Organisations are facing an increasing number and a greater variety of risks and there is growing recognition that Risks must be managed with the total organisation in mind.
All organisations are required to have a more practical approach to dealing with risk that goes beyond the statistical and analytical to future scenarios and planning (Jolly, 2003). Organisations have recognised the importance of managing all risks and their interactions. Furthermore, publicly traded companies are well aware of the desire of their stakeholders for stable and predictable earnings according to projections in their Annual Plan, which is one of the key objectives of Enterprise Risk Management.Enterprise Risk Management emphasizes a comprehensive view of risk and risk management meaning that different risks within the organisation should not be managed separately. Rather than focusing solely on hazard or financial forms of risk, enterprise risk management seeks to address all events that might adversely or positively impact the performance of the organisation. Greater knowledge of risks delivers the ability to deal with and manage risk at the lowest possible cost. Risk Management Plan is developed to ensure levels of risk and uncertainty are properly managed so that the project is successfully completed. It enables those involved with the project to manage possible risks by defining the manner in which they will be contained and the likely cost of mitigation strategies.
A Risk Management Plan outlines the foreseeable risks and provides a set of actions to be taken both to prevent the risk from occurring and reduce the impact of the risk should it eventuate. In essence to demonstrate that there are processes to monitor the status of each risk periodically and implement the risk mitigation plan as appropriate. To control and manage risks effectively during the work effort, and follow a program to monitor risks and their status and evaluate the results of risk-handling actions regularly. Nowhere is that more true than in your Risk Management Plan. The Risk Management Plan should identify the risk management activities you anticipate and plan throughout the product’s life-cycle. It is dynamic and should be revisited and updated often. This is not a do it one time and it’s done activity.
A Risk Management Plan must include the following criteria:1. Scope of the Risk Management activities. Define the objectives included. It is possible to have multiple objectives described within a single Risk Management Plan;2.
Describe the intended Priority outlined in the objectives;3. Identify all Risk Management objectives planned throughout the product lifecycle;4. Define roles and responsibilities. Identify the Risk Management team that will be reviewing and approving risk documentation;5. Criteria for the objectives risk acceptability, often times this is likely to be defined within the Risk Management Procedure;6. Specify methods to verify Risk Control measures are implemented and reduce risks; and 7.
Define how performance results information will be captured and fed into Risk Management activities.Risks can be identified for the project as a whole, as well as likely risks for each phase of work and for each key deliverable. While the entire risk list might be long, not every risk is relevant at the start of the project. Many risks will not emerge until the work is well underway.
Risk levels are quantified by multiplying the likelihood of the risk with its impact and control measure effectiveness of the risks (with their proposed action responses) can be scattered across the project duration in those places they are most likely to emerge. The key to a successful risk management plan is constantly updating the risk list while ensuring that team members or employees are aware of the risks specific to their own tasks/processes. Many anticipated risks can be avoided. If a project team is properly informed about what risks might emerge as they work, they can relax into a work routine and focus on the product, the quality, the resources, and the deadlines.Risk management starts with identifying, assessing and quantifying business risks, then taking measures to control or reduce them. The risks are then reassessed and business decisions are made based on the remaining risk vs. reward. Having a clear understanding of all risks allows an organization to measure and prioritize them, then take the appropriate actions to reduce losses.
In order to understand the art of good risk management, one must be able to identify the different types of risks associated with each decision. Risk management provides assurance that an organization can create and implement an effective plan to prevent losses or reduce the impact if a loss occurs. A good risk management plan includes strategies and techniques for recognizing and confronting these threats, solutions for both preventing and solving bad situations, and indicates financial opportunities. In order to reduce the risks for your business it’s imperative to have a risk management program in place with decisions, policies, and business rules to maintain the integrity of established performance standards.