0
Introduction to    Risk Management                                 Kannan Subbiah                             Director, Op...
Objectives Understanding Risk Risk Management as a process Exercise Q&A                                 2
How to learn Risk Management? http://www.youtube.com/watch?v=laKprX-HP94&feature=related                                 ...
What is a Risk?A risk is ANYTHING that may affect the achievement of  an organization’s objectives.It is the UNCERTAINTY t...
Alternatively … Risk is a potential event with negative consequences that  had not happened yet    Could also be an even...
Why do we need Risk Management?The only alternative to risk management is crisis management --- andcrisis management is mu...
How does Risk Management help? Increase risk awareness & understanding Allows intelligent “informed” risk-taking. Focus...
Key Terms Risk – Exposure to chance of hazard Risk Level – A measure to represent the significance of the risk Controls...
Exercise - I Think of a risk in your daily life Determine the probability of occurrence Make an assessment of an impact...
Who is involved? Customer End user Project Team Senior Management Related Project teams Vendors and suppliers       ...
When? A continuous process    Starts from proposal stage    Ends on project completion Review stages    Business case...
Risk Management Basics      Risk (uncertainty) may affect the achievement of       objectives.      Effective mitigation...
A Simple FrameworkStep 1        Step 2       Step 3      Step 4     Step 5                             Assess             ...
Risk Identification Techniques Brainstorming Interviewing Root cause analysis Checklists SWOT                        ...
Risk Management is critical to ALL levels of    decisions                                                                 ...
Risk Environment                                                                     External Risk Environment            ...
Categorizing Risk – Comprehensive    1.    Political or Reputational Risk    2.    Financial Risk    3.    Service Deliver...
Risk Prioritization – likelihood and impactLikelihood of a risk event occurring               Risk Impact: Level of damage...
Third dimension for rating risks - proximity         Immediate – now         Less than 6 months         Between 6-12 mo...
Risk rating…Combining impact and likelihood                         RISK PRIORITIZATION MATRIX                     5      ...
Risk reporting and communications     Risk Level                 Action and Level of Involvement Required                 ...
22
Measure and report RM implementation progress            • Advanced capabilities to identify, measure, manage all risk exp...
The Cyclist and the Risk Manager                                   24
Exercise II – 15 minutes    Identify risks that the cyclists faces in cycling to work.    Report back.                  ...
Risks Threats:               Opportunities:  Death                 Exercise  Head Injury           Sunlight  Injury  ...
Mitigation Strategies for threats Death, head injury, other injury – helmet, bright clothes,  lights, bell, CANbike cours...
Acknowledgements Practical approach to Risk Management - by Finance Management Institute,  Toronto Chapter. Introduction...
Questions?             29
Upcoming SlideShare
Loading in...5
×

Introduction to risk management

834

Published on

An introduction to Risk Management

Published in: Business, Economy & Finance
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
834
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
52
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • 1. Financial Risk - The risk of financial losses, overspending, or the inability to meet budgets and plans. 2. Service Delivery or Operational Risk - The risk that products or services will not get completed or delivered in a timely manner as expected. This also includes risks to business continuity. 3. People / HR Risk - The risk that capable & motivated staff will not be available to get the job done. This could be the result of resignations, turnovers, inability to hire, lack of skills, strikes, injury etc. 4. Information Risk - The risk that information produced, or used, is incomplete, out-of-date, inaccurate, irrelevant, or inappropriately disclosed 5. Strategic / Policy Risk -The risk that strategies and policies fail to achieve required results 6. Stakeholder Satisfaction / Public Perception Risk - The risk of failure to meet expectations of the public, other governments, ministries, or other stakeholders 7. Legal / Compliance Risk - The risk that a government initiative, or action, will be in breach of a statute, regulation, contract, MOU, or that the government will face litigation 8. Technology Risks - Risk that information technology infrastructure does not align with business requirements, and does not support availability, access, integrity, relevance, and security of data. This also includes risks to business continuity 9. Governance / Organizational Risk - Risk that the organization structure, accountabilities, or responsibilities are not designed, communicated, or implemented to meet the organization’s objectives, and the risk that business culture and management commitment does not support the formal structures 10. Privacy Risk - Risk that associated with the collection, use and disclosure of personal information and personal health information. 11. Security Risk - Risk that is associated with the protection of confidentiality, integrity, availability and value of assets (tangible and intangible) and people.
  • In phase I we facilitated a number of IRM activities. Here are three examples: Oak Ridge Facility at the Mental Health Centre Penetanguishene Colorectal Cancer Screening Program LHIN Readiness I and II These 3 examples showed us how we could implement IRM. Sharon Zwicker told us: put in quote Marsha Barnes told us: put in quote Gail Paech told us: put in quote Carrie Hayward told us: put in quote
  • In phase I we facilitated a number of IRM activities. Here are three examples: Oak Ridge Facility at the Mental Health Centre Penetanguishene Colorectal Cancer Screening Program LHIN Readiness I and II These 3 examples showed us how we could implement IRM. Sharon Zwicker told us: put in quote Marsha Barnes told us: put in quote Gail Paech told us: put in quote Carrie Hayward told us: put in quote
  • Statistics from Transport Canada Most Canadian deaths were unhelmeted riders. Transport Canada statistics show that 88 per cent of the 80 cyclists who died nationwide in 2001 were not wearing helmets.
  • Statistics from Transport Canada Most Canadian deaths were unhelmeted riders. Transport Canada statistics show that 88 per cent of the 80 cyclists who died nationwide in 2001 were not wearing helmets.
  • Transcript of "Introduction to risk management"

