Strategic risk management


Published on

Published in: Business, Economy & Finance

Strategic risk management

  1. 1. Rejoy.SirvelExecutive MBAEmail – rejoy.sirvel@yahoo.comTable of Contents 1. Executive Summary …………………………………………………………..………..4 2. Introduction to Risk Management ………………………………………….….……..4 2.1 Examples of the drivers of key Risks …………………………………………….…5 3. Types of Possible Risk @ Marriott Sprowston Manor Hotel ……………………….6 3.1 Risk Chart …………………………………………………………………………..10 3.2 Risk Table………………………………………………………………………...…10 4. Purpose of Strategic Plan ……………………………………………………………..13 4.1 Status of Strategy Plan ………………………….…………………………………..13 4.2 Key Issues …………………………………………………………………………..14 5. ERM Framework for Marriott Sprowston Manor Hotel …………………………..15 5.1 Enterprise Risk Management Framework Objectives…………………………...….18 5.2 Enterprise Risk Management Key Concepts ………………………………...……..19 5.3 Implementation of Enterprise Risk Management Process ………………………….21 5.4 ERM Communication and Consultation ………………………………………...…22 5.5 Roles & Responsibilities ………………………………………………………...…23 1
  2. 2. 6. Risk Mitigation Action Plan & Responsibilities…………………………………..…24 7. Business Continuity Plan……………………….……………………………………..29 8. Conclusion……………………………………….…………………………………..…30 9. References……………………………………….…………………………………..…30Table of FiguresRisk Chart -- Figure 1 ……………………………………………………………………..10ERM Framework -- Figure 2 ……………………………………………………………..15ERM Process -- Figure 3 ………………………………………………………………….21Risk Matrix -- Figure 4 ……………………………………………………………………22 2
  3. 3. 1. Executive SummaryThis report has designed a strategic risk management plan for Marriott Sprowston Manor Hotelin Norwich. The objective of the strategic risk management plan is to manage the Hotel riskswiftly and effectively to an interruption to normal business operations, protecting the associatesand assets of the hotel, and ensuring the continuity of critical business functions.Enterprise risk management framework is used as a strategy to develop the plan for Hotel to dealwith risk and opportunities by enterprise risk management process. Enterprise risk managementprocess helps to ensure effective reporting and compliance with laws and regulations, and helpsavoid damage to the business reputation and associated consequences. This report shows howenterprise risk management helps the Hotel to achieve its objectives and get to where it wants togo and avoid pitfalls and surprises along the way. 2. Introduction to Risk ManagementRisk can be defined as combination of the probability of an event and its consequences. In alltypes of understanding, there is the potential for events and consequences that constituteopportunities for benefit and threats to success.Risk Management is increasingly recognized as being concerned with both positive and negativeaspects of risk. Therefore this standard considers risk from both perspectives.Risk Management is a central part of any organizations strategic management. It is the processwhereby organizations methodically address the risks attaching to their activities with the goal ofachieving sustained benefit within each activity and across the portfolio of all activities.The focus of good risk management is the identification and treatment of these risks. Itsobjective is to add maximum sustainable value to all the activities of the organization. It 3
  4. 4. increases the probability of success, and reduces both the probability of failure and theuncertainty of achieving the organizations overall objectives.It must be integrated into the culture of the organization with an effective policy and aprogramme led by the most senior management. It must translate the strategy into tactical andoperational objectives, assigning responsibility throughout the organization with each managerand employee responsible for the management of risk as part of their job description. It supportsaccountability, performance measurement and reward, thus promoting operational efficiency atall levels.2.1 Examples of the drivers of key RisksFinancial Risk Strategic RisksExternally DrivenExternally Driven  Competition  Interest Rates  Customer Changes  Foreign Exchange  Industry Changes  Credit  Customer DemandInternally Driven Internally Driven  Liquidity & Cash Flow  Research & Development  Accounting ControlsOperational Risk Hazard RisksExternally Driven Externally Driven  Regulations  Natural Events  Culture  EnvironmentInternally Driven  Suppliers 4
  5. 5.  