Risk is the probability of unwanted outcome happening
Risk is at three levels of an organisation
The strategic level;
The managerial level; and
The operational level
2. Introduction
• Risk is the probability of unwanted
outcome happening
• Risk is at three levels of an organisation
The strategic level;
The managerial level; and
The operational level
3. Risk Management
• Risk Management refers to:
The process by which an organisation
sets the risk tolerance,
identifies potential risks,
4. Risk Management
Prioritises the tolerance for risk based
on the organisation’s business
objectives, and
Manages and mitigates risks
throughout the organisation
5. Risk Management
• At the strategic level, the risks include:-
Exposure to challenges in the market,
Hostile take-over bids,
Significant economic, political, or
financial changes globally
6. Risk Management
• Managerial level risk policy should
identify and determine a response to
risks such as:-
Product hazards,
Corporate fraud,
Environmental pollution
8. Risk Management
• Every organisation has a duty to ensure
that significant risks facing the
organisation are recognised.
Risk assessment systems operate
efficiently,
Risk evaluation procedures are developed
and work
9. Risk Management
Risk monitoring systems are robust,
efficient and effective,
Business continuity strategies and risk
management policies exist, are regularly
up-dated and applied in practice
11. Four Phases to the Process
• Identify the possible risks
• Assess those risks
• Control the risks
• Monitor the risks
12. Identify the possible risks
• Identify the potential risks that might be
associated with the procurement.
• This list should be dynamic and added to as
the process proceeds and new risks are
identified.
13. Identify the possible risks- Sources
of risks
• Insufficient funding delaying the procurement
or even requiring a re-tender
• Timescales for tendering that are impractical -
this can result in too few suppliers
responding if they are given insufficient time
to prepare a bid
14. Identify the possible risks- Sources
of risks
• Insufficient market research resulting in not
all potential suppliers being identified and
invited to bid
• Choosing an inappropriate procurement
method - this can result in suppliers not
providing bids that are value for money
15. Identify the possible risks- Sources
of risks
• Using terms and conditions that are not
acceptable to suppliers - this can result in too
few bids
• Perceived bias or lack of confidentiality from
the procurement team - this can result in
suppliers withdrawing their bids
16. Identify the possible risks- Sources
of risks
• No response from suppliers who are known
to be capable of providing a quality product
or service - this can result in a lack of
competition
17. Assess the risks
• For each of the risks identified, the team
needs to establish three things.
The impact of the risk if it was to occur
The likelihood of the risk being detected
before it causes any damage
The likelihood of the risk being eliminated
18. Assess the risk
• Another way to prioritise risks is to give each
of the three factors (likelihood of detection,
likelihood of elimination and impact) a score
from one to ten with the scale ranging as
follows
19. Assess the risk
• One (low impact) to ten (high impact) for the effect
the risk could have.
• One (high probability) to ten (low probability) for the
likelihood of detecting the risk.
• One (low probability) to ten (high probability) for the
likelihood of being able to eliminate the risk once it
has been detected and before the impact has taken
effect.
20. Control the risks
• The next step in managing risks is to control the
risks by identify any mitigating actions.
• There are four basic ways to mitigate risks
Tolerate the risk
Treat the risk
Transfer the risk
Terminate the risk
21. Monitor the risks
• A register is normally used to monitor risk
• The register list each of the risks identified
together with the following;
A unique identifier for each risk.
The date the risk was identified.
The allocated owner of the risk
22. Monitor the risks
A description of the risk.
The assessment for the risk based on
potential impact if the risk occurs
The action to be taken to mitigate the risk.
The date when the risk will be next reviewed
23. Risk Areas in Public Procurement
• In public procurement, risk can be
identified at any stage in the
procurement Process
• The procurement process has about 13
stages as summarized in the next slide
25. Risk Areas in Public Procurement-
examples
• Information e.g. looking for prices
• Favourable treatment
• Expediting procedures
• Terms and conditions issued by CEOs
26. Risk Areas in Public Procurement-
examples
• Law enforcement
• Recruitment and promotions
• Procurement process
• Bid trading – opening and substituting
• Bribery, Gifts and gratuities
27. Risk Areas in Public Procurement-
examples
• Collusion and employees form
companies
• Offers for employment in exchange for
tenders and contracts
• Access to confidential information by
those who do not need to know
28. Risk Areas in Public Procurement-
examples
• Conflict of interest
• Taking official decisions outside the
office
• Improper use of evaluation criteria
• Vendor collusion to win contracts in
turns
29. Risk Areas in Public Procurement-
examples
• Restrictive specifications to bar bidders
• Unfair trade practices (Un clear
instructions to bidders)
30. Developing a Procurement
Checklist/Register
• A checklist of potential procurement
and disposal risks can be developed
following the procurement and disposal
cycle
• Colour codes could be used to classify
the risks identified in the procurement
and disposal process
31. Use of colour codes
• .
Rating colour Description of rating
Critical importance: High severity of impact with a high
likelihood of occurrence. Presence of possible
showstoppers that require immediate action.
Material importance: Moderate severity of impact with
a moderate likelihood of occurrence. May become
critical if not rectified on a timely basis.
Low risk: Low severity of impact with a low likelihood
of occurrence. Issue is under control and the status quo
should be maintained.
32. Developing a Procurement
Checklist/Register
• Each stage of the procurement process
can be assessed to identify all risks that
could result
• All the identified risks should be
included on risk register and an
assessment of their likelihood and
impact made.
33. Risk Register
Risk Source Probabili
ty
Potential
causes
Likely
conseque
nces
Impact Action
(Possible
Mitigatin
g
Measures
)
34. Procurement Risk Matrix- Exercise
• Use the template below to develop a
procurement risk register for Uganda
Management Institute