROACH

106

AUG‐DEC 2018

54

QUANTITATIVE APPROACH • Quantitative techniques can be used when enough information

exists to estimate risk likelihood or impact using interval or ratio measures.

• An important consideration in quantitative assessment is availability of accurate data, either internally or externally sourced, and one of the challenges in using these techniques is obtaining enough valid data points.

107

2 QUALITATIVE APPROACHES

PROBABILISTIC TECHNIQUES

NON PROBABILISTIC TECHNIQUES

108

AUG‐DEC 2018

55

PROBABILISTIC TECHNIQUES

• Probability-based techniques measure the likelihood and impact of a range of outcomes based on distributional assumptions of the behaviorof events.

109

EXAMPLE: PROBABILISTIC TECHNIQUES-VaR-• VaR (Value-at-Risk) models are based on distributional assumptions about change

in the value of an item or group of items, which is not expected to be exceeded with a given confidence level over a defined time period. These models are used to estimate extreme ranges of value change expected to occur infrequently, such as the estimated level of loss that would not be expected to be exceeded with 95% or 99% confidence (COSO, 2004)

110

AUG‐DEC 2018

56

EXAMPLE: PROBABILISTIC TECHNIQUES-Other Tools• CASH FLOW AT RISK (estimates a change in the cash flows of an organization or

business unit relative to a targeted cash flow expectation with a given confidence over a defined time horizon)

• LOSS DISTRIBUTION

111

NON-PROBABILISTIC TECHNIQUES

• Non-probabilistic techniques are used to quantify the impact of a potential event, based on distributional assumptions, but without assigning likelihood of event occurrence. Thus, these techniques require that management determine likelihood separately.

112

AUG‐DEC 2018

57

NON-PROBABILISTIC TECHNIQUES• SENSITIVE ANALYSIS- is used to assess the impact of normal, or routine, changes in

potential events.

• SCENARIO ANALYSIS

113

NON-PROBABILISTIC TECHNIQUES

• STRESS TEST-assesses the impact of events having extreme impact. Stress testing differs from scenario analysis in that it focuses on the direct impact of a change in only one event or activity under extreme circumstances, as opposed to focusing on changes on a more normal scale as in scenario analysis. (Low Likelihood, High Impact)

114

AUG‐DEC 2018

58

SECTION 3:

DEVELOPMENT ASSESSING TOOLS

115

ACTIVITY 6DISCUSS YOUR SCALE

116

AUG‐DEC 2018

59

SECTION 4:

RISK MATRIX (MAP)

117

RISK MATRIX

ALIGNMENT WITH CORPORATE RISK APPETITE, TOLERANCE

118

AUG‐DEC 2018

60

RISK MATRIX

119

120

AUG‐DEC 2018

61



WEEK 6: ERM FRAMEWORK (3)121

TOPICS

RISK RESPONSE

CONTROL ACTIVITIES

RISK MONITORING

EXPLAINING HOMEWORK

122

AUG‐DEC 2018

62

SECTION 1:

RISK RESPONSE

123

WRAP-UP (WHAT WE ARE NOW)

WHAT WILL DO NEXT TO MANAGE SUCH RISK?

DO ANY ALL RISKS CAN MANAGE?

124

AUG‐DEC 2018

63

RISK RESPONSE STRATEGIES

COSO (2004)

Most of risk in orgshould reduce strategy

125

FOCUS ON RISK REDUCTION STRATEGIES

ROOT CAUSE ANALYSIS

1

FAILURE MODE EFFECT ANALYSIS (FMEA)

2

126

AUG‐DEC 2018

64

ROOT CAUSE ANALYSIS

• account for the process of finding out real/true cause driven the risk

• The benefit of root cause is about to reduce likelihood of risk

127

FAILURE MODE EFFECT ANALYSIS (FMEA)

• Failure Mode and Effects Analysis (FMEA) is a structured way toidentify and address potential problems, or failures and their resultingeffects on the system or process before an adverse event occurs.

• FMEA has its aim to reduce the impact of risk.