Information Systems / Supply Chain Internally Driven - - Products & Services 3. Types of Possible Risk @ Marriott Sprowston Manor HotelThere are various ways to think about risk, and one of the more comprehensive approaches tocategorize risks into four quadrants A. Financial RiskFinancial risk for the hotel concerns money, including capital availability, cash-flowmanagement, investment evaluation and credit default. Following types of financial risk;  Global Economic Crisis RiskEconomic conditions continue to challenge hotel to achieve business and profit margins. Due toeconomic downturn it is becoming difficult for the hotel to maintain Marriott brand as a lesseramount of capital given to run the operation. As lack of spending by customers has created a bigrisk to the hotel to achieve targeted sales and revenue to run the hotel. Example - The newgovernment plans of budget cuts in public sector has affected hotel adversely, as public sectorsuch as Norfolk county council do not hold any events or conferences at the hotel. This has takenoff a huge profit making business of the hotel. While the global economy is not a free fall as itwas, it will be a challenge for the hotel to remain profitable and successful in next 5 years. B. Strategic RiskStrategic risk arises out of volatility in the hospitality industry, market changes and challenges tobrand and reputation; may include leadership, competition and owner. Following types ofstrategic risk;  Competition RiskIncreasing number of competitors in Norfolk has created a significant risk to the hotel. It isimportant for Marriott to perform well and to be competitive in fast growing market. Norfolk 5
  6. 6. have number of different branded hotels providing high quality of service to guest and offeringcompetitive rates to customers to achieve business. Due to increasing competition in Norfolk thebusiness at hotel is declining and it’s has created more complexity for Marriott to attract morecustomers and gain business. Because of the recession corporate companies are spending lessand looking to move their business to different hotels for possible competitive rates. It will be achallenge for Marriott to gain more business and remain competitive in increasing competition.  Reputational RiskManaging reputational risk is a paramount concern for any organization that has valuable brands;and brand value is the one of the most important asset. Reputation is very significant for the hotelto be competitive in fast growing market. Reputation risk is becoming a key source ofcompetitive advantage as products / services become less differentiated. Failure to provide highquality of service according to set Marriott brand standards and dissatisfying customer needscould impair bad hotel reputation. It’s very important for the hotel to focus on how to enhanceand protect that asset C. Operational RiskOperational risk arises out of the daily operations at the hotel and, ultimately, affects bottom line;includes the traditionally insurable risks, such as fire, natural disasters, guest and associateinjuries and theft at the hotel; also include many uninsurable risks, such as guest and employeesatisfaction, information security and efficiency in operating the hotel. Following types ofoperational risk;  Technology RiskA failure to keep pace with developments in technology could damage operation or competitiveposition. Hospitality industry continue to demand the use of sophisticated technology andsystems, including those used for reservation, revenue management and property managementsystems and technologies that are available for guest during their stay. These technologies andsystems must be refined, updated or replaced with more advanced systems on a regular basis. If 6
  7. 7. hotel is unable to do so as quickly as competitors or within budgeted costs then business couldsuffer.  Increasing Cost RiskHigh inflation rate and changes in tax and other laws and regulations could reduce profitmargins, and increase the hotel running cost. Example - Food prices are increasing dramaticallywhich has become difficult for the hotel to achieve food cost of sales. According to Marriottstandards it is very important for the hotel to deliver high quality of food to guest and meetexpectations. It has become inflexible for hotel to control the cost of sales and achieve targetedprofit margins. Due to increasing cost and limited budget to spend, it will be a challenge for thehotel to sustain profit margins.  Associates (Employees) RiskIf Marriott cannot attract and retain talented associates then business could suffer. Marriottcompete with other companies both within and outside of industry for talented personnel. Ifunable to recruit, train, develop, and retain sufficient numbers of talented associates, hotel couldexperience increased associate turnover, decreased guest satisfaction, low morale, inefficiency,or internal control failures, Insufficient numbers of talented associate could also limit the abilityto grow and expand business.  Hazards RiskHotels. Large or small, rural or city based, can be hazardous places. The following detailshighlight some of the hazards and risks that might exist in hotel. They are by no meansexhaustive and will vary depending on the particular business. 7
  8. 8. Main Types of Hazards 1. Natural Hazards 2. Technical Hazards  Flooding  Power failure/fluctuation  Fire  HVAC failure  Earthquakes  Computer hardware failure  Tornadoes  Computer software failure  Hurricanes  Gas leaks  Winter storms  Transportation accidents (chemical/bio- hazard spills) D. Compliance RiskCompliance risk such as traditional contract and regulatory compliance; also focuses on accurateand timely financial reporting, adherence to company policies, and workplace health and safety.It’s Important for a risk manager to manage the hotel’s risk productively. In doing so, itcan make difference in hotel’s bottom line, while at the same time protecting the reputationof Marriott brand. 8