    1. 1. Introduction to Risk Management Kannan Subbiah Director, Operations Knowledge Universe Technologies India 1
    2. 2. Objectives Understanding Risk Risk Management as a process Exercise Q&A 2
    3. 3. How to learn Risk Management? http://www.youtube.com/watch?v=laKprX-HP94&feature=related 3
    4. 4. What is a Risk?A risk is ANYTHING that may affect the achievement of an organization’s objectives.It is the UNCERTAINTY that surrounds future events and outcomes.It is the expression of the likelihood and impact of an event with the potential to influence the achievement of an organization’s objectives. 4
    5. 5. Alternatively … Risk is a potential event with negative consequences that had not happened yet  Could also be an event with positive consequences A possibility of loss – not the loss itself  A source of problem  Find the root cause and not the leaves Something that makes the project special  In the widest sense, everything is a risk  Helps identify better ways of handling problems 5
    6. 6. Why do we need Risk Management?The only alternative to risk management is crisis management --- andcrisis management is much more expensive, time consuming andembarrassing. JAMES LAM, Enterprise Risk Management, Wiley Finance © 2003Without good risk management practices, government cannotmanage its resources effectively. Risk management means morethan preparing for the worst; it also means taking advantage ofopportunities to improve services or lower costs. Sheila Fraser, Auditor General of Canada 6
    7. 7. How does Risk Management help? Increase risk awareness & understanding Allows intelligent “informed” risk-taking. Focuses efforts –helps prioritize. Is proactive…. not reactive – Prepare for risks before they happen. Improve outcomes – achievement of objectives Enables accountability, transparency and responsibility And maybe even mean survival 7
    8. 8. Key Terms Risk – Exposure to chance of hazard Risk Level – A measure to represent the significance of the risk Controls – Action(s) that could eliminate or reduce the risk level Residual Risk – Risk level after implementing controls Risk Response – An action on the risk, whether to accept, or not to accept 8
    9. 9. Exercise - I Think of a risk in your daily life Determine the probability of occurrence Make an assessment of an impact, if it occurs. 9
    10. 10. Who is involved? Customer End user Project Team Senior Management Related Project teams Vendors and suppliers 10
    11. 11. When? A continuous process  Starts from proposal stage  Ends on project completion Review stages  Business case analysis  Project approval  Project planning  Technology, Tools & Vendor selection  Project status reviews  Deployment and Maintenance 11
    12. 12. Risk Management Basics  Risk (uncertainty) may affect the achievement of objectives.  Effective mitigation strategies/controls can reduce negative risks or increase opportunities.  Residual risk is the level of risk after evaluating the effectiveness of controls.  Acceptance and action should be based on residual risk levels. INHEREN T 12
    13. 13. A Simple FrameworkStep 1 Step 2 Step 3 Step 4 Step 5 Assess Identify Evaluate Establish Risks & Monitor Risks & & Take Objectives Controls & Report Controls Action Communicate, learn, improve 13
    14. 14. Risk Identification Techniques Brainstorming Interviewing Root cause analysis Checklists SWOT 14
    15. 15. Risk Management is critical to ALL levels of decisions UNCERTAINTY Strategic Decisions S trat egi c eg ic S trat Decisions transferring strategy into action e Pro g mm ra mme gra ProDecisions required for implementation Pro jec l t& ona Op e ra ti r atio & Ope nal je ct Pr o Decisions can be categorized into three types. The amount of risk (uncertainty) varies with the type of decisions. Most decisions are concerned with implementation. The HM Treasury’s The Orange Book 15
    16. 16. Risk Environment External Risk Environment MOHLTC Extended Extended Enterprise P ep P u b ti la & er ns gu ws c lic o n t io Internal re La MOHLTC Risk Environment i c c/ O Go ol gi P at e rg ve y Or r a rn Pa iz at nito ni a tr ga S za nc rtn ion s ni s r t io e n o M i th e tr ie Es er M na - O l t ab s e c Co m al / plian F ina li s Le g h Evaluate ncia Outcomes Capacity PoliticalCommunication Communication Communication l & Learning & Learning & Learning T r c ou r na Ide an A c ove olo n sfe ntabi c e c hn a t i o gy G nt r P l i ty T e or m ay ify me f In n nt Assess & In l f orm na atio ra tio n Human O pe Resources io r at de ns ct ol pe eh T h nom E e x ta k co e y S LHINs Corporate Governance Requirements 16
