CHAPTER II

RISK MANAGEMENT:
A POWERFUL TOOL
Presentation by Angel Dave & Myra Ardales
Learning Objectives
UNDERSTAND THE KEY CONCEPTS AND PRINCIPLES OF RISK
MANAGEMENT

KNOW THE STANDARDS AND GUIDELINES OF RISK

MANAGEMENT

LEARN THE DIMENSIONS OF RISK MANAGEMENT FUNCTIONS,

FRAMEWORK AND PROCESS

IDENTIFY RISK EXPOSURES

Learning Outcomes
REALIZE HOW RISK MANAGEMENT CAN ADD VALUE TO AN
ORGANIZATION

KNOW HOW TO IDENTIFY HAZARDS AND ASSESS RISKS

SEE THE IMPORTANCE OF RISK MANAGEMENT

APPRECIATE THE BENEFITS OF RISK MANAGEMENT

"Alignment of business strategy and risk
appetite should minimize the firm's
exposure to large and unexpected losses.
In addition, the firm's risk management
capabilities need to be commensurate with
the risks it expects to take"

-Jerome Powell
Something to think about...

To dare is still the bestway to live

Don't put all your eggs in one basket

Words/phrase to ponder...

Risicare Risk Reduction

Probability theory Risk Retention
Modern Portfolio Theory Risk Transfer
Risk Management Risk Avoidance
 EVOLUTION OF
RISK MANAGEMENT
RISK MANAGEMENT
is a scientific approach to the problem of dealing with
the pure risks by anticipating possible accidental
losses facing individuals and organizations and
implementing procedures that minimize the occurence
of loss or the financial impact of the losses that do
occur.
RISK
RISICARE
TO DARE
 How did risk management start?

1654- THE PARADOX OF MERE'S

The gallant knight rider Mere, with an intense liking for
games, dared the renowned mathematician Blaise Pascal to
make sense of enigma that had been revealed by Paccioli
200 years before.
Pascal collaboated with Pierre de Fermat and the result of
the temwork is stunning.
Probability Theory- a mathematical foundation of the concept
of risk
With time, more mathematicians developed the probability
theory into a formidable instrument to:
a. Manage b. Decode and c. Handle communication
17th Century
Shipping insurances had transpired as a foreshadowing and cutting-
edge business in London
Gottfried von Leibniz said: " Nature establishes standards that
originate the return of events but only in the majority of cases;
leading Bernoulli to create the Law of the Big Numbers and
statistical sampling
Abraham de Moivre exhibited the normal distribution and
discovered the concept of standard deviation. That established the
base concept for the Law of the Averages.
 Thomas Bayes
created a gigantic spike in statisticsby presenting just how
to construct decisions by incorporating or combining latest
material evidence with long standing erstwhile information.
BAYES THEOREM

Harry Markowitz
demonstrated mathematically of why putting all the eggs in the
same basket is an unacceptable and risky strategy.
MODERN PORTFOLIO THEORY
 Development of Risk Management

Evolution from corporate insurance buying

1929
Corporate insurance buyers met informally in
Boston to discuss mutual problems

1931 American Mangement Association established its

Insurance Division
 Development of Risk Management
Early The general trend in use of the term Risk
1950's Management began

One of the early references to risk management in

literature appeared in a 1956 article in Harvard

1956 Business Review by Russel Gallagher,

He proposed that someone within the organization

should be responsible for managing the
organization's pure risks.
The Origins of Military
Risk Insurance
Aerospace programs
Management Financial theory
The Nature of Risk Management
1. Scientific aproach to dealing with pure risks
2. Broader than insurance management
3. Differs from insurance management in philosophy

SCIENTIFIC APPROACH
Risk management depends on the following:
a. Rules derived from the general knowledge of
experience
b. From precepts drawn from other disciplines,
especially decision theory.
Though Risk Management is not a science such as
those of the physical sciences, this does not disqualify
its use of the scientific method.
 Henri Fayol and
Risk Management

is a famous French management authority divided all

industrial activities into six broad functions:

