- Category: Management and Leadership Resource Centre
Definition of Risk Management...
Risk is a phrase used to describe the uncertainty of the outcome of a future or current event. The level of uncertainty defines the level of risk.
Risk management is the structured process of identifying, quantifying and managing the uncertainty related to a future or current event.
Disaster Risk Management (DRM) is a holistic approach to managing both risk and disaster through combined and effective mitigation and contingency management.
History of Risk Management...
Risk management was there from the beginning of time. For that matter, fife in itself is a terminal illness, since every living thing, without exception, will die. Consequently, life in itself holds no risk, since the outcome is certain. On the other hand, when, where and how death will take place holds immense risk since this information is totally uncertain, resulting in goals that might be unattained. The reason I’m mentioning this is to allude you to the fact that risk management is something that humans have been living with from the very moment of conscious awakening. During the agriculture age, farmers would manage risk by storing food, and diversifying their produce. But, it was in the 1800’s, during the industrial age of profit maximisation when risk management became financial. From here onwards risk management became a mathematical science…
1733: DeMoivre develops the mathematics of normal distribution, also known as the bell curve. This has significant implications for risk management theory. Unfortunately DeMoivre’s paper was only discovered in 1924 by Karl Pearson.
1875: Francis Galton, an English amateur statistician discovers of regression to the mean.
1945 onwards: The study of risk management, after World War II, gains interest and its practical application is recognised.
1945 – 1950: Risk management mostly insurance-based, to protect individuals and companies from various losses.
1950 onwards: Alternatives to insurance are investigated as the need for other forms of risk management grows. This was due to the high cost of market insurance and its inability to protect people and companies against pure risk.
1952: U.S. finance theorist Harry Markowitz, develops the application of quantified diversification to portfolio management.
1970 onwards: The use of derivatives as risk management instruments expanded rapidly as companies intensified their financial risk management.
1980 onwards: International risk regulation begins and financial firms developed internal risk management models and capital calculation formulas to hedge against unanticipated risks and to reduce regulatory capital.
Types of Risk Management...
Credit risk is the uncertainty that a person or organisation can or will meet their financial obligations, as initially agreed. This risk is managed by adjusting the rate of return, by ensuring that the debtor has sufficient assets to cover his / her liabilities and by assessing and evaluating the debtors credit history.
ERM analyses opportunities and threats within an organisational environment and then exploits opportunities and minimises threats in order to achieve organisational goals. The aim of enterprise risk management is therefore to both, seize speculative risk and mitigate pure risk to advantage of the organisation.
Market risk management is the ability to manage the uncertainty relating to movement in market prices. Commonly market risk is caused by the volatility in equity, interest rates, currency rates and commodity prices. The most common way to manage market risk to weigh probability of an unstable circumstance to occur against the cost of such circumstance if it does occur. This is best measured through Value at Risk (discussed below).
Operational risk is primarily process-based and measures the uncertainty of resource performance within cyclic action, against expected results. In other words it manages the risk of how our people, money and assets enable internal processes to function within an externally uncertain environment.
Project risk management relates to the uncertainty of completing a non-repetitive task to satisfaction of pre-set time, quality and cost standards. Operational risk, on the other hand, works with the uncertainty of completing repetitive tasks. Project risk is managed through carefully scheduling time, task dependency and resources and testing project viability through capital budgeting techniques.
Strategic Risk Management
This relates to the uncertainty of effectively increasing sponsorship from an external environment. Strategic risk therefore primarily addresses the accuracy of insight. Where leaders, for instance, choose the wrong direction or waste resources on irrelevant action, they, in doing so, realise strategic risk. This is the most dangerous risk for any organisation.
The Risk Management Process...
Risk identification is the process of anticipating possible events that will cause deviation from a pre-determined outcome. This process involves the identification and classification of such an event. Part of risk identification is also to fully understand the characteristics and nature of a possible event.
Risk quantification is the process of predicting probability (likelihood of happening) and impact (severity of occurrence) and then allocating a rating to such. Ratings are done in percentages (%), but we mostly present the rating as a fraction, e.g. probability = .3 instead of 30% and impact .6 instead of 60%. This makes the numbers more manageable. We will obtain risk value by multiplying probability with impact.
Risk management is the design of mitigation plans that will efficiently reduce the probability of an undesired event from happening and the development of contingency plans that will effectively reduce the impact where such undesired event actually happens.
Criticism towards Risk Management...
The risk management process starts with identification, followed by quantification and then managing the risk. In terms of quantification and management, there is ample scientific and developed methodology.
The problem lies with the effectiveness of risk identification. In whichever way you do this, it will stay a highly subjective exercise. Risk can only be managed if we can identify and quantify probability. But where no history of frequency exists, our estimation of probability will stay a guessing exercise. The September 11 attacks on the Twin Towers in New York City are one of many examples where probability was simply impossible to estimate.
Even though quantification has well developed mathematics, to a large extent it stays subjective, since it is people who allocate numbers to probability and impact. I once ran a risk management workshop with a well-established risk department. I divided the delegates into four groups and give each group the same scenario with the instruction to identify risk and then quantify probability and impact relating to such. During feedback, each one of those groups gave a different risk analysis, thus proving the subjectivity relating to risk quantification. In my experience the best way to mitigate subjectivity is to ensure that those who identify and quantify risks have a high level of experience in the field that they are assessing. Thus the best people to do so is line management and frontline employees.
Articles & Blog Posts on Risk Management:
Follow Derek Hendrikz on Derek's Blog and My Articles and get all his write up's on a variaty of topics... Click Here!
No articles of blog posts currently available
Video Clips on Risk Management:
Follow Derek Hendrikz on YouTube and get all his Video Presentations on a variaty of topics... Click Here!
PowerPoint Slides on Risk Management:
Follow Derek Hendrikz on Slideshare and get all his PowerPoint Slide Presentations on a variaty of topics... Click Here!
Process Flow Charts on Risk Management:
Templates on Risk Management:
- No Templates Available
Psychometric Tests and Questionnaires on Risk Management:
- No Tests or Questionnaires Available