  9. 9. 3.1 Risk Chart C. A. D. B. Figure 13.2 Risk TableNumbers Types of Risk Impact / Likelihood A Financial Crisis  Global Economic Crisis Very High / Almost Certain Risk 9
  10. 10. B Strategic Risk  Competition Risk High / Likely  Reputational Risk C Operational Risk  Technology Risk  Increasing Cost Risk Very High / likely  Associate (Employee) Risk  Hazards Risk D Compliance Risk High / ModerateA. Examples of range of operating risk common to the Hotel.The profitability of the hotels that may be adversely affected by a number of factors that includes  Pricing strategies of competitors  The availability of and demand for hotel rooms  International, national and regional economic and geopolitical conditions  The impact of war, actual or threatened terrorist activity and heightened travel security measures instituted in response to war, terrorist activity or threats  The desirability of particular locations and changes in travel patterns  The occurrence of natural disasters, such as earthquakes, tsunamis, and hurricanes  Taxes and government regulations that influence or determine wages, prices, interest rates, construction procedures and costs 10
  11. 11.  The availability and cost of capital to allow hotel and potential hotel owners and joint venture partners to fund investments  Regional and national development of competing properties  Foreign currency exchange fluctuations  Increases in wages and other labor costs, energy, healthcare, insurance, transportation and fuel and other expensesB. Examples of risk (incidents) that cause direct and indirect disruptions to theHotel business  Disruption to hotel business can occur through many Direct & in-Direct means  Whilst intentional security related incidents such as Criminal & Terrorism, many other serious disruptions are created though unintentional Accidental, Climate or Environmental incidents and disasters  An organization may become a ‘Proximity Victim’ from an un – related external threat or incidentDirect Disruption Examples Indirect Disruption Examples  Crime/Fraud/ Terrorism  External Financial Crisis  Fire  Pandemic Issue  Flooding  Currency Fluctuation  Bomb threat  Legislative Practices  IT Failure  Adverse Weather Conditions  Power Outage  Transport Disruptions  High Security Alert  Industrial Action 4. Purpose of Strategic Plan 11
  12. 12. The Strategic plan aims to identify the main objectives and activities that Marriott SprowstonManor Hotel will focus on over the next five years.The most significant issues to be addressed are:-  The development of a risk culture  The integration of ‘risk’ as a factor in decision making  The importance of the risk management system to the future viability of the HotelKey recommendations are:-  That Marriott Approve the strategy plan.4.1 Status of Strategy PlanBasic information about the strategy is contained in the table.Strategy effective from this date Jan 2011Strategy Covers this period Jan 2011 to Jan 2016Strategy approved by General Manager / Cluster GMStrategy to be adopted by the Hotel Jan 2011Person Accountable for this strategy Human Resources Manager1st Person to contact about this strategy Human Resources ManagerStakeholders to consult with (minimum) GM, Executive Directors, Managers, StaffPerformance will be reported through Management PlanThis strategy must be reviewed at least AnnuallyThis Plan is an integral support document for the organization and guide for the Hotel and policymaking in the area of risk management.4.2 Key Issues 12
  13. 13. Strengths :- Opportunities :-  Well Managed  integration of current systems with risk management  Financially Sound operation  Utilization of talented staff  More awareness of risk management standards over recent years  Regular committee meetingsWeaknesses :- Threats :-  Process documentation in risk  Bad risk may occur due to lack of management is lacking process documentation  Lack of knowledge at a supervisor level  Poor Decision making as a result of not regarding risk management enough emphasis on risk analysis  Resources appear to be inadequate in  Risk of bad reputation as not the risk management areas maintaining the brand standards.  Recording important information 5. ERM Framework for Marriott Sprowston Manor Hotel 13
  14. 14. ERM Framework -- Figure 2This enterprise risk management strategy is chosen for the Marriott Sprowston Manor hotel todeal with risks and opportunities and to manage risk by enterprise risk management process.With the enterprise risk management framework, it will enable Marriott to mitigate risk for thesmooth flow of business.Risk Management is important to the operations of the hotel. The identification, assessment andcontrol of all risks are important to the successful achievement of the hotel’s vision and mission.An important part of the enterprise risk management strategy is the development of processes forthe smooth flow of business. As a Marriott brand it is important for the hotel to maintain thestandards and provide high quality of service to customer, and maintain the reputation risk.Marriott Sprowston Hotel is subject to various risks that could have a negative effect on thecompany and its financial condition. Marriott considers the skills, resources and technologyrequired to manage and monitor risk exposures in the context of risk appetite. It does this byhelping staff to understand the relative significance of the risks faced by the hotel and thus betterpriorities risk monitoring and control activities. The aim of the plan is to plot the risk for thehotel for next 5 years that might impact on adverse incidents and may interrupt normal business 14
