Essay Writing Service http://StudyHub.vip/ASSESSING-THE-RELATIONSHIP-EFFECTIVE-RI 👈

1. 1
TIOU KIMAR CLARKE
ID#: UD72908HED82068
Course: RAN 032 Risk Analysis
Research Topic:
What relationship does proper risk assessment have on the success of a business?
The Academic Department
School of Social and Human Studies
In Partial Fulfilment of the Requirement
For the Doctorate in Education
ATLANTIC INTERNATIONAL UNIVERSITY
DECEMBER 2021
www.aiu.edu

2. 2
Table of Content
Introduction ................................................................................................................ 3
Overview of Risk Analysis and Business Development.............................................. 4
Risk Analysis and Management ................................................................................. 6
What is Risk Analysis in Business? ........................................................................ 6
History of Risk Management................................................................................... 9
Types of Risk Analysis.......................................................................................... 13
Assessing the Risk Management Process............................................................ 16
Cost of Risks......................................................................................................... 19
Risk Control.............................................................................................................. 22
Risk control techniques......................................................................................... 22
New Prospective ...................................................................................................... 25
Conclusion ............................................................................................................... 27
References............................................................................................................... 29

3. 3
Introduction
Risk analysis and management is a crucial aspect in the planning of projects
and tasks that will involve the use of various strategies, budgets, and people. Risk is
noted by a reasonable man as anything that could cause the plan to go off course or
become overrun. To fully understand the impact that risk has on any task, one must
first understand what it is, the process of analysing it and the various tools that are
available to help companies overcome the struggle of planning and avoiding risks.
Granted some risks are unavoidable, but what can a company, a team, or even a
person do to avoid unnecessary risks.
This article aims to analyse what is risk and the impact it can have on a
company, a project, even a task. Risk analysis and its processes will be deeply
reviewed to understand the purpose of each step in the process and understand the
various strategies that can be used to mitigate risks. This paper will conclude with a
new definition for risk, risk analysis, and risk mitigation and well as the relationship
that risk, risk analysis, and risk mitigation have in a company, a project, or a task.

4. 4
Overview of Risk Analysis and Business Development
In the world of business, life, and anything that must deal with having more
than one outcome and decision to be made has a factor called risk involved. A risk is
noted to mean the likelihood or probability that a person would be injured or suffer an
undesirable health outcome if exposed to a danger is referred to as risk (Holton,
2004). In finance, risk is defined as the possibility that the real profits from a result or
investment may differ from the expected outcome or return. The danger of losing
part or all of one's initial investment is included in risk. Risk is often quantified by
considering past behaviours and outcomes (Konings, 2016). The analysis of risk and
its impact on various industries is studied as Risk Analysis and Management.
Risk management research began after World War II. Risk management has
long related to the use of market insurance to protect people and businesses from
different accidents-related losses. Other kinds of risk management emerged as
alternatives to market insurance during the 1950s, when market insurance was
thought to be prohibitively expensive and insufficient for protection against pure risk.
Derivatives were first used as risk management tools in the 1970s, and their use
grew dramatically in the 1980s as firms tightened their financial risk management. In
the 1980s, international risk regulation began, and financial institutions created
internal risk management models and capital calculation algorithms to hedge against
unforeseen risks and lower regulatory capital. Concurrently, risk management
governance became critical, integrated risk management was established, and chief
risk officer posts were formed (Aven and Renn, 2010).
While risk is nothing new to organizations, managers are becoming more
conscious of it. Globalisation may have contributed to increased knowledge by

5. 5
exposing people to several types of risk, such as underlying social, economic, and
physical environmental changes (climate change, population movements, and
economic interconnectivity). So, while it is not evident that firms operate in a more
dangerous environment, there is a distinct feeling that the entire risk environment is
different and less understood. This notion of living in a new world has resulted in the
establishment of several risk management principles, frameworks, and standards as
a method of establishing stronger control over risk (Sadgrove, 2016).
Risk analysis is an integral part of any organization, any project, any activity
that may require people assess the various outcomes of decisions made.
Understanding risk analysis and how to implement strategies to guard against risk is
a critical process that needs to be executed regularly in the organization.