128

AUG‐DEC 2018

65

FOCUS ON RISK REDUCTION STRATEGIES

• EXAMPLE

129

ACTIVITY 7 • HIGH PROBABILIY TO SUE FROM PATIENCE DUE TO THE MISTAKE FROM SURGERY

• DISASTER ON FIRE DUE TO OLD BUILDING

• BAD IMAGE DUE TO OVERBOOKING MODEL IN AIRLINE INDUSTRY

• DEPENDENCY FROM GOVERNMENT POLICY

SELECTING RISK RESPONSE STRATEGIES

130

AUG‐DEC 2018

66

EX: RISK RESPONSE STRATEGIES

131


• Some complicated risk can not manage with only one response way.

132

AUG‐DEC 2018

67


• Some complicated risk can not manage with only one response way.

133

CONCLUSIONS

• NOT ALL RISKS CAN REDUCE ITS SEVERITY.

• SOME RISKS NEED MORE THAN ONE RESPONSE WAY

• SOME RESPONSE WAY COULD EITHER REDUCE THE LIKELIHOOD OR IMPACE ALL BOTH.

134

AUG‐DEC 2018

68

SECTION 2:

CONTROL ACTIVITIES

135

CONTROL ACTIVITIES

• After risk response setting, the next role is about to set control activity.

• Control activities are the policies and procedures that help ensure that management’s risk responses are carried out.

• Control activity includes a range of activities – as diverse as approvals, authorizations, verifications, reconciliations, reviews of operating performance, security of assets, and segregation of duties

136

AUG‐DEC 2018

69

RISK RESPONSE AND CONTROL ACTIVITY

COSO (2004)137

RISK RESPONSE AND CONTROL ACTIVITY

COSO (2004)138

AUG‐DEC 2018

70

SECTION 3:

RISK MONITORING

139

RISK MONITORINGINTERNAL

ENVIRONMENT

RISK IDENTIFICATION

RISK ASSESSMENT

RISK MITIGATION

RISK MONITORING

140

AUG‐DEC 2018

71

RISK MONITORING• Risk monitoring is about the process to assess the effectiveness of risk

response strategies as well as its control activity.

• Do such risk management plan still applicable to current situation?

EFFECTIVE CONTROL ACTIVITY

INEFFECTIVE CONTROL ACTIVITY DUE TO UNCONTROLABLE FACTORS

BOTH INTERNAL AND EXTERNAL FACTORS

141

RISK MONITORING-KRIs-

• Apart from monitoring the effectiveness of control activity, one essential indicator is about “KEY RISK INDICATOR (KRI)” which is gathered to follow up the risk residual.

• Key risk indicators are metrics used by organizations to provide anearly signal of increasing risk exposures in various areas of theenterprise

• In some instances, they may represent key ratios that managementthroughout the organization track as indicators of evolving risks, andpotential opportunities, which signal the need for actions that need tobe taken.

142

AUG‐DEC 2018

72


COSO (2010)143

RISK MONITORING-KRIs-• How are the difference between KPI & KRI?

INPUT PROCESS OUTPUT

KRI KPI• Good KRI should report risk situation as an early-warning then it should

measure the process rather than the result which KPI put in place.

144

AUG‐DEC 2018

73


RISK KPI KRI

SUE DUE TO OPEATIONAL MISTAKE IN HOSPITAL

NUMBER OF SUE CASE PER YEAR

NUMBER OF INCIDENT AND COMPLAIN

145

RISK MONITORING- LEADING KRIs-

146

AUG‐DEC 2018

74

RISK MONITORING- LEADING KRIs-

147

SECTION 4:

EXPLAINING HOMEWORK

148

AUG‐DEC 2018

75

EXPLAINING HOMEWORK

• ASSIGNMENT 3 Put Further on ERM Report

• ASSIGNMENT 4 Selected One Paper, Article, Well-known Real Case Study Related to ERM…

149

EXPLAINING HOMEWORK

• ASSIGNMENT 4 Selected One Paper, Article, Well-known Real Case Study Related to ERM…

WEEK 7: Present Your Selected Paper (10 Minutes) Doing a PPT Slide which covers:

Rationale & Objectives Methodology Result Conclusion Discussion What you could learn from this article?