  15. 15. operations. This plan will show the implementation of strategies in hotel operation for efficientflow during the 5 years period.Example --Marriott recognizes that it is too late to plan an effective response to an adverse incidentand resulting business interruption once the incident has occurred.The extraordinary events that have occurred since September 2001 have only served to reemphasize the need and to be prepared to respond to old as well as new challenges to theworld in which it operate. As the old adage tells, ‘Failing to Prepare is Preparing to Fail’Enterprise business risk is defined as threats to the organizations capability to achieve itsobjectives and execute its business strategies successfully. The organizations value creationobjectives define the context for managements determination of risk management goals andobjectives which, in turn, drive and focus the process of managing business risk.The top face of the cube in figure 2 indicates that enterprise risk management spans thehotels decision making process both strategically and it’s day to day operation. Enterpriserisk management is also integrated into the hotel’s reporting structure and all that it doesto meet compliance. The right hand side of the cube demonstrates that enterprise riskmanagement is considered throughout all levels of the hotel. The eight interrelatedcomponents represented on the front face of the cube form the basis for establishing andputting enterprise risk management into practice at the hotel. Each component is describedin more detail as follows;Internal Environment – The internal environment comprises the Hotel’s history, culture,values, organizational structure, strategy, policies and procedures. It forms the foundation for 15
  16. 16. defining the hotel’s risk approach and risk appetite.Objective Setting – The objective setting is the process of determining the strategic objectivesfor the Hotel and its risk strategy. The Hotel’s risk tolerance and the alignment between its riskappetite and its objectives form part of the overall hotel strategy.Event Identification – Event identification describes those developments either or external tothe Hotel that could significantly affect its ability to meet its strategic objectives, eitherpositively or negatively. In order to assure that the full scope of the Hotel is considered, eventand trend identification is done broadly engaging the management team.Risk Assessment – Risk Assessment describes the extent to which potential events and trendsmight affect Hotel’s objectives. Events and trends are assessed by two criteria – impact andlikelihood. Risk assessment can be done by qualitative or quantitative methods. Inherent andresidual risk assessments are employed. Both positive and negative impacts of events should beexamined.Risk Response – The risk response is assessed for each risk event and trend by considering theHotel’s risk tolerance. Typical risk responses considered for a risk event include avoidance,reduction, transferring, sharing or acceptance.Control Activities – Control activities include the policies, procedures, reporting and initiativesperformed by the Hotel to ensure that the desired risk response is carried out. These activitiestake place at all levels and functions of the hotel.Information and Communication – Hotel information and communication regarding riskmanagement is identified, captured and communicated broadly to enable all personnel to deliveron their responsibilities. 16
  17. 17. Monitoring – Monitoring refers to managing risk in the course of day to day operations.Periodic evaluations where management defines the scope, methodology and frequency are doneto ensure currency of information in the Hotel business.Enterprise risk management is not strictly a serial process, where one component affects only thenext. It is a multinational, iterative process in which almost any component can and doesinfluence another.5.1 Enterprise Risk Management Framework ObjectivesEnterprise risk management through the application of the framework objectives aids in theachievement of the Hotel strategic priorities and advances the management practices at the hotelspecially, the ERM framework objectives are to:A. Incorporate a consistent approach to risk management into the culture and strategic planningprocess of the hotel, supporting the setting of priorities and making of decision making at themanagement level within the operation.B. Apply a consistent approach to risk response and control activities to support the hotelgovernance responsibilities for innovation and responsible risk taking, policy development,programs and objectives. In all cases appropriate measures will be put in place to addressunfavorable impacts from risks and favorable benefits from opportunities.C. Manage a transparent approach to risk through formal and informal communication andmonitoring of all key risks, balancing the cost of managing the risk with the anticipated benefit.Risk management practices will be adapted to encompass best practices, specific circumstancesand mandate.5.2 Enterprise Risk Management Key Concepts 17