6. 6
Risk Analysis and Management
What is Risk Analysis in Business?
Risk analysis is a tried-and-true method of identifying and analysing issues
that might jeopardize the success of a business or project. It enables you to assess
the risks that you or your company face and determine whether to proceed with a
choice (Suh and Han, 2003). Another definition for risk analysis was coined by Jorion
and Khoury (1996) as the process of identifying, measuring, and controlling various
risk exposures. The introduction of derivatives markets has greatly increased our
knowledge of risk. Business from time to time take on different projects to build on
their brand and to generate an income that will aid in them achieving an outcome
aligned with their strategic objectives. In adopting risk analysis practices into a
business, the company seeks to achieve the following objectives as noted in Jorion
and Khoury (1996):
1. Ensure that risk management is consistent with and supportive of the
attainment of strategic and business objectives.
2. Customers should receive high-quality service.
3. Take steps to minimize or mitigate the negative impacts of risk.
4. Wherever possible, minimize the human costs of hazards.
5. Reduce the financial and other negative effects of losses and claims as much
as possible.

7. 7
Risk analysis is important as it allows the company to enjoy the following
benefits (Hubbard, 2020):
1. It is simpler to identify troubled initiatives - Risk management strategies
enable you to identify which projects require attention and where they are
located. Good risk management, when combined with any current Project
Management Office processes, may provide context for understanding project
performance and contribute to any health checks, peer reviews, or audits.
2. There is more high-quality data for decision-making - Senior executives
now have access to higher-quality, more useful data, allowing them to make
more informed judgments about a project's reality. The ability to access risk
information in real time via a project management dashboard ensures that
choices are made based on the most up-to-current data, rather than a report
that is already out of date by the time it reaches the Exec team.
3. Communication is elevated - A well-managed risk raises the level of
discussion. It establishes a talking point between project teams and important
senior stakeholders, pushing them to discuss tough subjects and address
possible sources of friction. Suppliers are often included in the discussions
because risk responses invariably affect their operations. Involving them in
risk management talks may help them develop more good working
relationships with their key staff because they will see that their performance
is linked to the success of the project and that there is a desire to work as a
team to address it.
4. Budgets are less reliant on guessing - Project risk management allows
contingency funds to be more properly predicted and rely less on the project

8. 8
team's professional guesstimates. By adding risk management into schedule
and cost planning, you may build scenarios that will help you budget for extra
time, resources, and money.
5. Escalations are clearer and easy to understand - When a project team is
unable to handle a risk on its own, it must escalate it to senior management
for advice and action. Clear risk management practices eliminate the
uncertainty about when this should occur. A well-defined process ensures that
critical risks are identified and analysed by the appropriate people at the right
time, allowing for early action to solve a possible problem.
Though there are many benefits of applying risk analysis to the operations of
a business, there are criticism that goes towards the practices. Some of the criticism
that were highlighted in Morris et. al, (2020) were:
1. The estimation of qualitative risks is subjective and inconsistent.
2. Improbable occurrences do occur, but if the risk is sufficiently unlikely to
occur, it may be wiser to just maintain the risk and deal with the
consequences if the loss does occur.
3. Too much time spent identifying and controlling uncertain hazards might
distract resources that could be put to better use.
Considering the many criticisms that companies face while using this method
of analysis, it has proven to be a useful tool in many projects especially those
adhering to the risk assessment principle (will be discussed later on) to help them in
achieving success. Employing risk analysis methodologies to any project has better
that weakness per Salar and Salar (2014).