150

AUG‐DEC 2018

76

151

152

AUG‐DEC 2018

77



WEEK 7: PRESENTATION153

ASSESSMENT CRITERIA

154

AUG‐DEC 2018

78

ASSESSMENT CRITERIA

155

156

AUG‐DEC 2018

79

PART 2: PROJECT RISK MANAGEMENT (PRM)

157

158

AUG‐DEC 2018

80



WEEK 8: BASIC KNOWLEDGE OF PRM

159

TOPICS

THE ROLE OF PROJECT IN ORGANZATION

PROJECT RISK MANAGEMENT STANDARD

EXPLAIN ASSIGNEMENT

CAUSES OF PROJECT FAILURE

160

AUG‐DEC 2018

81

SECTION 1:


161


MISSION

VISION

CORPORATE STRATEGIES

BUSINESS OBJECTIVE

DEPARTMENT STRATEGIESINITIATED PROJECT 1 INITIATED PROJECT 2 INITIATED PROJECT 3 INITIATED PROJECT 3

162

AUG‐DEC 2018

82


• Do corporate achieve strategy when project delay?

• Do corporate achieve strategy when lack of PM competent?

• Do corporate achieve strategy when budget runs?

• Do corporate achieve strategy when intense dependency of supplier?

163

SECTION 2:


164

AUG‐DEC 2018

83


• Project Management Institute (PMI) is the most well-known relating project management standard for both academia and practitioners.

165


166

AUG‐DEC 2018

84

PROJECT RISK MANAGEMENT STANDARD-CERTIFICATE PROCESS

FULLFILL ELIGIBLE CRITERIA

COMPLETE APPLLICATION

APPLICATION REVIEW PAYMENT

SCHEDUAL TEST

APPOINT

https://www.pmi.org/certifications/process167

PROJECT RISK MANAGEMENT STANDARD-EXAM CONTENT

• With your advanced skills in risk management, you perform a specialized function attuned to the needs of a project environment that is increasingly global, virtual and complex. The PMI Risk Management Professional (PMI-RMP)® highlights your ability to identify and assess project risks, mitigate threats and capitalize on opportunities. In this capacity, you enhance and protect the needs of your organization.

168

AUG‐DEC 2018

85

PROJECT RISK MANAGEMENT STANDARD-EXAM CONTENT

https://www.pmi.org/-/media/pmi/documents/public/pdf/certifications/risk-management-exam-outline.pdf 169

SECTION 3:

EXPLAIN ASSIGNEMENT

170

AUG‐DEC 2018

86

EXPLAIN ASSIGNEMENT 5-PRM REPORT

• SELECT ONE PROJECT: 1) You are the main role in the project or any2) How is the linkage between project and corporate strategies

• COMPONENTS OF REPORT:• 1) RATIONALE AND OBJECTIVE OF PROJECT• 2) RISK IDENTIFICATION• 3) PROPOSED RISK ASSESSMENT TECHNIQUE• 4) RISK MATRIX• 5) RISK RESPONSE TOOLS AND CONTROL ACITIVITIES• 6) SOME KRIs

171

SECTION 4:


172

AUG‐DEC 2018

87

ACTIVITY 9BRAINSTROM CAUSES OF PROJECT FAILURE

173


HAMED (2013)174

AUG‐DEC 2018

88

175

176

AUG‐DEC 2018

89



WEEK 9: PRM FRAMEWORK(1)

177

TOPICS

RATIONALE OF PRM

DEFINITION OF PROJECT RISK

OVERALL PRM FRAMEWORK

PROJECT RISK IDENTIFICATION

PROJECT RISK ASSESSMENT178

AUG‐DEC 2018

90

SECTION 1:

RATIONALE OF PRM

179

RATIONALE OF PRM

• Project Risk Management is not an optional activity: it isessential to successful project management (PMI).

