risk management(mba general, 1st semester) by sir aftab parvez
TRANSCRIPT
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
1/17
RISK MANAGEMENT
RiskRiskis defined as the effect of uncertainty on objectives(whether positive or negative)
Risk managementRisk manag
ement can therefore be considered the identification,assessment, and prioritization of risks followed by coordinated
and economical application of resources to minimize, monitor,and control the probability and/or impact of unfortunate eventsor to maximize the realization of opportunities
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
2/17
RISK MANAGEMENT
Risks can come fromRisks can come from
uncertainty in financial markets,uncertainty in financial markets,
project failures, legal liabilities,project failures, legal liabilities,
credit risk,credit risk,accidents,accidents,
natural causes andnatural causes and
disasters as well as deliberate attacks fromdisasters as well as deliberate attacks from
an adversaryan adversary
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
3/17
RISK MANAGEMENT
Several risk management standards have been developed;Several risk management standards have been developed;
Project Management InstituteProject Management Institute
The National Institute of Science and TechnologyThe National Institute of Science and Technology
Actuarial societies,Actuarial societies,
And ISO standardsAnd ISO standards
Methods, definitions and goals vary widely according toMethods, definitions and goals vary widely according to
whether the risk management method is in the context ofwhether the risk management method is in the context of
project management, security, engineering, industrialproject management, security, engineering, industrial
processes, financial portfolios, actuarial assessments, orprocesses, financial portfolios, actuarial assessments, or
public health and safetypublic health and safety
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
4/17
RISK MANAGEMENTRISK MANAGEMENT
The strategies to manage risk include;The strategies to manage risk include;
transferring the risk to another party,transferring the risk to another party,
avoiding the risk,avoiding the risk,
reducing the negative effect of the risk,reducing the negative effect of the risk,and accepting some or all of the consequencesand accepting some or all of the consequences
of a particular risk.of a particular risk.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
5/17
RISK MANAGEMENT
INTRODUCTION:INTRODUCTION:
In ideal risk management, a prioritizationIn ideal risk management, a prioritizationprocess is followed whereby the risks with theprocess is followed whereby the risks with the
greatest loss and the greatest probability ofgreatest loss and the greatest probability of
occurring are handled first, and risks withoccurring are handled first, and risks with
lower probability of occurrence and lower losslower probability of occurrence and lower lossare handled in descending order. In practiceare handled in descending order. In practice
the process can be very difficult, and balancingthe process can be very difficult, and balancing
between risks with a high probability ofbetween risks with a high probability of
occurrence but lower loss versus a risk withoccurrence but lower loss versus a risk with
high loss but lower probability of occurrencehigh loss but lower probability of occurrencecan often be mishandled.can often be mishandled.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
6/17
RISK MANAGEMENT
Intangible risk management identifies a newtype of a risk that has a 100% probability ofoccurring but is ignored by the organizationdue to a lack of identification ability. For
example, when deficient knowledge is appliedto a situation, a knowledge risk materializes.
Relationship risk appears when ineffectivecollaboration occurs.
Process-engagement risk may be an issuewhen ineffective operational procedures areapplied.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
7/17
RISK MANAGEMENT
These risks directly reduce theThese risks directly reduce theproductivity of knowledge workers,productivity of knowledge workers,
decrease cost effectiveness,decrease cost effectiveness,
profitability, service, quality,profitability, service, quality,
reputation, brand value, and earningsreputation, brand value, and earningsquality. Intangible risk managementquality. Intangible risk management
allows risk management to createallows risk management to create
immediate value from theimmediate value from the
identification and reduction of risksidentification and reduction of risks
that reduce productivity.that reduce productivity.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
8/17
RISK MANAGEMENT
Risk management also facesRisk management also facesdifficulties allocating resources. Thisdifficulties allocating resources. Thisis the idea ofis the idea ofopportunity cost.opportunity cost.
Resources spent on risk managementResources spent on risk managementcould have been spent on morecould have been spent on moreprofitable activities. Again, ideal riskprofitable activities. Again, ideal riskmanagement minimizes spending andmanagement minimizes spending andminimizes the negative effects ofminimizes the negative effects ofrisks.risks.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
9/17
RISK MANAGEMENT
METHOD:METHOD:
For the most part, these methods consist of thefollowing elements, performed, more or less, in thefollowing order.
identify, characterize, and assess threatsidentify, characterize, and assess threats assess the vulnerability of critical assets to specificassess the vulnerability of critical assets to specific
threatsthreats
determine the risk (i.e. the expected consequencesdetermine the risk (i.e. the expected consequences
of specific types of attacks on specific assets)of specific types of attacks on specific assets) identify ways to reduce those risksidentify ways to reduce those risks
prioritize risk reduction measures based on aprioritize risk reduction measures based on a
strategystrategy
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
10/17
PRINCIPALS OF RISK MANAGEMENT
Risk management should:Risk management should:
create value.create value. be an integral part of organizational processes.be an integral part of organizational processes.
be part of decision making.be part of decision making.
explicitly address uncertainty.explicitly address uncertainty.
be systematic and structured.be systematic and structured. be based on the best available information.be based on the best available information.
be tailored.be tailored.
take into account human factors.take into account human factors.
be transparent and inclusive.be transparent and inclusive. be dynamic, iterative and responsive to change.be dynamic, iterative and responsive to change.
be capable of continual improvement andbe capable of continual improvement andenhancementenhancement
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
11/17
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
12/17
PROCESS-RISK MANAGEMENT
Establishing the contextEstablishing the contextinvolves:involves: IdentificationIdentification of risk in a selected domain ofof risk in a selected domain of
interestinterest
PlanningPlanning the remainder of the process.the remainder of the process.