9. 9
History of Risk Management
The notion of risk and risk assessments is not new. More than 2400 years
ago, the Athenians demonstrated their ability to appraise risk before to making
judgments (Bernstein, 1996). However, risk assessment and risk management as a
scientific topic is rather new, having only been around for over 40 years. We witness
the first scientific publications, articles, and conferences discussing core ideas and
principles on how to effectively assess and manage risk throughout this period. To a
considerable degree, these ideas and principles continue to serve as the foundation
for the field today—they serve as the foundation for the risk assessment and
management practices that have been in place since the 1970s and 1980s.
However, the field has advanced significantly since then. New and more complex
risk analysis tools and procedures have been created, and they are currently applied
in most society sectors (Mackenzie et. al., 1992). Overtime, there have been the
growth in speciality groups who have worked on expanding the concept of risk
analysis across many disciplines today. As noted in Hulebak and Schlosser (2002),
the areas where risk analysis as become a major contributor are Dose Response,
Ecological Risk Assessment, Emerging Nanoscale Materials, Engineering and
Infrastructure, Exposure Assessment, Microbial Risk Analysis, Occupational Health
and Safety, Risk Policy and Law, and Security and Defence are some of the topics
that has risk analysis tied to it. Advances in basic issues for the discipline have also
been achieved in recent years, and they are of relevance since they are general and
can affect a wide range of other disciplines. Crockford (1982) noted through research
have deduced that the risk field has two main tasks: (I) performing generic risk
research and development related to concepts, theories, frameworks, approaches,

10. 10
principles, methods, and models to understand, assess, characterize, communicate,
and (in a broad sense) manage/govern risk and (II) using risk assessments and risk
management to study and treat the risk of specific activities (for example, the
operation of an offshore installation or an investment).
Risk analysis and management today form a fundamental aspect of the
effective functioning of any project or business venture. Organizations encounter
internal and external actors and factors that make it difficult to predict whether, when,
and to what degree they will accomplish or surpass their goals. The impact of this
uncertainty on the organization's goals is risk (Endoh et. al., 2013). Many businesses
have added risk management divisions to their teams in recent years. This team's
purpose is to identify hazards, develop methods to mitigate those risks, implement
those tactics, and inspire all corporate members to participate in these initiatives.
Because larger organizations confront greater risks, their risk management
techniques must be more complex. Furthermore, the risk management team
oversees analysing each risk and identifying which are crucial to the organization.
The key risks are those that might have a negative influence on the business; they
should then be given priority and relevance. The overall purpose of risk management
is to ensure that the organization only takes risks that will assist it in achieving its key
objectives while keeping all other risks under control. Risk management positions
have become available because of the current emphasis on risk. Risk management
positions are typically thought of as financial vocations since most of the dangers
that organizations encounter are inextricably linked to the company's financial
condition. Job opportunities in risk management are accessible both inside and
outside. You can work as an internal risk manager for a company or for a risk

11. 11
management firm that provides risk management services to organizations that do
not have in-house risk managers. A bachelor's degree is required to be considered
for risk management employment. An MBA is also required by some industries and
firms. Some risk management credentials will also assist you advance your
profession (Renn et. al., 2019).
Today, there are five trends in risk management that companies are
interested in. These developments can either break or make a company and where it
stands in 21st century business. The issues of risk analysis and management are
(Smith and Merritt, 2020) and (Li et. al., 2021):
1. Data breaches and cyber security - This year, the ever-present risk of
cybercrime reigns supreme on the list of risks to manage. Cyber thieves
progress at the same rate as technology, which is why risk managers and IT
teams must have strict contingency plans and preventative methods in place.
Without these, a cyber assault might harm your company's brand, cause legal
problems, and devastate its financial stability.
2. Inability to innovate using Artificial Intelligence (AI) or Robotic Process
Automation (RPA) (RPA) - Using AI and RPA to optimize and simplify
operations may give you a leg up on your aims and competition – as well as
raise employee happiness. It is critical to grasp the distinctions between AI
and RPA. AI is meant to learn and adapt, and it may assist enhance customer
experience in a variety of ways, including chat bots. According to
ACCENTURE study, 84 percent of CEOs are scared that they will go out of
business if they do not employ AI.

