University Report: Risk Management Process Guidelines in Business

Verified

Added on 2021/06/14

AI Summary

This report delves into the essential guidelines of the risk management process, crucial for business sustainability in today's competitive landscape. It begins by defining risk and its various types, including compliance, strategic, financial, operational, and goodwill risks. The report outlines a step-by-step approach to risk management, starting with risk assessment, which involves identifying and categorizing potential risks using techniques like SWOT and PESTLE analysis. The subsequent steps include risk analysis, treatment planning (reducing, avoiding, sharing, and accepting risks), and the ongoing management and monitoring of risks through the use of risk assessment matrices and fraud control processes. The report emphasizes the importance of continuous improvement, transparency, and the integration of risk management into organizational processes. It also highlights the significance of developing contingency plans, updating risk registers, and involving risk management committees to effectively mitigate potential threats and ensure long-term business stability.

Running head: RISK MANAGEMENT PROCESS GUIDELINES
Risk Management Process Guidelines in business risks
Student Name
University Name

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2RISK MANAGEMENT PROCESS GUIDELINES
Table of Contents
Introduction......................................................................................................................................3
Step 1:- Assessing the risk-Identification of the risk.......................................................................5
Step 2 - Analysis of the risk and reviewing it................................................................................10
Step 3: Risk treatment plan with appropriate actions....................................................................14
Step 4 Managing and Monitoring Risks........................................................................................16
Step 5: Risk Closure......................................................................................................................18
Conclusion.....................................................................................................................................19
References......................................................................................................................................20
Appendices....................................................................................................................................21

3RISK MANAGEMENT PROCESS GUIDELINES
Introduction
In modern business times, all the business organizations are driving towards
sustainability due to increase in competition in the business environment. However, the biggest
barrier to sustainability is risk management. If an organization is successful in effective risk
management, then, they can easily be sustainable in the long-run.
What is Risk?
Any uncertainty behind any event of a business organization is termed as risk. There are various
types of risks and different forms of risk management process that any business organization
needs to trigger in order to nullify the risk (McNeil, Frey & Embrechts, 2015).
What are types of risk and impact of those risks?
According to AS/NZS ISO 31000:2009 Risk Management, there are various types of risks that a
business organization needs to encounter (Standards Australia/Standards New Zealand Standard
Committee, 2009). These are as follows:-
 Compliance Risk-Related to Legal Terms
 Strategic Risk-Deals with various short term or long term strategies
 Financial Risk- Risk related to finance and liquidity
 Operational Management Risks- Risk related to smooth flow of operations
 Goodwill Risk-Risk of losing out the Goodwill (Glendon, Clarke & McKenna, 2016).
Principles to be kept in mind for Risk Management Process
1. Creates and protects value of the firm
2. Be an integral part of organizational processes

4RISK MANAGEMENT PROCESS GUIDELINES
3. Decision making part
4. Addressing Uncertainty
5. Systematic and Timely Results
6. Implementation based upon best possible information
7. Being Tailored
8. Human and Cultural factors to be taken under consideration
9. Being Transparent
10. Being Dynamic
11. Continuous Improvement (Sadgrove, 2016).
Steps of Risk Management
There are various steps for risk management process. These are as follows:-
 Identification and assessing the risk
 Risk Analysis and Review
 Treating of the risk
 Monitoring/ Reviewing and Contingency Plan
 Closing the risks
This can be further explained with the help of the following figure:-

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5RISK MANAGEMENT PROCESS GUIDELINES
Figure 1: Steps in Risk Management Process
(Source Glendon, Clarke & McKenna, 2016).
Step 1:- Assessing the risk-Identification of the risk
Need for this step and its importance
It is of great essence for any business organization to identify the required risk and take
appropriate steps in order to mitigate them. The top level management of the respective business
organization needs to identify the cause and the effect of the prospective risk.
So how can they identify and do it?
These are the possible steps:-
 First, the probable risk should be identified
 All the given risks need to be categorized according to their likelihood
 The stakeholders of the risk needs to be identified in a timely manner
Identification and assessing the risk
Risk Analysis and Review
Treating of the risk
Monitoring/ Reviewing and Contingency Plan
Closing the risk

6RISK MANAGEMENT PROCESS GUIDELINES
 The main reason behind the risk also needs to be identified and evaluated
 Existing risk management register needs to be reviewed (McNeil, Frey & Embrechts,
2015).
Identification of the required risk
This given step involves the cause and effect of any particular event occurred in a particular
business organization.
Risk can be identified and determined with the help of the following variables
1. What went wrong?
2. Why it went wrong?
3. What is the potential impact of the event?
All the above events can be described and termed as risk.
There are several ways and techniques in order to identify the risks of any particular business
organization (Sadgrove, 2016). These techniques are as follows:-
 SWOT analysis
 PESTLE analysis
 Scenario analysis
 Checklist
 360 Feedback Approach
 Customer review (Bessis, 2015).
For example, the organization encountered a financial loss of $5000 due to theft due to
ineffectiveness of the security system