  18. 18. A hotel has complicated operations generating a risk that is broad and diverse. Risk is defined asthose potential events and trends that may significantly affect the hotel’s ability to achieve itsstrategic goals or maintain its operation either positively or negatively. Once the event or trendhappens, it is no longer a risk; rather it is an issue for the hotel to deal with.Good Managers address risk by implicitly building it into their programming and decisionmaking. The enterprise risk management framework is a methodology that formalizes riskmanagement and provides an all encompassing view of risk in order to aid in the operation of thehotel.A. The enterprise risk manager facilitates achieving the hotel’s strategic objectives by bringing asystematic approach to evaluating and improving the effectiveness of risk management andcontrol.B. All risks facing the hotel whether quantifiable or not is to be considered. Several types of riskthat are not easily quantified can potentially hold significant impact on a hotel, e.g. reputation,customer experience.C. All risks facing the hotel will be evaluated based on the likelihood of the risk occurring aswell as the impact on the Hotel if the risk event were to occur. The likelihood and impact of eachrisks is evaluated both at an inherent (without Management) and residual (with Management)level.D. The following elements are essential when managing risk:-1. Assurance: - Stakeholders are assured that risk is being managed within the hotel’s risktolerance and receive information regarding the quality and type of control in place.2. Oversight and responsibility: - All critical risks facing the hotel have been identified,managed and reported on at a level and frequency that support the hotel’s risk tolerance. 18
  19. 19. 3. Ownership: - Risks owners are assigned and understand their responsibility for management,oversight and assurance.E. Risk response for identified risks will be assessed according to the hotel’s risk appetite.The Five possible risk responses are to:- o Avoid (eliminate) the risk; o Reduce (mitigate) the risk; o Transfer the risk (e.g. insurance); o Share the risk; or, o Accept the risk.F. A formal or informal evaluation of risk will be considered depending on the scope of thedecision or action taken at the Hotel. This will be done both at the onset and throughout the lifeof the decision or action. Where applicable and quantifiable, the expected cost of the risk will beconsidered in the business case used in the decision and evaluation process.G. There will be a desire to learn from events that have transpired – the risk management processis a cycle where experience providers key information for new decision and actions. Open andappropriate communication of results and lessons learned is required to facilitate learning.H. The hotel business risk will be evaluated annually. New risks will be considered. Risks nolonger relevant will be removed. The risk will be refreshed by rating the likelihood and impactfor each risk. The information is used to prioritize the risks and this in turn flows into the Hotel’sbusiness planning cycle.5.3 Implementation of Enterprise Risk Management ProcessThe hotel process for risk management is shown below in figure 3 and is simply a flow chart ofexpression of the front face of the cube shown in Figure 2. The process is continues and can beapplied at the hotel business level. 19
  20. 20. InternalEnvironmentObjective Event Risk Risk Information / setting identification Assessment Response Communicati on Control Monitoring Activities ERM Process -- Figure 3A. ERM Risk Matrix and corresponding Management ActionRisk is evaluated by two criteria – likelihood and Impact. Figure 4 displays a matrix thatgraphically represents impact and likelihood of each risk, as well as the correspondingManagement action. The Color gradient from green (low) to red (high) provides a comparativelevel of priority when evaluating the hotel’s risk. The matrix is used to evaluate risk at theinherent (without management) and residual (with management) levels. The correspondingManagement action suggests the appropriate response for risk assessed in that area of the matrix.B. Risk Matrix and Corresponding Management Action Risk Management Actions Impact Considerable Must manage Extensive Significant management and management required monitor risks essential Moderate Risks may be Management Management worth effort effort 20