• To be precise, it becomes an integral part of every aspect ofmanaging the project, in every phase and in every processgroup.

• Project Risk Management is not a substitute for the otherproject management processes. It adds the value of projectdue to the handling of uncertainty events.

180

AUG‐DEC 2018

91

RATIONALE OF PRM-CRITICAL SUCCESS FACTORS-

PMI(PRACTICE STANDARD: P6) 181

SECTION 2:


182

AUG‐DEC 2018

92


•Project risk is an uncertain event or condition that, if it occurs, has a positive or a negative effect on a project’s objectives

•Risk defines in two dimensions: uncertainty (probability), effect on project objectives (impact)

183


NEWTON (2015)184

AUG‐DEC 2018

93

SECTION 3:


185


PMI (P 17) 186

AUG‐DEC 2018

94

PLAN RISK MANAGEMENT (STEP 1)

• The objectives of the Plan Risk Management process are to develop the overall risk management strategy for the project, to decide how the risk management processes will be executed, and to integrate Project Risk Management with all other project management activities.

187

SECTION 4:

PROJECT RISK IDENTIFICATION

188

AUG‐DEC 2018

95

PROJECT RISK IDENTIFICATION-SAME AS ERM-

• STRATEGIC PLAN• WORKFLOW• LAW & REGULATORY• EXTERNAL NEWS

INPUT

• EVENT INVENTORY

• WORKSHOP• QUESTIONAIRE• WORKFLOW

PROCESS• RISK REGISTER

OUTPUT

189

PROJECT RISK IDENTIFICATION-SAME AS ERM

PMI (P 28-29)190

AUG‐DEC 2018

96

PROJECT RISK IDENTIFICATION-HOW TO WRITE RISK TITLE

• EFFECT DUE TO CAUSE

• EX: PROJECT DELAY DUE TO INEFFECTIVE VENTOR

• EX: BUDGET RUN DUE TO HIGH COST OF STAFF

191

SECTION 5:

PROJECT RISK ASSESSMENT

192

AUG‐DEC 2018

97

PROJECT RISK ASSESSMENT

QUALITATIVE QUANTITATIVE

193

PROJECT RISK ASSESSMENT-QUALITATIVE

RISK TITLE IDENTIFY CAUSES OF RISK

PRIORITIZE RISK THRU LIKELIHOOD

& IMPACT

PUT RISK TO THE MAP

194

AUG‐DEC 2018

98

PROJECT RISK ASSESSMENT-QUANTITATIVE

PMI (P 41)195

196

AUG‐DEC 2018

99



WEEK 10: PRM FRAMEWORK (2)

197

TOPICS

PROJECT RISK RESPONSE/MITIGATION

PROJECT RISK MONITORING

PRM REPORT (ASSIGNMENT 6)

PREPARING PRM PRESENT

198

AUG‐DEC 2018

100

SECTION 1:


199


AVOIDANCE SHARING

REDUCTION ACCEPTANCE

RESPONSE

Impa

ct

Likelihood

Low competent of PMO

Project delay due to work loadof PM

Budget run due to ineffectiveness of the project

Low quality of Project due to Unsystematic design

200

AUG‐DEC 2018

101

PROJECT RISK RESPONSE/MITIGATIONRISK TITLE RESPONSE

STRATEGYCONTROL ACTIVITY

Low competent of PMO Accept Do nothing

Project delay due to work load of PM

Reduction 1. Prioritize PM activity2. Hire additional PM

Budget run due to ineffectiveness of the project

Avoidance Abortion of Project

Low quality of Project due to Unsystematic design

Sharing Hire outsource for designing project processes

201

PROJECT RISK RESPONSE/MITIGATION-CSFs-

PMI(P:44)202

AUG‐DEC 2018

102

SECTION 2:


203

PROJECT RISK MONITORING• The primary objectives of risk monitoring and controlling are to track

identified risks, monitor residual risks, identify new risks, ensure that risk response plans are executed at the appropriate time, and evaluate their effectiveness throughout the project life cycle.