Defining a frameworkDefining a framework for the activity and anfor the activity and anagenda for identification.agenda for identification.
Developing an analysisDeveloping an analysis of risks involved in theof risks involved in theprocess.process.
MitigationMitigation of risks using availableof risks using available
technological, human and organizationaltechnological, human and organizationalresources.resources.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
13/17
PROCESS-RISK MANAGEMENT
IDENTIFICATIONIDENTIFICATION
After establishing the context, the nextAfter establishing the context, the next
step in the process of managing risk is tostep in the process of managing risk is to
identify potential risks. Risks are aboutidentify potential risks. Risks are about
events that, when triggered, causeevents that, when triggered, cause
problems. Hence, risk identification canproblems. Hence, risk identification can
start with the source of problems, or withstart with the source of problems, or withthe problem itselfthe problem itself
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
14/17
PROCESS-RISK MANAGEMENT
IDENTIFICATION
Source analysisSource analysis Risk sources may beRisk sources may beinternal or external to the system that isinternal or external to the system that isthe target of risk management. Examplesthe target of risk management. Examplesof risk sources are: stakeholders of aof risk sources are: stakeholders of a
project, employees of a company or theproject, employees of a company or theweather over an airport.weather over an airport.
Problem analysisProblem analysisRisks are related toRisks are related toidentified threats. For example: theidentified threats. For example: the
threat of losing money, the threat ofthreat of losing money, the threat ofabuse of privacy information or theabuse of privacy information or thethreat of accidents and casualtiesthreat of accidents and casualties.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
15/17
PROCESS-RISK MANAGEMENT
IDENTIFICATION
When either source or problem is known, the eventsWhen either source or problem is known, the events
that a source may trigger or the events that can lead tothat a source may trigger or the events that can lead toa problem can be investigated. For example:a problem can be investigated. For example:
stakeholders withdrawing during a project maystakeholders withdrawing during a project may
endanger funding of the project; privacy informationendanger funding of the project; privacy information
may be stolen by employees even within a closedmay be stolen by employees even within a closed
network; lightning striking a Boeing 747 during takeoffnetwork; lightning striking a Boeing 747 during takeoffmay make all people onboard immediate casualties.may make all people onboard immediate casualties.
The chosen method of identifying risks may depend onThe chosen method of identifying risks may depend on
culture, industry practice and compliance. Theculture, industry practice and compliance. The
identification methods are formed by templates or theidentification methods are formed by templates or the
development of templates for identifying source,development of templates for identifying source,
problem or eventproblem or event.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
16/17
PROCESS-RISK MANAGEMENT
IDENTIFICATIONIDENTIFICATION
Common risk identification methods are:Common risk identification methods are: Objectives-based risk identification:Objectives-based risk identification: OrganizationsOrganizations
and project teams have objectives. Any event thatand project teams have objectives. Any event that
may endanger achieving an objective partly ormay endanger achieving an objective partly or
completely is identified as risk.completely is identified as risk.
Scenario-based risk identification:Scenario-based risk identification: In scenarioIn scenario
analysis different scenarios are created. Theanalysis different scenarios are created. The
scenarios may be the alternative ways to achieve anscenarios may be the alternative ways to achieve an
objective, or an analysis of the interaction of forcesobjective, or an analysis of the interaction of forcesin, for example, a market or battle. Any event thatin, for example, a market or battle. Any event that
triggers an undesired scenario alternative istriggers an undesired scenario alternative is
identified as risk.identified as risk.
-
8/14/2019 Risk Management(MBA General, 1st semester) by Sir Aftab Parvez
17/17
PROCESS-RISK MANAGEMENT
Taxonomy-based risk identification:Taxonomy-based risk identification: taxonomy-taxonomy-
based risk identification is a breakdown ofbased risk identification is a breakdown ofpossible risk sources. Based on the taxonomy andpossible risk sources. Based on the taxonomy andknowledge of best practices, a questionnaire isknowledge of best practices, a questionnaire iscompiled. The answers to the questions revealcompiled. The answers to the questions revealrisks.risks.
Common-risk checking:Common-risk checking: In several industries listsIn several industries listswith known risks are available. Each risk in thewith known risks are available. Each risk in thelist can be checked for application to a particularlist can be checked for application to a particularsituation.situation.
Risk charting:Risk charting: This method combines the aboveThis method combines the aboveapproaches by listing resources at risk, Threats toapproaches by listing resources at risk, Threats to
those resources Modifying Factors which maythose resources Modifying Factors which mayincrease or decrease the risk and Consequences itincrease or decrease the risk and Consequences itis wished to avoid.is wished to avoid.