Integrating Risk Management with Strategic Plans and Operations

Verified

Added on 2019/09/16

AI Summary

This report delves into the critical aspects of integrating risk management with a corporation's strategic plan and ensuring its presence in day-to-day business operations. It emphasizes the importance of managing technology-driven risks, such as system failures and data loss, and aligning risk management with the company's overall strategy. The report explores Enterprise Risk Management (ERM) and a step-by-step approach to risk management, including identification, assessment, analysis, implementation, monitoring, and evaluation. It also discusses project risk management, detailing the planning process, monitoring, and control mechanisms. Furthermore, the report examines qualitative and quantitative risk analysis techniques, the appropriate amount of risk a project manager should take, and the factors influencing risk tolerance. A decision tree analysis for litigation settlement is provided to illustrate decision-making under uncertainty. The document is contributed by a student to be published on the website Desklib. Desklib is a platform which provides all the necessary AI based study tools for students.

1. How can you integrate the risk management with the corporation’s strategic plan?
How can you ensure that it is a part of the day-to-day operations of business units?
Almost all the business in the world is driven by technology and all the operations of the
business are dependent on the technology. With more dependency on technology, there are
various risks that the firms face like the failures in the systems, the data in the systems getting
corrupted, the loss of data, the inaccessibility of the systems and data etc. These are all the risks
that the companies and their management face. Some of them are driven by the business; some
are event driven, while some of them are driven by the data. So, these need to be managed and
they have to be integrated with the strategic plan of the company. If the risk is not management
in line with the strategy, there is no use of putting time and cost in it.
For example, the enterprise risk management helps in integrating the risks with the strategic
planning of the company. It helps in analyzing that how the strategic initiatives can help in
increasing or introducing the risks that have the potential to affect the goals of the company.
With ERM, the weaknesses can be spotted and the most effective risk management can be
planned and implemented.
There has to be an approach which ensures that the risk management activity is a part of the day-
to-day operations of the business units of the company. This approach starts with the
identification of risk, its assessment, analysis, implementation, monitoring and evaluating the
risk (Pritchard, 2014). Monitoring is the most important step in this because if the risk is
continuously monitored, it will remain in line with the achievement of the strategy of the
organization; otherwise it may go in some other direction and may harm the company.
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2. Why and how we plan for Project Risk Management?
We plan for project risk management because there are unexpected problems that are
encountered by the project managers. There are many circumstances and situations that come up
which makes the team members of the project get stick to a point or they do not understand how
to get out of the problem. If these situations are planned in advance the team members can find
their own solution and they will not waste time to take guidance from any senior people.
Basically, the planning for project risk management happens for identifying the potential
problems that can cause trouble to an excellent project, for analyzing their occurrence, for getting
ready to deal with them if they occur and for minimizing their effect on the project (Lam, 2014).
Now talking about how the planning is done for the project risk management, it involves a series
of few steps. The first one is the identification of risks and preparation of a list of the potential
risks, then the risks are evaluated in terms of their impact, seriousness etc. Then, a risk mitigation
plan is developed that may involve avoiding the risk, sharing it, reducing it or transferring it.
Finally, the planning gets completed when a contingency plan gets developed for managing the
risk during the implementation of the project.
2

3. Why and how to monitor and control project risk?
It is very important to monitor and control the project risk because if the identified risks are not
tracked, they can damage the project and the entire planning will go in vain. When the company
plans about the risk management, they have to evaluate that whether the plans and strategies are
effective or not. This needs to be done throughout the life cycle of project. Thus, it is necessary
to monitor and control the project risk. There are some responses to the risks that are planned in
advance and they are integrated into the project when required. So, when the contingencies are
faced by the project manager, he has to evaluate the risk response, which is done by monitoring
and controlling activity.
The project risk is monitored and controlled by evaluating that whether the assumptions of the
project that were made earlier are still valid or not, the degree to which the risk has changed from
its prior state, the effectiveness and following of the risk management policies and procedures
and the evaluation of the contingency reserves that needs to be modified in accordance with the
risk that the project faces (Acebes, 2016). This is how the project risk is monitored and
controlled.
3

