Importance of Risk Management
MGD426 Risk Management Overview A risk is, consequently, a hazard that can derail an organization from accomplishing a business process, project, or any activity that is vital to a company’s sustenance. There are different classifications of risks: financial, operational, infrastructure, human capital, and marketing risks. These risks embody subcategories of risks that can negatively affect the company.
Leverage, receivables, and investments are risks can hinder the financial situations of a company. The decline of profits, increased losses, and negative impact on business processes are some of the costs in the failure to control risks.
Similarly, operational risk includes many losses that are associated with “internal processes, people and systems or from external events” (The Basel Committee, 2004). By continually improving operations, firms are better able to gain competitive advantage. Operational risks occur from the execution of a company’s business process. Although it is a relatively vague concept, it can be summed into a three-fold focus: processes, people, and systems. Internal fraud can be categorized into unauthorized activity, as well as theft and fraud; where as external fraud can be categorized with systems security, and theft and fraud.
Importance of Assessment and Management In order for an organization to achieve certain objectives, coming across risks is almost inevitable. Organizations that are aware of such calamities are, more often than not, enabled to actively manage hazards and encompass potential opportunities for competitive advantage. This precisely means that contingency planning is important as uncontrollable risks (i. e. environmental factors) can occur at any time. While an organization cannot stop these hazards from occurring, they can mitigate the negative effects.
By mitigating these risks with necessary responses, the company can aim their resources at improving or continuing their business processes. Therefore, the emphasis is, principally, on identifying and managing these hazards. Sustainable value is essential to the company and its activities; minimized uncertainty of goal achievement as well as maximized possibility of success. Competing in a dynamic environment leaves gap for uncertainty of the future. Briefly touched upon previously, this enables certain risks to not be accounted for.
Risk management, as aforementioned, is a discipline that needs to be implemented by all companies. It is becoming increasingly important because of the dynamics of the environments in which an organization runs (technological, political, social, etc. ). For example, the effects of natural disasters can be mitigated but not stopped. Terrorism is a risk that cannot be calculated and accounted for prior to. All these questions and inquiries relay back to the umbrella question; why is risk management and/or risk assessment important to an organization?
Risk assessment is a portion of Risk Management; it is a formulated procedure for making sure that firms are not exposed to deplorable hazards. Taking into context the previously mentioned information, it is not of much use if the scale of the risk is not measured. Once measured, the organization would rally against how likely it is and what the organization can/should/will do to mitigate its effects. Contingency planning, as mentioned, is a risk management technique that comes about based on the assessment of the risk.
Building on risk assessment, a risk that is not managed correctly will cause the firm to be affected negatively. These negative effects can be financial, operational, infrastructural, related to human capital or market: classifications of risk. Moreover, risk management is only effective if the assessment is done correctly. Both go hand in hand; the magnitude of the risk determines the management procedures. Reducing the risk of accidents to the company can allow the company to better relocate its resources towards its operational needs rather than additional risk management or risk recovery.
Risk Response The response to a risk is done by the concept of the 4 T’s (terminate, tolerate, treat, and transfer). By terminating risks, you are, inherently, doing things in a different manner and, thus, removing the risk. Tolerate means that nothing can be done a reasonable cost to mitigate the risk or the likelihood and impact are at a reasonable level. Moreover, treating risks is taking certain actions to control a risk by, either, mitigating the likelihood of it emerging or limiting the effect it will have on the business process/project.
Lastly, transfer of risks is primarily the underlying principle behind insurance transactions. Specifically, a risk, outline in the insurance or contract, can be passed from a party who does not want the risk to another party who will take it (either for free or a premium – insurance). Financial Risk Management Financial risk management is, primarily, concerned with the economic value of an organization and the effects to it. The management aspect deals with the exposure to risk, and the response to it.
Two primary risks involved in financial sectors of firms are credit risks and market risks (while others include Forex (foreign exchange), volatility, liquidity, inflation, etc. ). Since financial risk is a factor in all organizations, it is important to respond to any volatility that may occur – as it would affect the firm negatively. These risks primarily mean that a firm who is unable to appropriately manage their financial operations will be subjugated by losses. As stated previously, credit risk, which is the inability for a business partner to compensate for a loan or satisfy other monetary contract, will, obviously, damage the company.
This is apparent since the company will be at a loss since the firm who adheres to a loan contract is not able to pay back the moneys. Risk assessment for this particular risk includes a “risk and control self-assessment” (RCSA). This is a set of directives, which help avoid any financial detriment because of fraud, carelessness, and/or technological malfunction. As with any other risk assessment technique, classification of whether it is low, medium, or high level risk is determined based on the estimated loss.
This type of risk assessment falls under the ‘treat’ classification of risk response as a certain action is implemented in order to control/mitigate the risk. As stated, in this brief example, the importance of risk assessment and management is vital to an organization. Works Cited “Briefing Paper H: Risk Management. ” Governance and Social Development Resource Centre. N. p. , n. d. Web. <http://www. gsdrc. org/docs/open/CON83. pdf>. “Corporate Governance Risk Management Policy. ” Isle of Man Government. N. p. , n. d. Web.