Effective risk management for Contractors , Specialist trades, Property Developers and Homeowners.
Spending 80% of the effort to avoid problem arising rather than 80% effort sorting them after the event.
3. 80% of EFFORT TO SORT OUT
PROBLEMS AFTER THEY HAVE
OCCURRED
80% of EFFORT DEDICATED TO
AVOID PROBLEMS OCCURRING IN
THE FIRST PLACE
4. What are we going to discuss?
• What is risk Management?
• Whose it for?
• When do you do it?
• How do you do it?
5. Why bother?
Historically in financial institutions, risk functions such as legal,
compliance, audit, credit risk and market risk
Operational risk was generally the responsibility of business
units as part of their daily activities. Risk management was
focused primarily on financial, predictable and quantifiable
risks related to loss prevention.
Since the 1980s, risk management has evolved to include
corporate governance, alignment to strategic objectives,
capital adequacy and stakeholder value. Additionally,
regular discussions on risk management started
appearing on corporate board agendas.
6. NO WONDER FEW BOTHER !!!!
Complex Event
Processing –
Analysing streams of
information from
multiple sources and
deriving a conclusion
Monte Carlo
simulations- essentially
calculation of
probability using
computer algorithms
7. Occam's razor (also written as Ockham's razor from William of Ockham, and in Latin lex
parsimoniae) is a principle of economy, or succinctness used in logic and
problem-solving.
It states that among competing hypotheses, the hypothesis with the fewest
assumptions should be selected.
The razor states that one should proceed to simpler theories until
simplicity can be traded for greater explanatory power.
The simplest available theory need not be most accurate.
Occam’s Razor
KISS
KEEP IT SIMPLE STUPID !!!!!
9. ISO 31000:2009 can be applied throughout the life of an
organization, and to a wide range of activities, including
strategies and decisions, operations, processes, functions,
projects, products, services and assets.
ISO 31000:2009 can be applied to any type of risk, whatever
its nature, whether having positive or negative consequences.
IS THERE A STANDARD?
10. ISO 30001 – What does it say ?
Risk management; “coordinated activities to direct and
control and organization with regard to risk”
Risk management process; “systematic application of
management policies, procedures and practices to the tasks of
communication, consultation, establishing the context,
identifying, analysing, evaluating, treating, monitoring and
reviewing risk”
11. ISO 31000:2009 provides generic guidelines for the design,
implementation and maintenance of risk management processes
throughout an organization.
The scope of this approach to risk management is to enable all
strategic, management and operational tasks of an organization
throughout projects, functions, and processes to be aligned to a
common set of risk management objectives.
ISO 31000:2009 is intended for a broad stakeholder group
including:executive level stakeholders appointment holders in the
enterprise risk management group risk analysts and management
officers line managers and project managers compliance and internal
auditors independent practitioners.
ISO 30001 – What does it say ?(2)
16. What is Risk Management
A systematic approach to the identification,
prioritisation and elimination of risk
17. Whose it for?
All Clients and all developments and schemes
involve some degree of risk
18. When do you start?
At the earliest possible moment. This process provides the
Client with an opportunity to ensure his scheme is aligned
with his business plan and he achieves his objectives in a
controlled manner
19. What do you do?
1. Identification
2. Prioritisation
3. Give Ownership
4. Draw up action plan
5. Decide objective
6. Decide date for action
7. Review progress & actions
8. Seek and gather feedback
9. Keep live, flexible & responsive to
change
10. Record outcome for future use
20. What do you do?
Brain Storming
Involve all Parties
21. What do you do?
Lots of ways to do this e.g. Monte Carlo
simulations
But best way is to score out of 20 the following
•Likely impact
•Likelihood of occurrence
•Use of common sense
22. What do you do?
Likely impact
• Monetary
• Descriptive – Catastrophic, critical, serious,
irritating, minor problem
Likelihood of occurrence
• Highly likely, More likely, likely, might happen,
unlikely
24. What do you do?
Unless a Company and an individual is
allocated a risk to manage it will not happen
The person / company allocated a risk must
be the person best able to manage it
25. What do you do?
Must be CLEAR and SMART ( specific,
measurable, agreed, realistic & time framed
Costs involved, (if any), must be understood
Be clear on objective –risk to be shared,
passed on, eliminated, insured, controlled
26. What do you do?
Regular reviews are essential of top priority
risks say for this month & next month
27. What do you do?
The risk process must be able to add
new risks, change priorities &
respond to changing circumstances
A record of solutions should be kept
to build a database for future use
28. Item
No
Description of Risk
Prioritisation (Score A & B out of
20)
Ownership
Action
Probability of
occurrence (A)
Likely
Impact
(B)
Risk
Score
(AxB)
Company Name
Cost (£)
To be done (Date)
Feedback
FURTHER ACTION
THE RISK REGISTER – SAMPLE FORMAT