4. Given the decision tree below, with the probabilities at chance forks shown in
parentheses and with the payoffs at terminal points shown on the right. Analyze this
decision tree to obtain the best decision.
The decision tree is made to take the decision regarding settling of the litigation. There are two
perspectives by which this can be decided: one is when the judge will not allow the state of the
art defense and the other is when the state of the art defense will be allowed by the judge. In case
the the judge does not allows, he can ether deny the daubert motion or he can grant the motion.
But if he allows, either the current FDA standard is admissible or the current FDA id not
admissible.
Then again f the current standard of FDA is admissible. Then the jury may or may not find the
product safe. Again, the judge may deny the daubert motion or he can grant the motion.
Similarly, in the case of not finding the product safe, the judge may give two scenarios,
described above. For all these scenarios, there are different costs that are given. But, the best
decision is that the product should be safe as if the product is found to be safe, the litigation will
not ask for nay penalty and the cost will be zero.
The decision tree helps in evaluating all the possible scenarios that can be faced by any party or
manager of any problem occurs. By picturing all the scenarios, the manager can take the best
decision. In the above tree, the best decision is the one in which the cost is zero and the product
is found safe.
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5. Assume that you are the Project Manager, What is your preferred risk analyses
technique (Qualitative or Quantitative)? Why?
The Qualitative Risk Analysis (QLRA) is the process that provides a numerical estimate to the
individual risk effects on the project goals. This process does not analyses all the risk in a
mathematical manner and the impact and probability is judged while distribution of the
stakeholder inputs. Whereas the Quantitative Risk Analysis (QTRA) is seen to consider the
overall risks associated with the projects including the combined effects of all the risks along
with their correlations. This method utilized the distribution of probability so as to calculate the
impact and probability of the risk along with project models, simulation and mathematical tools
for determining the impact of the risk.
As a Project Manager, the process of QLRA must be used in every project irrespective of its
budget or time as it provides numerical estimates in terms of cost and schedule. This process will
assess the individual risk and will assign the ranking from 0 to 1 for estimating impact and
probability. Whereas, the process of QTRA predicts the outcome of the project on the basis of
combined risks effect in terms of time or budget along with determining the likelihood of
meeting contingency (Aven, 2015). The process of QTRA can be considered as optional in
smaller projects as the Project Manager is bound to operate in highly constrained environment
and it expected to leave some project goals or objectives due to lack of budget and time. The
QTRA cannot be applied in moderately complex or small projects and do not find any use in
software projects.
5

6. What is the appropriate amount of risk that a project manager should take? What
are the main factors that increase or decrease the risk tolerance?
The degree of uncertainty being accepted by the stakeholder with respect to the risk assessment
of the project is the amount of risk that can be taken by the project manager and is termed as the
risk tolerance. The risk tolerance is usually dependent on the extent of diversification of the
project and the extent of financial stability. It is a critically emerging factor among the safety
leaders who are focusing on understanding their teams and are developing numerous strategies
for creating a safer environment by protecting the team and the project member.
The factors influencing the risk tolerance have been discussed by the Fennell, D., & Williamsen,
M. (2015).
The factors that increase the risk tolerance are provided as given below:
1. High pressure due to financial reasons or from competition is seen to increase the risk
tolerance.
2. Overestimating of the experience and capability of the employee is seen to increase the
risk tolerance
3. The familiarity with the task
4. Overconfidence in the equipment
5. Confidence in rescue and protection
6. Potential gains and profits from the actions
7. Role models that accept the risks
6

8. Superior control on the voluntary actions
The factors that decrease the risk tolerance are given below:
1. Seriousness of the outcome
2. Personal experience with an outcome
3. Non-compliance cost
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

References:
Acebes, F., Pajares, J., Galán, J. M., & López-Paredes, A. (2016). A Project Monitoring and
Control System Using EVM and Monte Carlo Simulation. In Project Management and
Engineering Research, 2014 (pp. 31-40). Springer International Publishing.
Aven, T. (2015). Risk analysis. John Wiley & Sons.
Fennell, D., & Williamsen, M. (2015, January). Personal Risk Assessment--A Key to Safety
Performance Excellence On and Off the Job. In ASSE Professional Development Conference
and Exposition. American Society of Safety Engineers
Lam, J. (2014). Enterprise risk management: from incentives to controls. John Wiley & Sons.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: concepts and guidance. CRC Press.
8