12. 12
3. Analytical breakthroughs - Traditional commercial information technologies
simply cannot keep up with the massive amounts of individualised data we
need to examine. This is where sophisticated analytics comes into play. With
intelligent data interrogation techniques, we may obtain clearer and more
advanced analyses and insights in a fraction of the time it used to take,
consuming less time, and needing less talent and resource. While analytics is
more of an opportunity than a danger, failing to capitalize on RISK
ANALYTICS SOFTWARE innovations that rivals may be using is certainly
risky.
4. Digitalization is lagging - With the increasing number of businesses making
the digital transition, if you aren't already on board, now is the time to jump on
board before your competitors do. Digitization can help to reduce operating
costs, enhance accuracy, and improve customer satisfaction. For example,
operations may become more frictionless and speedier for new and existing
customers, the cloud can make information more accessible and accessible
from anywhere, and it can maximize income by tracking client behaviours and
adapting messaging. Digitization should eliminate wasted time, allowing
employees to focus on more critical company objectives.
5. The dangers of cloud computing - Cloud technology is leading the way in
digitalization, with advantages such as not having to preserve paper trails,
being a convenient central storage file, and being practically available
everywhere via a computer, mobile device, tablet (or any IoT device with an
internet connection). As cloud technology advances, the benefits rise, but so
do the threats. When keeping huge amounts of data and business information
offsite and selecting how to utilize it, data governance and changing

13. 13
regulations should be front of mind. Legislation is becoming more stringent
and less tolerant of those that fail to keep data secure. GDPR is no longer on
its own. Similar concepts are followed by legislation such as the California
Consumer Privacy Act, which went into effect on January 1st, and Brazil's
General Data Protection Law, which will go into effect in August. Greater data
equals more power but keeping it secure and utilizing it legally is a difficulty.
As a risk manager, you must constantly evaluate your data security strategies
and verify privacy features in the cloud. Using software, such as Ventiv's
DATA GOVERNANCE module, can aid in the management of data protection
duties.
In summary, these trends, company needs to ensure that they are up-to-par
with these changes and be sure that all things and in alignment with the new
development. Risk analysis and management is imperative for the growth and
development of any project or business.
Types of Risk Analysis
In businesses, there are two forms of risk analysis and assessment. There are
qualitative risk analysis methodologies and quantitative risk analysis approaches.
Qualitative approaches are commonly utilized by businesses to analyse and manage
day-to-day hazards (Funtowicz and Ravetz, 1985). As a result, they are extensively
utilized methods. Different risk analysis methodologies are utilized depending on the
type of organization, the type of project, and other factors. Experts in risk analysis
and management are generally the ones who know which risk analysis
methodologies are most suited for individual projects. Choosing the proper approach
is also critical since it can influence the project's success rate. Some of the most

14. 14
popular and widely utilized risk analysis approaches are as follows (Aven, 2017) and
(Ayyub, 2003):
1. The Delphi Method for Risk Analysis - The Delphi approach for risk
analysis is quite like a brainstorming session. The concerned teams must
collaborate with risk analysts and other security professionals to identify
various possible risks and vulnerabilities to their business or project. The
Delphi approach works because it employs risk specialists and experts.
Without the expert abilities, it becomes no different than an ordinary
brainstorming session and will not produce very beneficial outcomes. After the
brainstorming session, risk analysts and team members collaborate to review
and analyse the risks that were discovered. Before developing a risk
management plan, all the specialists generate their own lists of possible
threats and evaluations, which they then compare to establish a
comprehensive risk register that document all the risks.
2. Analysis of Decision Trees - The decision tree analysis is used to generate
numerous outcomes or repercussions of an activity. This risk analysis
approach is frequently utilized since project teams may plan for all
conceivable outcomes and devise tactics to obtain the best one out of them.
The decision tree analysis is used to map or develop a route for teams to
follow to minimize risks and take the best course of action for their project. A
decision tree analysis is typically employed when project teams are unsure of
the ultimate conclusion. This allows people to assess the many options, plan
for the worst-case scenario, and hope for the best. The method entails