    17. 17. Categorizing Risk – Comprehensive 1. Political or Reputational Risk 2. Financial Risk 3. Service Delivery or Operational Risk 4. People / HR Risk 5. Information/Knowledge Risk 6. Strategic / Policy Risk 7. Stakeholder Satisfaction / Public Perception Risk 8. Legal / Compliance Risk 9. Technology Risk 10. Governance / Organizational Risk 11. Privacy Risk 12. Security Risk 13. Equity Risk Slide 17 17
    18. 18. Risk Prioritization – likelihood and impactLikelihood of a risk event occurring Risk Impact: Level of damage that can occur when a risk event occurs Very High: Is almost certain to occur  Very High: Threatens the success of the project High: Is likely to occur  High: Substantial impact on time, cost or quality Medium: Is as likely as not to occur  Medium: Notable impact on time, cost or quality Low: May occur occasionally  Low: Minor impact on time, cost or quality  Very Low: Negligible impact Very Low: Unlikely to occur Slide 18 18
    19. 19. Third dimension for rating risks - proximity  Immediate – now  Less than 6 months  Between 6-12 months  Between 12 – 24 months  Between 24 – 36 months  More than 36 months 19
    20. 20. Risk rating…Combining impact and likelihood RISK PRIORITIZATION MATRIX 5 RISK 4 IxL IMPACT RISK 3 IxL 2 RISK 1 IxL 1 2 3 4 5 LIKELIHOOD Slide 20 20
    21. 21. Risk reporting and communications Risk Level Action and Level of Involvement Required • Inform Chief Executive Officer and Board of Directors Critical Risk • Immediate action required • Inform Chief Executive Officer High Risk • Strategy Team involvement/attention is essential to manage risks – provide report to Board as appropriate • Management mitigation and ongoing monitoring required Moderate Risk • Inform relevant Strategy Team members • Accept, but monitor risks Low Risk • Manage by routine procedures within the program and site 21
    22. 22. 22
    23. 23. Measure and report RM implementation progress • Advanced capabilities to identify, measure, manage all risk exposures within tolerancesExcellent • Advanced implementation, development and execution of ERM parameters • Consistently optimizes risk adjusted returns throughout the organization • Clear vision of risk tolerance and overall risk profile • Risk control exceeds adequate for most major risks Strong • Has robust processes to identify and prepare for emerging risks • Incorporates risk management and decision making to optimize risk adjusted returns • Has fully functioning control systems in place for all of their major risks • May lack a robust process for identifying and preparing for emerging risksAdequate • Performing good classical “silo” based risk management • Not fully developed process to optimize risk adjusted returns • Incomplete control process for one or more major risks Weak • Inconsistent or limited capabilities to identify, measure or manage major risk exposures Source: Standard & Poor 23
    24. 24. The Cyclist and the Risk Manager 24
    25. 25. Exercise II – 15 minutes  Identify risks that the cyclists faces in cycling to work.  Report back. 25
    26. 26. Risks Threats: Opportunities:  Death  Exercise  Head Injury  Sunlight  Injury  Reputation  Reputation  Financial  Financial  Role model  Damage to the bike  Environment  Sunburn/frost bite 26
    27. 27. Mitigation Strategies for threats Death, head injury, other injury – helmet, bright clothes, lights, bell, CANbike course, obeying traffic laws, positive attitude, anger management course Reputation – great outfit, change of wrinkle-free clothes, shower, time management Financial – high quality locks, “beater”, stopping at stop signs Damage to the bike – regular maintenance, avoiding pot holes Sunburn/frost bite – sunscreen, mittens, hats, token/change Dehydration- filled water bottle 27
    28. 28. Acknowledgements Practical approach to Risk Management - by Finance Management Institute, Toronto Chapter. Introduction to Risk Management for Outsourcing projects - by Peter Kolb 28
    29. 29. Questions? 29
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×