1. Managerial Activities
2. Technical Activities (Production)
3. Commercial Activities (Marketing)
4. Financial Activities
5. Security Activities
6. Accounting Activities
is the appellation granted to a
rational and logical processof
identifying, analyzing, treating and
monitoring the risks implicated in
any endeavor or proceudre. WHAT IS RISK
It is a line of tactic that assist
business executives and managers MANAGEMENT?
while at the same time trying to
utilize their available resources to
it's full potentials.
Why do we need Risk Management?
 It stimulates supports, promotes and upholds
effective management.
It allows management to prepare itself for
whatever risk it ventures.
Availability of resources are limited
Risk management process is well-established

WHO MAKE USE OF RISK MANAGEMENT?

Healthcare
Insurance
Finance
Investment
WHAT DOES IT INCLUDE?
Risk management planning
Risk Identification
Qualitative risk analysis
Quantitative analysis
Risk Response planning
Risk Monitoring and control

HOW IS IT DONE IN A PROJECT? 10 STEPS:

Make risk management part of your project
Identify risk early in your project
Communicate about risks
Consider both threats and opportunities
Clarify ownership issues
 Analyze risks
Prioritize risk
Plan and implement risk responses
Register project risks
Track risks and associated tasks

MISCONCEPTIONS ABOUT RISK MANAGEMENT

1. The risk management concept is applicable principally to large
organizations.
2. The risk management approach seeks to minimize the role of
insurance.

Risk management encompasses many fields. As such, it is virtually

impossible for anyone to be an expert in everything related to risk
management
Risk Managers tended to be:

a. Specialists in one phase of risk management (e.g.,

insurance or loss prevention) or
b. Generalists without expertise in any of the sub-
disciplines of risk management.
RISK MANAGEMENT: BENEFITS

effective activities
a reduction in the need for crisis management
a universal application
proactivecost effective
compliance
DUTIES & RESPONSIBILITIES OF THE
RISK MANAGERS
assist in developing risk management policy
risk identification and measurement
selecting risk financing alternatives
negotiate insurance coverage
managing claims
internal administration
communicating with other managers
accounting
administer risk functions
loss prevention
managing employee benefits
TITLE IN THE ORGANIZATION
according to a 1995 survey conducted by Logic Associates for RIMS,
48% of respondents reported their title was Risk Manager, 45% said
their title was Director of Risk Management, ad 6% reported the title
Assistant Treasurer.

POSITION IN THE ORGANIZATION

Most risk managers have a financial orientation, reporting to the
following:
a. Vice president-finance b. Treasurer c. Comptroller
Risk manager should be in a less specialized department, reporting to
an executive VP or to the president to illustrate the company-wide
scope of risk management activities.
The Non-Professional Risk Manager
The non-professional risk manager should understand & understand &
appreciate the principles of risk management
The non-professional risk manager must know enough about risk
management
The non-professional risk manager must know enough about risk
management and insurance

With the advent and growth of professionla studies in risk management,

the view has changed.
Persons trained in risk management are uniquely equipped for:
a. organizing b. planning c. leading and d. controlling the risk
management functions of the organizations.
 Risk Management Tools

RISK CONTROL
1. Avoidance- an advised decision is made to eradicate risk or to elect for a different
level of risk.
2. Reduction - fitting practices and management standards are carefully operated to
mitigate either the likelihood and/or penalties of known risks.
RISK FINANCING

1. Retention- preferred term for self-insurance

[Link]- the accountability or problem for damage or loss is reallocated to
another party through contractual provisions insurance or other means.
 Holistic Risk Management-
the organization as a whole entity
AREAS & SOURCES OF RISK Natural Disasters
Debt management Accidents
Fraudulent acts Unstable People HAZARD
Accounting & Taxation FINANCIAL Unsafe Practices
Cash flow issues
Fundraising