Control activity status KRIs Result

204

AUG‐DEC 2018

103


• BEFORE MITIGATE RISK

RISK INHERENT

• CONTROL• KRIs

RESPONSE• AFTER

RISK RESIDUAL

205

PROJECT RISK MONITORING206

1 2 3 4 5

5

4

3

2

1

E9

O1 O2

C3

F5

S4F7

O8

AUG‐DEC 2018

104

ADJUST RISK RATING

207

E9

F6

O1 O2

C3

F5

S4F7

O8

E9

F6

O1

O2C3

F5 S4

F7 O8

E9

F6 O1

O2

C3

F5 S4

F7 O8

N

N

กอนจดการความเสยง ผลการตดตามครงท 1ผลการตดตามครงท 2

+ ผลการประเมนปตอไป

EMERGING RISKS

SECTION 3:

PRM REPORT

208

AUG‐DEC 2018

105

ASSIGNMENT 6FURTHER CONDUCT PRM REPORT IN YOUR SELECTED PROJECT

209

SECTION 4:


210

AUG‐DEC 2018

106


• PREPARING A BEAUTIFUL DESIGN SLIDES GIVEN THE GOOD CONTENTS

• PRESENTER SPENDS TIME APPROXIMATING 10-15 MINUTE

211

212

AUG‐DEC 2018

107



WEEK 11: PRESENTATION213

ASSESSMENT CRITERIA

214

AUG‐DEC 2018

108

ASSESSMENT CRITERIA

215

216

AUG‐DEC 2018

109

PART 3: CRISIS AND BUSINESS CONTINUITY MANAGEMENT

217

218

AUG‐DEC 2018

110



WEEK 12: CRISIS MANAGEMENT

219

TOPICS

INTRODUCTION TO ORGANIZATIONAL CRISES: CASE STUDY

WHAT IS A CRISIS?

SOURCES OF ORGANIZATIONAL CRISES

AGILE LEADER

THE LIFE CYCLE OF CRISIS

220

AUG‐DEC 2018

111

SECTION 1:

INTRODUCTION TO ORGANIZATIONAL CRISES: CASE STUDY

221

ACTIVITY 10: CONDUCT CASE STUDY

222

AUG‐DEC 2018

112

CASE 1: DISRUPTIVE THECHNOLOGY• โรงพยาบาลเอกชนชอดง………………………….• VISION…… “The Most Trust Hospital in BKK”• MISSION….. “ใหบรการทางการแพทยดวยความสะดวกดวยเทคโนโลยชน

นา”

“จากพนธกจดงกลาว โรงพยาบาลไดนาเทคโนโลยดานการแพทยระดบโลก ไมวาจะเปน Medical Equipment ทครอบคลมหลายกลมโรคซบซอน ศลยกรรมพลาสตก ตลอดจนระบบบรการคนไข ยอดลงทนทงสน 2 พนลานบาท”

“สามปตอมา โรงพยาบาลคแขง นาเขา Medical Equipment รนใหม ทางานไดมประสทธภาพมากกวา ประมาณการเงนลงทน 5 พนลานบาท” จากสถานการณดงกลาว หากทานเปน CEO จะดาเนนการอยางไร”

223

CASE 2: LACK OF SHRIMP• บรษทผลตอาหารแชแชงทเปนอาหารทะเล และอาหารแปรรป รายไดหลก (50%)

เปนการผลตตมซาแชแขง สงออกทงภายในและภายนอกประเทศ

เนองจากอปสงค (Demand) ของกงเปนทตองการมากตอการผลตของบรษท “แตจานวนกงลดลง เนองจากกงเปนโรคตายดวน (Shrimp Early Mortality Syndrome) สงผลใหราคาสงขนมากก

จากสถานการณดงกลาวหากทานเปน COO (Chief Operation Officer) ทานจะทาอยางไร

224

AUG‐DEC 2018

113

CASE 3: CENTRALIZATION VS DECENTRALIZATION

Faculty of Medicine

School of Med.. Premium Service Primary Care

BOD.