  21. 21. accepting with worthwhile required monitoring Minor Accept Accept, Manage and risk but monitor monitor risk risks Low Medium High 36 month 18 to 36 months 12-18 months Likelihood Risk Matrix -- Figure 45.4 ERM Communication and ConsultationEffective enterprise risk management requires information to be obtained of the hotel foridentifying, assessing and responding risk. Consultation will be as broad as possible within thehotel business and use a variety of approaches. Hotel personnel will be encouraged to identifyrisks that are both internal and external to the business. The knowledge gained through ERM willbe communicated in a relevant form and timeframe enabling Hotel personnel to carry out theirresponsibilities while incorporating risk management.5.5 Roles & ResponsibilitiesEveryone in an entity has some responsibility for enterprise risk management. The generalmanager of the hotel is ultimately responsible and should assume ownership. Other Managerssupport the hotel’s risk management philosophy; promote compliance with its risk appetite andmange risks within their spheres of responsibility consistent with risk tolerance. A risk officer,financial officer, internal auditor and others usually have key support responsibilities. Otherentity personnel are responsible for executing enterprise risk management in accordance withestablished directives and protocols. The general manager provides important oversight toenterprise risk management, and is aware of and concurs with the entity’s risk appetite. Anumber of external parties, such as customers, vendors, business partners, external auditors,regulators and financial analysts often provide information useful in effecting enterprise risk 21
  22. 22. management, but they are not responsible for the effectiveness of, nor are they a part of, theentity’s enterprise risk management. Position Responsibilities The General Manager should discuss with the Executive Directors the state of the hotel’s enterprise risk management and provide oversight General Manager as needed. The GM should ensure it is apprised of the most significant risks, along with actions management is taking and how it is ensuring effective enterprise risk management. The General Manager should consider seeking input from internal auditors and external auditors and others. The study suggests that Executive Directors assess the hotels Executive Directors enterprise risk management capabilities. In one approach the Executive Directors brings together business unit heads and key functional staff to discuss an initial assessment of enterprise risk management capabilities and effectiveness. Whatever its form, an initial assessment should determine whether there is a need for and how to proceed with, a broader, more in dept evaluation. Managers and other Personnel should consider how they are Managers & other conducting their responsibilities in light of this framework and discuss Personnel’s with more senior personnel ideas for strengthening enterprise risk management. Internal auditors should consider the breadth of their focus on enterprise risk management.With this foundation for mutual understanding, all parties will be able to speak a commonlanguage and communicate more effectively. Management will be positioned to assess the hotelenterprise risk management process against a standard, and strengthen the process and move theenterprise toward established goals. 6. Risk Mitigation Action Plan & Responsibilities 22
  23. 23. Focus Area & Actions Who WhenA. Financial Risk :-  Economic and Financial Crisis Risk 01/11 / Review between Jan  To enhance technology and revenue General Manager / Executive 2011 – Jan management tool that will enable to Directors 2016) monitor and respond quickly to the changing landscape Annually General Manager / Executive Review between  Reduce investment in business Directors (Jan2011 – Jan expansion 2016)  To preserve profit margin lines by Quarterly driving revenue, increasing market Review between share and managing costs and debt, General Manager / Executive (Jan 2011 – Jan this is important to keep the business Directors 2016) healthy and preserve as many jobs as possible.  Develop promotions and sales Monthly review strategies to help hotel to drive between (Jan General Manager / Director incremental revenue and capture 2011 – Jan of Sales greater market share 2016)  Cancel bonuses of all head of Annually General Manager / Finance Review between departments within the hotel that will 23
  24. 24. help to cover the debt Director (Jan 2011 – Jan 2016)B. Strategic Risk :-  Competition Risk 01/11 / Review Between (Jan  Implement pricing strategy tool and General Manager / Executive 2011 – Jan offer competitive prices to customers Directors 2016)  Develop effective marketing plan to Annually be successful in the competitive Director of Sales review between market (Jan 2011 – Jan 2016)  To understand strengths & Quarterly weaknesses of the hotels in Director of Sales/ Sales review between competitive set and classify the hotels Executive / Sales Team (Jan 2011 – Jan unique features to sell the product and 2016 ) winning the competition Monthly review General Manager / Executive  To offer discounted rates to customer Directors between (Jan to gain business 2011 – Jan 2016  Provide high quality and standard Daily review service to customers and satisfy needs Managers / Team Leaders between (Jan in order to be competitive in market. 2011 – Jan 2016)  Reputational Risk Regular review  Develop good brand image in order to General Manager / Executive between (Jan be competitive in market 24
