risk management(mba general, 1st semester) by sir aftab parvez

8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez

1/17

RISK MANAGEMENT

RiskRiskis defined as the effect of uncertainty on objectives(whether positive or negative)

Risk managementRisk manag

ement can therefore be considered the identification,assessment, and prioritization of risks followed by coordinated

and economical application of resources to minimize, monitor,and control the probability and/or impact of unfortunate eventsor to maximize the realization of opportunities


2/17

RISK MANAGEMENT

Risks can come fromRisks can come from

uncertainty in financial markets,uncertainty in financial markets,

project failures, legal liabilities,project failures, legal liabilities,

credit risk,credit risk,accidents,accidents,

natural causes andnatural causes and

disasters as well as deliberate attacks fromdisasters as well as deliberate attacks from

an adversaryan adversary


3/17

RISK MANAGEMENT

Several risk management standards have been developed;Several risk management standards have been developed;

Project Management InstituteProject Management Institute

The National Institute of Science and TechnologyThe National Institute of Science and Technology

Actuarial societies,Actuarial societies,

And ISO standardsAnd ISO standards

Methods, definitions and goals vary widely according toMethods, definitions and goals vary widely according to

whether the risk management method is in the context ofwhether the risk management method is in the context of

project management, security, engineering, industrialproject management, security, engineering, industrial

processes, financial portfolios, actuarial assessments, orprocesses, financial portfolios, actuarial assessments, or

public health and safetypublic health and safety


4/17

RISK MANAGEMENTRISK MANAGEMENT

The strategies to manage risk include;The strategies to manage risk include;

transferring the risk to another party,transferring the risk to another party,

avoiding the risk,avoiding the risk,

reducing the negative effect of the risk,reducing the negative effect of the risk,and accepting some or all of the consequencesand accepting some or all of the consequences

of a particular risk.of a particular risk.


5/17

RISK MANAGEMENT

INTRODUCTION:INTRODUCTION:

In ideal risk management, a prioritizationIn ideal risk management, a prioritizationprocess is followed whereby the risks with theprocess is followed whereby the risks with the

greatest loss and the greatest probability ofgreatest loss and the greatest probability of

occurring are handled first, and risks withoccurring are handled first, and risks with

lower probability of occurrence and lower losslower probability of occurrence and lower lossare handled in descending order. In practiceare handled in descending order. In practice

the process can be very difficult, and balancingthe process can be very difficult, and balancing

between risks with a high probability ofbetween risks with a high probability of

occurrence but lower loss versus a risk withoccurrence but lower loss versus a risk with

high loss but lower probability of occurrencehigh loss but lower probability of occurrencecan often be mishandled.can often be mishandled.


6/17

RISK MANAGEMENT

Intangible risk management identifies a newtype of a risk that has a 100% probability ofoccurring but is ignored by the organizationdue to a lack of identification ability. For

example, when deficient knowledge is appliedto a situation, a knowledge risk materializes.

Relationship risk appears when ineffectivecollaboration occurs.

Process-engagement risk may be an issuewhen ineffective operational procedures areapplied.


7/17

RISK MANAGEMENT

These risks directly reduce theThese risks directly reduce theproductivity of knowledge workers,productivity of knowledge workers,

decrease cost effectiveness,decrease cost effectiveness,

profitability, service, quality,profitability, service, quality,

reputation, brand value, and earningsreputation, brand value, and earningsquality. Intangible risk managementquality. Intangible risk management

allows risk management to createallows risk management to create

immediate value from theimmediate value from the

identification and reduction of risksidentification and reduction of risks

that reduce productivity.that reduce productivity.


8/17

RISK MANAGEMENT

Risk management also facesRisk management also facesdifficulties allocating resources. Thisdifficulties allocating resources. Thisis the idea ofis the idea ofopportunity cost.opportunity cost.

Resources spent on risk managementResources spent on risk managementcould have been spent on morecould have been spent on moreprofitable activities. Again, ideal riskprofitable activities. Again, ideal riskmanagement minimizes spending andmanagement minimizes spending andminimizes the negative effects ofminimizes the negative effects ofrisks.risks.


9/17

RISK MANAGEMENT

METHOD:METHOD:

For the most part, these methods consist of thefollowing elements, performed, more or less, in thefollowing order.

identify, characterize, and assess threatsidentify, characterize, and assess threats assess the vulnerability of critical assets to specificassess the vulnerability of critical assets to specific

threatsthreats

determine the risk (i.e. the expected consequencesdetermine the risk (i.e. the expected consequences

of specific types of attacks on specific assets)of specific types of attacks on specific assets) identify ways to reduce those risksidentify ways to reduce those risks

prioritize risk reduction measures based on aprioritize risk reduction measures based on a

strategystrategy


10/17

PRINCIPALS OF RISK MANAGEMENT

Risk management should:Risk management should:

create value.create value. be an integral part of organizational processes.be an integral part of organizational processes.

be part of decision making.be part of decision making.

explicitly address uncertainty.explicitly address uncertainty.

be systematic and structured.be systematic and structured. be based on the best available information.be based on the best available information.

be tailored.be tailored.

take into account human factors.take into account human factors.

be transparent and inclusive.be transparent and inclusive. be dynamic, iterative and responsive to change.be dynamic, iterative and responsive to change.

be capable of continual improvement andbe capable of continual improvement andenhancementenhancement


11/17


12/17

PROCESS-RISK MANAGEMENT

Establishing the contextEstablishing the contextinvolves:involves: IdentificationIdentification of risk in a selected domain ofof risk in a selected domain of

interestinterest

PlanningPlanning the remainder of the process.the remainder of the process.