จากการกระจายกลมบรการ คณะแพทยนควรบรหารงาน Support (HR, FINANCE,PROCUREMENT, IT…) ในแบบ centralization หรอ decentralization

225

CASE 4: STIMULATE GROWTH CEO บรษทจดการกองทนขนาดใหญกลาววา บรษทจะตองถกปดตวลง เนองจากผถอหนไมพอใจในผลการดาเนนการ 5 ปทผานมา CEO จงประกาศตอทประชมใหญ วา “หากรายไดบรษทไมเพมขน 30% พวกเราจะตกงานทกคน”

จากสถานการณดงกลาว หากทานเปน

Chief Marketing Office (CMO.)

Chief Finance Office (CFO.)

Chief People Office (CPO.)

ทานจะทาอะไร อยางไร

226

AUG‐DEC 2018

114

STRATEGIC SOLUTIONS FOR LEADERS IN TURBULENT ENVIRONMENT

• CLASSICAL MANAGEMENT APPROACH

INPUT-PROCESS-OUTPUT

OPTIMIZATION

LINEAR RELATION (CAUSE AND EFFECT)

ROUTINE, WELL DEFINED AND PREDICTABLE ENVIRONMENT

FIXED FUTURE PROJECTIONS

• PARADIGM’S SHIFT OF MANAGEMENT TOOLS

AGILE ORGANIZATION (ADAPTABTION)

CLEAR VISION BUT FLEXIBLE IMPLEMENTATION

RISKS AND SIMULATION

SYSTEM THINKING

227

SECTION 2:

WHAT IS A CRISIS?

228

AUG‐DEC 2018

115

WHAT IS A CRISIS?

• Practitioner most often uses crisis interchangeably with a number of other terms: disaster, business disruption, emergency and so on.

Not high impact as crisisNatural Disaster Happen t= 0

• Crandall W, Parnell J, Spillan J. (2014) defined crisis as “low probability but too high impact”, as well as “ambiguity cause” means that the origins and the effects of crisis might not be known initially.

• Crisis is given in the context of swift decision making thru “leader skill”.

229

SECTION 3:


230

AUG‐DEC 2018

116


EXTERNAL LANDSCAPE

• POLITICAL AND LEGAL FORCES• ECONOMIC FORCES• SOCIAL FORCES• TECHNOLOGICAL FORCES

INTERNAL LANDSCAPE

• INTERNAL POLICY FORCES• CULTURE FORCES• PEOPLE/STAFF FOCRES 231

SECTION 4:


232

AUG‐DEC 2018

117


PRECONDITION

TRIGGER EVENT

CRISIS

POSTCRISIS

BEFORE

DURING

AFTER233

SECTION 5:

AGILE LEADER

234

AUG‐DEC 2018

118

V……..VOLATILITY

U………..UNCERTAINTY

C………….COMPLEXITY

A…………..AMBUIGUITYhttps://www.youtube.com/watch?v=9yg_BLNSYZU&t=0s&list=LLT1QYOFb5WOOJ1ZwAHdQ8Ig&index=14

235

LEADERSHIP AGILITY

https://www.youtube.com/watch?v=X3-nhw-wPcA

236

AUG‐DEC 2018

119

LEADERSHIP AGILITY

Reference:Nick, Pasmore and Tom

237

VUCA VOLATILITY: Clear Set of Vision, Navigate Forward Information, Adaptive Capability

UNCERTAINTY: Risk Management, Operating under Multiple-Outcomes

COMPLEXITY: Understand Key Stakeholders

AMBUIGUITY: Communication Skills, System thinking context

LEADERS SKILL NEED

238

AUG‐DEC 2018

120

SURVIVE IN VUCA

Building Leadership Agility

Communicate effectively

Quick Decisions

Navigate through Complexity

Execution Focused

Managing Cross Culture

Building Leadership Agility

Communicate effectively

Quick Decisions

Navigate through Complexity

Execution Focused

Managing Cross Culture

Reference:EY India

Human Capital Selection

Linkage the selection process with organization vision, missions, goals and competency

Ability to leverage technology for collaboration

Super High Flexibility

Human Capital Selection

Linkage the selection process with organization vision, missions, goals and competency

Ability to leverage technology for collaboration

Super High Flexibility

HR Functions

Align internal HR processes, systems, frameworks to build a change-capable-workforce.