  25. 25.  Provide high quality of service to Directors 2011 – Jan 2016 guest and satisfy needs for excellent Hotel Associates Regular review reputation between (Jan  Manage guest complaints effectively 2011 – Jan 2016 so it doesn’t affect the reputation General Manager / Executive Regular review Directors between (Jan 2011 – Jan 2016C. Operational Risk :-  Technology Risk Regular review between (Jan  Improve technology and systems, and Information Resources 2011 – Jan 2016 update or replace to advanced system Manager on regular basis  Provide training to all the associates Regular review Information Resources and its importance for business between (Jan Manager 2011 – Jan 2016  Increasing Cost Risk 01/11/ review  Implement tool to minimize cost and General Manager / Director between (Jan to increase revenue of Finance 2011 – Jan 2016  Review and control costs for smooth General Manager / Director Regular review functioning of business and to meet of Finance between (Jan profit margin line. 2011 – Jan 2016  To reduce capital expenditure and Annually other miscellaneous costs General Manager / Director review between of Finance  Associates (Employees) Risk (Jan 2011 – Jan 25
  26. 26.  Hire talented associates for business 2016) development Regular review Provide training to associates on between (Jan General Manager / Executive regular intervals to offer standardized 2011 – Jan Directors service and satisfy customer 2016) expectations To look after associates and in turn Regular review associates will look after customers General Manager / Executive between (Jan and increase business Director 2011 – Jan Hazard Risk 2016) Implement policies and procedures to minimize harm to associates and visitors and to control and mitigate damage to property and equipment Procedures for evacuation and 01/11 / review assembly point at hotel between (Jan Loss & Prevention Director 2011 – Jan Implement Procedures to contain the 2016) operational, service and public image impacts of an adverse incident and to manage and communicate information regarding the incident. 26
  27. 27. D. Compliance Risk :-  Policies & procedures to ensure health Quarterly safety standards are maintained review between Loss & Prevention Director (Jan 2011 – Jan  Conduct Health & Safety audit to 2016) meet the compliance7. Business Continuity PlanBusiness continuity plan is a strategic plan that can also be used to manage risk and achievinggoals & objectives of the hotel.Business Continuity Planning can be defined as a process which provides for the continuation ofcritical business functions regardless of any event (called an Adverse Incident) that may interruptnormal business operations. In the words the Companys Business Continuity is:A process that can be implemented by Marriott management to ensure that Adverse Incidents areresponded to appropriately and timely, and, if the Adverse Incidents result in a businessinterruption, to ensure the timely resumption of Mission Critical processes in a prioritized andpre-planned manner.Marriotts can compose a Business Continuity Program in four interdependent components,which can together ensure a timely and appropriate response to an Adverse Incident:A. Emergency Response: –Procedures to minimize harm to customers and associates and damage to facilities andequipmentB. Crisis Management:-Procedures to contain the operational, service and public image impacts of an Adverse Incidentand manage and communicate information. 27
  28. 28. C. Disaster Recovery: -Procedures to ensure the availability of mission critical computer systems, applications andtelecommunicationsD. Business Resumption:-Procedures to ensure the continuity and/or resumption of business operations in the event of apartial or complete closure of a Marriott-managed property or corporate office.The above four components will enable Marriott hotel to respond swiftly and effectively to aninterruption to normal business operation, protecting associates and assets, and ensuring thecontinuity of critical business functions. 8. ConclusionThis report has developed the strategic risk management plan for Marriott Sprowston Manorhotel to manage the hotel business risk and mitigating the risk. The main aim was to devise astrategic risk management plan for next 5 years. The pan has developed an Enterprise riskmanagement strategy to respond the hotel risk effectively within a specific risk category.Every step has taken to ensure that there was continuity throughout the whole plan and each riskmanagement elements are explained in detail. This will enable to understand each and every stepof risk management plan clearly. Continue assessment of all the modes will make the strategicrisk management plan successful and protect the Marriott brand in the fast growing hospitalityindustry. 9. References1. Strategic Risk – Risk management & different types of risk in business – (Viewed 24thNov)<> 28
  29. 29. 2. The Risk Management Universe: A Guided Tour by David Hillson – Risk managementbest practices and future development, understanding risk, (Viewed Nov 2010)3. World Economic Forum – Global Risk Report 2010 – (Viewed 26rd Nov 2010)<>4. IRM -- Risk Management Standard – (Viewed 28th Nov, 2010)< Enterprise Risk Management – Integrated Framework - (Viewed 29th Nov 2010)<>6. Marriott Global Source MGS – Risk Management Strategy and Process – (Viewed 1stDec 2010)<>7. Lecture Notes 29