Data Contracts
Assets Duty of Care
LEGAL
Personnel/Key people OPERATIONAL State & Federal Action
Consequential Regulation
Special Events
MANAGING RISK
Risk can be managed with proper discipline. The aim should be that the firm
incorporates risk management as:
a practice
a routine
a way of life
a way of defending and progressing manners and conducts
the way management conceive and executes activities

Managing a program must have the support from the top management. It is simply
like on the old saying we know " NO MAN IS ON ISLAND"
RISK MANAGEMENT : BASIC IDEOLOGIES

1. Manage risk where risk occurs

2. Prioritization
3. Resource allocation and loading
) ) ) ) ) ) ) ) ) Intro
) ) ) ) ) ) ) ) )
RISK MANAGEMENT PLAN

Customer satisfaction
Schedule Risk
Resource Risk
Quality Risk
Scope Risk
Cost Risk
) ) ) ) ) ) ) ) )
) ) ) ) ) ) ) ) )
PLAN RISK MNGT.

) ) ) ) ) ) )
1. Analysis and decision
making to implement 3. Stakeholders will be
risk management. considered in planning
2. Appropriate to size and risk management
complexity
) ) ) ) ) ) ) ) )
) ) ) ) ) ) ) ) )
IDENTIFY RISK

1. Which among the risk has the highest probability

of affecting the project?
2. Construct a SWOT Analysis
3. Gather as much information as possible
4. Formulate a Check list analysis
5. Generate Assumption Analysis
) ) ) ) ) ) ) ) )
) ) ) ) ) ) ) ) )
PLAN RISK RESPONSE

1. Eliminate threats before they happen

2. Reduce impact of threat
3. Contingency plan
4. Fall-back plan
5. Negative risk or threat
6. Positive risk or opportunity
) ) ) ) ) ) ) ) )
) ) ) ) ) ) ) ) )
NEGATIVE RISK OR THREAT

Avoid
Transfer
Mitigate POSITIVE RISK OR OPPORTUNITY
Accept
Exploit
Share
Enhance
) ) ) ) ) ) ) ) )
) ) ) ) ) ) ) ) )
MONITOR & CONTROL RISK

1. RISK RE-ASSESSMENT
2. RISK AUDIT
3. TREND ANALYSIS
 CATEGORIES OF RISKS
I. Financial [Link]
Reduction in funding Engages in activity at variance
Failure to safeguard assets with its stated objectives.
Poor cash flow management Fails to engage in an activity
Lack of value for money that would support its stated
Fraud/theft objectives.
Poor budgeting
 CATEGORIES OF RISKS
[Link] [Link]
Failure of an IT system Organization engages in activities
Poor quality of services delivered that could threaten its good name.
Lack of succession planning Through association with other
Health and Safety risks bodies
Staff skill levels Staff/members acting in a criminal
No process to track contractual or unethical way
commitments Poor stakeholder relations
 CATEGORIES OF RISKS
[Link] and Compliance
Lack of oversight by Board
Segregation of duties not defined formally
Ensuring compliance with funders' terms and conditions
Compliance with applicable legislation
Safeguarding of vulnerable individuals
Taxation Law
Data Protection
Health and Safety Law
 RISK MANAGEMENT PROCESS

is the systematic application of management policies, procedures and

practices to the tasks of identifying, analyzing, evaluating, treating and
monitoring risk.

