MSG Team's other articles

10104 Key Risk Indicators

The fourth and last step for risk management suggested by the Bank of International Settlements in its Basel Norms is the continuous monitoring of key risk indicators. Key risk indicators are important metrics that can track the business environment and internal control factors. They can help an organization keep track of a rapidly changing internal […]

12218 Why Agile is the Way Forward for Organisations

The Business Case for Agile Organisations Each age or era in business has its own defining method of doing business. If it was the top down bureaucratic model in the Industrial Era, it was the flatter organisational structure in the services age. Now, as we are on the cusp of the Fourth Industrial Revolution and […]

12201 Team Management in Agile and Automated Organizations

How does Top Down Management Work and how does Flatter Management Work? Traditionally, managers were used to the Top Down Hierarchical and Command and Control organizations where orders were sent from above and the managers had to implement them with little autonomy or agency for their individual decision making abilities. Further, team management in such […]

12063 Written Communication – Meaning, Advantages and Disadvantages

Written communication has great significance in today’s business world. It is an innovative activity of the mind. Effective written communication is essential for preparing worthy promotional materials for business development. Speech came before writing. But writing is more unique and formal than speech. Effective writing involves careful choice of words, their organization in correct order […]

10447 Need to Develop Network Thinking and Seventh Sense for Success in the 21st Century

The Age of Networks We live in the Age of Networks. Networks are everywhere and anywhere and real-time connectivity and mobile communications mean that we just cannot be without developing the ability to think in terms of network thinking. Indeed, given the fact that we live in a globalized world where events in one part […]

Search with tags

  • No tags available.

Literally speaking, risk management is the process of minimizing or mitigating the risk. It starts with the identification and evaluation of risk followed by optimal use of resources to monitor and minimize the same.

Risk generally results from uncertainty. In organizations this risk can come from uncertainty in the market place (demand, supply and Stock market), failure of projects, accidents, natural disasters etc. There are different tools to deal with the same depending upon the kind of risk.

Ideally in risk management, a risk prioritization process is followed in which those risks that pose the threat of great loss and have great probability of occurrence are dealt with first. Refer to table below:


IMPACTACTIONS
SIGNIFICANTConsiderable Management RequiredMust Manage and Monitor RisksExtensive Management essential
MODERATERisk are bearable to certain extentManagement effort worthwhileManagement effort required
MINORAccept RisksAccept but monitor RisksManage and Monitor Risks
 LOWMEDIUMHIGH
LIKELIHOOD

The above chart can be used to strategize in various situations. The two factors that govern the action required are the probability of occurrence and the impact of the risk.

For example a condition where the impact is minor and the probability of occurrence is low, it is better to accept the risk without any interventions.

A condition where the likelihood is high and the impact is significant, extensive management is required. This is how a certain priority can be established in dealing with the risk.

Apart from this, typically most of the organizations follow a risk management cycle. Refer diagram below:

Risk Management

According to this cycle there are four steps in the process of risk management.

The first step is the assessment of risk, followed by evaluation and management of the same. The last step is measuring the impact.

Risk identification can start at the base or the surface level, in the former case the source of problems is identified. We now have two things to deal with the source and the problem.

Risk Source: The source can be either internal or external to the system. External sources are beyond control whereas internal sources can be controlled to a certain extent. For example, the amount of rainfall, weather over an airport etc!

Problem: A problem at the surface level could be the threat of accident and casualty at the plant, a fire incident etc.

When any or both of the above two are known beforehand, certain steps can be taken to deal with the same.

After the risk/s has been identified then it/they must be assessed on the potential of criticality. Here we arrive upon risk prioritization.

In generic terms ‘Likelihood of Occurrence × Impact’ = Risk.

This is followed by development of a risk management plan and implementation of the same. It comprises of the effective security controls and control mechanisms for mitigation of risk.

A more challenging risk to organizational effectiveness is the risk that is present but cannot be identified. For example a perpetual inefficiency in the production process accumulates over a certain period of time and translates into operational risk.

Article Written by

MSG Team

An insightful writer passionate about sharing expertise, trends, and tips, dedicated to inspiring and informing readers through engaging and thoughtful content.

Leave a reply

Your email address will not be published. Required fields are marked *

Related Articles

The COSO Framework for Internal Control

MSG Team

The Cost Structure in the Insurance Industry

MSG Team

Credit Derivatives: An Introduction

MSG Team