Set up change management unit

Categorize staff by performance based

Managing Talents to work as a team ****

HR Functions

Align internal HR processes, systems, frameworks to build a change-capable-workforce.

Set up change management unit

Categorize staff by performance based

Managing Talents to work as a team ****

239

•LEADER SHOULD NOT THE ONEWHO LEADS BUT HE/SHE WILLHAVE LOTS PEOPLE TO FOLLOW.

240

AUG‐DEC 2018

121

241

242

AUG‐DEC 2018

122



WEEK 13: CRISIS MANAGEMENT(2)

243

TOPICS

A STRATEGIC APPROACH TO CRISIS MANAGEMENT

FORMING CRISIS MANAGEMENT TEAM & WRITING A PLAN

TAKING ACTION

CRISIS COMMUNICATION

244

AUG‐DEC 2018

123

SECTION 1:

A STRATEGIC APPROACH TO CRISIS MANAGEMENT

245

A STRATEGIC APPROACH TO CRISIS MANAGEMENT• Effective crisis management requires that managers understand both

the sources of crisis events and the strategies needed to identify and plan for them.

INTERNAL ANALYSIS

EXTERNAL ANALYSIS

STRATEGY FORMULATION ZZZZZZ

STRATEGY EXCUTION ZZZZZZ

STRATEGY CONTROL

SWOT

Crandall W, Parnell J, Spillan J. (2014) 246

AUG‐DEC 2018

124

SECTION 2:


247


• CMT: CRISIS MANAGEMENT TEAM

INTERNAL ANALYSIS

EXTERNAL ANALYSIS



STRATEGY CONTROL

Identify the crisis threats org facing

Develop Plan Lead Training

Actively Manage Lead post crisis Org Learning

Crandall W, Parnell J, Spillan J. (2014)

248

AUG‐DEC 2018

125

CMT CHARACTERISTICS• ABILITY TO WORK AS A TEAM

• WORK UNDER PRESSURE

• GOOD LISTENING SKILL

• VERBAL SKILL

• CRITICAL THINKING

• VISUALIZATION

249

CMT COMPOSITIONS

C LEVEL

HR

MACOM

FACILITY TEAM

FIN&ACC

LEGAL

OPERATION

OUTSIDE CONSULT

250

AUG‐DEC 2018

126

BASIC COMPONENTS OF CRISIS PLAN

COVER PAGE

TABLE OF CONTENTS

CMT

CMT ROLE

ACTIVATION CMT

COMMANDCENTER LOCAITON

RESPONSEPLANFOR SPECIFICCRISIS

251

SECTION 3:

TAKING ACTION

252

AUG‐DEC 2018

127

TAKING ACTION

INTERNAL ANALYSIS

EXTERNAL ANALYSIS



STRATEGY CONTROL






253

TAKING ACTION-BEGINNING OF A CRISIS

LEADERSHIP IN CMT

SITUATIONAL ASSESSMENT

MITIGATING STRATEGIES

INITIAL COMMUNICATION

GATHER INFORMATION

NEED

GOOD DECISION MAKING GOOD TEAMWORK COMPETENT COMMUNICATION PRIORITIZE & DELIGATE SMART PLANNING

254

AUG‐DEC 2018

128

• DAMAGE CONTAINMENT MINIMIZING LOSS

TAKING ACTION-DURING CRISIS

• COMMUNICATING WITH INTERNAL & EXTERNAL STAKEHOLDERS

• EVALUATING255

• Organizations need BCP “Business Continuity Plan” (Week14) to continue its business.

TAKING ACTION-BACK ON ITS FEET

• Organizations can continue when staff, outsource, IT, building can normally operate.

• Both physical and mental staff should take into account.