Defining a frameworkDefining a framework for the activity and anfor the activity and anagenda for identification.agenda for identification.

Developing an analysisDeveloping an analysis of risks involved in theof risks involved in theprocess.process.

MitigationMitigation of risks using availableof risks using available

technological, human and organizationaltechnological, human and organizationalresources.resources.


13/17


IDENTIFICATIONIDENTIFICATION

After establishing the context, the nextAfter establishing the context, the next

step in the process of managing risk is tostep in the process of managing risk is to

identify potential risks. Risks are aboutidentify potential risks. Risks are about

events that, when triggered, causeevents that, when triggered, cause

problems. Hence, risk identification canproblems. Hence, risk identification can

start with the source of problems, or withstart with the source of problems, or withthe problem itselfthe problem itself


14/17


IDENTIFICATION

Source analysisSource analysis Risk sources may beRisk sources may beinternal or external to the system that isinternal or external to the system that isthe target of risk management. Examplesthe target of risk management. Examplesof risk sources are: stakeholders of aof risk sources are: stakeholders of a

project, employees of a company or theproject, employees of a company or theweather over an airport.weather over an airport.

Problem analysisProblem analysisRisks are related toRisks are related toidentified threats. For example: theidentified threats. For example: the

threat of losing money, the threat ofthreat of losing money, the threat ofabuse of privacy information or theabuse of privacy information or thethreat of accidents and casualtiesthreat of accidents and casualties.


15/17


IDENTIFICATION

When either source or problem is known, the eventsWhen either source or problem is known, the events

that a source may trigger or the events that can lead tothat a source may trigger or the events that can lead toa problem can be investigated. For example:a problem can be investigated. For example:

stakeholders withdrawing during a project maystakeholders withdrawing during a project may

endanger funding of the project; privacy informationendanger funding of the project; privacy information

may be stolen by employees even within a closedmay be stolen by employees even within a closed

network; lightning striking a Boeing 747 during takeoffnetwork; lightning striking a Boeing 747 during takeoffmay make all people onboard immediate casualties.may make all people onboard immediate casualties.

The chosen method of identifying risks may depend onThe chosen method of identifying risks may depend on

culture, industry practice and compliance. Theculture, industry practice and compliance. The

identification methods are formed by templates or theidentification methods are formed by templates or the

development of templates for identifying source,development of templates for identifying source,

problem or eventproblem or event.


16/17


IDENTIFICATIONIDENTIFICATION

Common risk identification methods are:Common risk identification methods are: Objectives-based risk identification:Objectives-based risk identification: OrganizationsOrganizations

and project teams have objectives. Any event thatand project teams have objectives. Any event that

may endanger achieving an objective partly ormay endanger achieving an objective partly or

completely is identified as risk.completely is identified as risk.

Scenario-based risk identification:Scenario-based risk identification: In scenarioIn scenario

analysis different scenarios are created. Theanalysis different scenarios are created. The

scenarios may be the alternative ways to achieve anscenarios may be the alternative ways to achieve an

objective, or an analysis of the interaction of forcesobjective, or an analysis of the interaction of forcesin, for example, a market or battle. Any event thatin, for example, a market or battle. Any event that

triggers an undesired scenario alternative istriggers an undesired scenario alternative is

identified as risk.identified as risk.


17/17


Taxonomy-based risk identification:Taxonomy-based risk identification: taxonomy-taxonomy-

based risk identification is a breakdown ofbased risk identification is a breakdown ofpossible risk sources. Based on the taxonomy andpossible risk sources. Based on the taxonomy andknowledge of best practices, a questionnaire isknowledge of best practices, a questionnaire iscompiled. The answers to the questions revealcompiled. The answers to the questions revealrisks.risks.

Common-risk checking:Common-risk checking: In several industries listsIn several industries listswith known risks are available. Each risk in thewith known risks are available. Each risk in thelist can be checked for application to a particularlist can be checked for application to a particularsituation.situation.

Risk charting:Risk charting: This method combines the aboveThis method combines the aboveapproaches by listing resources at risk, Threats toapproaches by listing resources at risk, Threats to

those resources Modifying Factors which maythose resources Modifying Factors which mayincrease or decrease the risk and Consequences itincrease or decrease the risk and Consequences itis wished to avoid.is wished to avoid.

risk management(mba general, 1st semester) by sir aftab parvez

Documents