A significant part in the risk management standard that requires the

organizational team to recognize what its aims and goals are:
 What are your intents and objectives?
 What does your business exist for?
 What are your services or deliverables?
 Who are your affiliates, patrons and clienteles?
This collective perception is essential for the reason that it presents the
restrictions or framework for risk assessment. Thus, the process includes
the following:
Establish the Context
Identify Risks
Analyze and Evaluate Risks
Develop Risk Treatment Strategies
Monitor and Review
 QUALITATIVE & QUALITATIVE RISK ANALYSIS

1. Assess impact and likelihood of the identified

QUALITATIVE risk
RISK [Link] and impact matrix
ANALYSIS [Link] categorization
[Link] urgency assessment

[Link] gathering
QUANTITATIVE [Link]
RISK ANALYSIS [Link]
[Link]
[Link] distribution
 [Link] techniques
QUANTITATIVE [Link]-tree analysis
RISK ANALYSIS [Link] analysis
[Link] judgment

Four (4) things in plan:

1.A clear understanding of organization's goal
2.A clear understanding of the likelihood of something happening
3.A clear understanding of the consequences of something happening
4.A form of matrix that combines the likelihood and consequences and arrive at a
risk rating which allows the separation of acceptable from unacceptable risks.
 QUALITATIVE OR QUANTITATIVE?
IS THIS THE HARD PART?

Combining both qualitative and quantitative approach is

very much appreciated and commonly used in most
business undertakings. It's actually doing most of what
we have
 RISK CONTROL
A control measure is something that is already existing. The
purpose of control measure is to reduce the risks via impact on
likelihood, consequence or magnitude. Examples of which may
include but not limited to the following:
A prevailing management policy
Work procedure and practices
Technical system
Training program
Contract management planning guidelines
 CONTROL VALUES
CODE DESCRIPTION

The control happens to be highly effective as it

HE
lowers the chances of the risk-taking place and/or it
(HIGHLY EFFECTIVE)
lessens the consequences if the risk
does strike

The control happens to be moderately effective as it

ME only partly decreases the odds of the risk transpiring
(MODERATELY and/or somewhat eases the magnitudes if the risk
EFFECTIVE) does occur.
 CONTROL VALUES
CODE DESCRIPTION

The control happens to be ineffective as it does not

IE
lower the possibility of the risk occuring and/or it
(INEFFECTIVE)
does not diminish if the risk does take place.

Defining Likelihood and Consequence

A challenging but significant chore when forming the consequence and likelihood
matrix is to as certain what represents an "Almost Certain" and what establishes a
"Rare"; when is a magnitude rated "Significant" and which ones are considered a
"Catastrophic".
 ANALYZING LIKELIHOOD/CONSEQUENCE FOR RISK
RATING

Risk analysis is about:

[Link] the likelihood of events
[Link] magnitude of their consequences and
[Link] mitigating factors that would:
 Reduce the nature,
 Frequency or
 Damaging effects of the consequences
When evaluating likelihood and consequences, you may consider
asking the following usual questions:
 How prone is this risk to occur?
 What will be the consequences in case it does happen?
 By and large, what will be the overall risk level?
 Is the risk Acceptable or Unacceptable?

The formula for the risk matrix is simple enough for everyone to
comprehend.
Likelihood + Consequence - Controls in Place = VULNERABILITY
 LIKELIHOOD &
CONSEQUENCE
MATRIX
LIKELIHOOD, PRIORITY CRITERIA &
CONSEQUENCES
RISK MITIGATION
RISK MITIGATION STRATEGY OPTIONS
1. RISK AVOIDANCE
2. RISK TRANSFER
3. RISK REDUCTION

RISK MITIGATION STRATEGY DEVELOPMENT

Define risk
Goal
Strategies
Preferred Strategy
Action Plan
2
STRATEGY SOURCES
Communication (internal&external)
Training
Documentation
Resourcing
Systems
Planning (Additional)
In most cases, the ff. schemes and line of attack proved to be beneficial
when dealing with Risk MAnagement:
a. Communications
How to open up the line of communication? Should it be:
Internal
External
Both
2
Will transparency help all concerned better understand the situationand will it
contribute to managing risk?
b. Training
What types of training should be administere to prepare management in
mitigating risk?
Should training activities be conducted regularly?
Should trainings be directed locally?
c. Documentation
What should be included in the checklist?
What are the steps or process involved?
d. Action Plan
What is your line of attack?
How do you plan to implement the strategy?
2
Thank you!