256

AUG‐DEC 2018

129

SECTION 4:


257


INTERNAL ANALYSIS

EXTERNAL ANALYSIS



STRATEGY CONTROL






258

AUG‐DEC 2018

130

BASIC CRISIS COMMUNICATION• Crisis communication is the direct role of leader.

It is the important process to protect the loss of goodwill.

initial

• Think about uniqueness of dialogue• Objective the key massage

internal

• Command & Control Function• Organization’s Employee

external

• Designating a Spokesperson• Communicate with Media

259

ACTIVITY 11: TELL YOUR STORY

260

AUG‐DEC 2018

131

261

262

AUG‐DEC 2018

132



WEEK 14: BUSINESS CONTINUITY MANAGEMENT

(BCM)263

TOPICS

RATIONALE OF BCM

BCM STANDARD

BCM FRAMEWORK

CASE STUDY IN THAI COMPANIES

264

AUG‐DEC 2018

133

SECTION 1:

RATIONALE OF BCM

265

BUSINESS CONTINUITYMANAGEMENT

POLITICAL INSTABILITY

NATURAL DISASTER

STRIKE

266

AUG‐DEC 2018

134

RATIONALE OF BCMI. INCLINING UNCERTAIN EVENTS LEADING TO DISCONTINUITY

2549 2549-2552 2553 2554

267

แผนหนไฟ

แผนอบตภยหม

Business Continuity Management/Plan

คนรอด……..

องคกรรอด..

เอาชนะคแขง..

งานบรหารความเสยง คณะแพทยศาสตรโรงพยาบาลรามาธบด 4

AUG‐DEC 2018

135

RATIONALE OF BCMII. INCLINING UNCERTAIN EVENTS LEADING TO DISCONTINUITY

269

RATIONALE OF BCM

ทานจะ Operate งาน IPD, OPD, OR อยางไร เมอเกดเหตนาทวมใหญรอบ รพ. (สงจากพนดน 1.5 M)

หรอหากเกดไฟไหม…. จะปฏบตงานไดแบบเดมหรอไม หรอถาตองลด Scope งาน จะเลอกทางานอะไร และไมทาอะไร และจะทาแบบเดม แลวใครจะตองทา………………………….

270

AUG‐DEC 2018

136

ACTIVITY 8: TELL YOU STORY

HOW YOUR ORGANIZATION ARE SURVIVED?

271

SECTION 2:

BCM STANDARD

272

AUG‐DEC 2018

137

BCM STANDARD

BS 25999

ISO 22301

PRIO

R

NO

W

273

CERTIFIED BY BCMI-SINGAPORE


AUG‐DEC 2018

138

CERTIFIED BY PECB-ISO


BCM BS 25999 VS ISO 22301 FRAMEWORK

BCM Planning Methodology

Project Management

Risk Analysis and Review

Business Impact Analysis

Recovery StrategyPlan Development

Testing and Exercising

Program Management

BS25999ISO 22301


AUG‐DEC 2018

139

SECTION 3:

BCM FRAMEWORK

277

BCM ISO 22301 FRAMEWORK

PLAN

Initial Program

Understand ORG

Existing System

BC Policy

ORG Structure

Competency

DO

Risk

BIA

Strategy

Measurement

BC Plan

Communication

Testing

CHECK

Monitoring System

Internal Audit

Management Review

ACT

Non-Confirm&Corrective Action

Continuity Improve

278

AUG‐DEC 2018

140

SECTION 4:


279


• WHY K-BANK HAS THREE HEAD OFFICE BUILDINGS ??

280

AUG‐DEC 2018

141

281

282

AUG‐DEC 2018

142



WEEK 15: WRAP-UP SESSION

283

TOPICS

PART 1: ENTERPRISE RISK MANAGEMENT

PART 2: PROJECT RISK MANAGEMENT

PART 3: CRISIS AND BUSINESS CONTINUITY MANAGEMENT

QUESTION & ANSWER

PART 4: TREND OF FUTURE RESEARCH

284

AUG‐DEC 2018

143

285

ogm 651-enterprise risk management (erm)patipanerm.com/file/e04d2e9d441cad51420d623600d9ddd6.pdf ·...

Documents