7RISK MANAGEMENT PROCESS GUIDELINES
This is an example of financial risk which caused due to failure of the security system of the
organization.
Categorization of Risks
There are various types of risk that occur in a business organization. The segmentation of the
risks should be done on the basis of the following:-
 Common themes of the risks
 Root cause of the business risks
 Similar cause and effect relationships
 Similar pattern of relationships (Modarres,Kaminskiy & Krivtsov, 2016)
Few examples of Categorization of Risks are as follows:-
Risks Risk committee
Financial management Finance Department
Security Risk Finance Department
Technological risk Information technology
Workplace Health and Safety WHS
Systematic Risk Operations Management
Table 1: Type of risks and respective risk management committee
(Source: Haimes, 2015).
This can be further explained with the help of Appendix 2.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

8RISK MANAGEMENT PROCESS GUIDELINES
Few other processes that can be followed in the step which can be explained with the assist of the
following figure:-
Figure 2: Assessment of the risks
It is of great importance to review the existing risk register and categorize the risks after its
identification. The likelihood of the risks need to be reviewed after quarterly report of EBD’s
risk management Reports and findings. The likelihood of the risks should be measured according
to the severity level after reviewing the committees report (Modarres, 2016). This can be done
with the help of the following table:-

9RISK MANAGEMENT PROCESS GUIDELINES
Negligible Marginal Critical Certain to
happen
Minimal Risk Possible
Risk
Likely to
Happen
maximum
importance;
LOW
This risk has
rarely been a
problemand
never
occurred at a
business
environment
MEDI UM
This risk will
MOST LIKELY
occur at
business
environment
HI GH
This risk will
occur
maximum
times
SEVERE (11)
MEDIUM
(3) HIGH (7) HIGH (9) EXTREME
(12)
Severity
Probability
LOW (1) MEDIUM
(4)
MEDIUM
(6) HIGH (10)
LOW (2) MEDIUM
(5) HIGH (8)
Table 1: Risk Assessment Matrix
(Source: Haimes, 2015).
Based upon the report, the risk can be assessed with the help of the above risk assessment matrix.
In addition to this, the organization can also use Risk Assessment Table to assess their respective
internal and external risks of their respective business organization.

10RISK MANAGEMENT PROCESS GUIDELINES
Step 2 - Analysis of the risk and reviewing it
Risk Analysis
The second step of risk management is analysis of the risk. Risk analysis is important to develop
a perfect understanding of the risk and to identify the level of the risk. With the help of effective
risk analysis of business organization can take their respective decisions (Bessis, 2015).
Use of this step
Risk analysis is also used to identify the consequence and likelihood of risk occurrence. Before
analysis of risk, the organization needs to collect all the respective data required from various
risk assessments. This can be both from internal sources as well as from external sources
(Modarres,Kaminskiy & Krivtsov, 2016)
Process of this step
Figure 3: Risk Analysis and Review

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

11RISK MANAGEMENT PROCESS GUIDELINES
The process of risk analysis can be divided into three parts which are reviewing of data of risk
assessments, defining the significant risk management plans and developing the risk
management plans (Glendon, Clarke & McKenna, 2016).
While reviewing existing risk assessment data, few things need to be kept on mind. These are as
follows:-
 Whether there are existing risk management controls are present or not
 What is the additional mechanism required to process and rectify the risk.
After reviewing all the required data, risk management plans needs to be defined and developed
according to the needs and requirements of the respective organizations. While developing risk
management plans several controls like preventive, detective and corrective control plans need to
be developed by the management of the business organization (McNeil, Frey & Embrechts,
2015).
Figure 4: Type of Risk management Controls

12RISK MANAGEMENT PROCESS GUIDELINES
(Source: Glendon, Clarke & McKenna, 2016).
After establishing the risk management control the organization need to determine the likelihood
of risk occurring. This can be done by analyzing existing control and how effective there in this
mitigation. After this, it is important analyses the consequence of risk occurring. The risk
manager need to determine which department is going to have a large impact. This can be done
with the help of risk assessment matrix. After this the risk manager need to calculate the risk
rating. Based on the highest rating the risk manager need to take the appropriate steps (Hopkin,
2017).
Risk Evaluation
After risk analysis, it is of utmost importance to evaluate the risks existing in the business
environment. Evaluation of the risk can be done with the assist of three major steps, which are
controlling the risk, Determination of Risk Target and Development of the Treatment Plan
(Peltier, 2016).
Controlling the risk
Risk manager can control with the help of using risk rating responses. With the help of effective
data collection of different types of risks, the risk manager can take steps to control the risk
(Sadgrove, 2016).
Determination of Risk Target
It is of great Essence for the risk manager to determine an effective risk target. This target will
vary from business-to-business and department to department. This also depends upon the risk