15. 15
generating several outcomes, calculating the likelihood of them occurring, and
then devising a pathway or plan of action to attain the optimal results.
3. Matrix of Probability and Consequences - This is the most often utilized
strategy for determining the magnitude and severity of any risk. The likelihood
and consequence matrix are designed to assist teams in ranking detected
threats, vulnerabilities, and hazards. This is done to determine the severity of
a danger if it materializes. The severity of risks is estimated by multiplying the
risk's impact by the chance or probability of the risk occurring. It is also easy
for risk analysts and experts to collaborate with teams and come up with
various risk avoidance and mitigation techniques for risk management by
recognizing and calculating the different risk components in the probability
and consequence matrix.
4. SWIFT Examination - SWIFT Analysis is an acronym that stands for
Structured What If Technique. This analytical approach is used to determine
the impact and feasibility of all risks in projects depending on modifications
made to any part of the project. The risk analysis and project team examine
any changes made to the project based on modifications made to the project's
design or plan and utilize this information to identify various Opportunity Risks
to the project.
5. Analysis of Bow Ties - One of the most practical ways to risk management
is the bow-tie analysis. It assists teams in fairly understanding the risks and
repercussions of the hazards, making developing a risk mitigation strategy
much easier. The procedure is simple:
a. The team identifies numerous risk events that might affect a project or
the company.

16. 16
b. The team then separates each risk event into two sides: On one side,
all the probable causes of the risk event are mentioned. On the other
hand, all the risk's potential repercussions and impacts are stated.
c. The risk specialists next assess and design barriers or other risk
mitigation strategies for each source of risk to avoid the risk's
consequences.
Risk analysis is a critical component of the security of all projects and
organizations. Risks can have a direct influence on the success of a project and can
have a negative impact on the firm by creating a loss of reputation, income, and
other things (Dilley, 2005). To defend the business and its initiatives from these
hazards, trained risk management specialists are employed. The risk management
certification assists all project managers, IT experts, and security professionals in
expanding their knowledge and competence in the industry.
Assessing the Risk Management Process
Risk analysis and management to be properly completed, one must go
through a process that involves many steps. This way, the risk can be identified,
defined and corrective actions put in place that is going to reduce the likelihood of
this happening. As noted, National Research Council (1983), the five steps of any
effective risk analysis and management process are as follows:
1. Risk Identification – Anticipating potential project risks does not have to be
doom and gloom for your firm. Quite the contrary. Identifying risks is a good
process in which your entire team may participate and learn. Make use of
your whole team's aggregate expertise and experience. Request that
everyone identify dangers that they have either personally encountered or

17. 17
may have more knowledge about. This technique promotes communication
and cross-functional learning. A project risk log, also known as a project risk
register, is a necessary component of any effective risk management strategy.
As a continuous database of each project's possible hazards, it not only
assists you in managing current risks but also acts as a reference point for
previous initiatives. By detailing your risk register with the appropriate data
points, you and your team will be able to identify and analyse potential
hazards to any project in a timely and accurate manner.
2. Risk Analysis – Once your team has identified potential issues, it is important
to go a little further. How probable are these occurrences? And, if they do
occur, what are the consequences? During this stage, your team will analyse
the likelihood and impact of each risk to choose where to focus first. Potential
financial loss to the company, time wasted, and the severity of the impact are
all factors that must be considered while considering each risk. By scrutinizing
each risk, you will identify any common difficulties throughout a project and
better optimize the risk management strategy for future projects.
3. Risk Prioritization – Prioritization is now underway. Rank each risk by
considering both its chance of occurrence and its possible impact on the
project. This stage provides you with a comprehensive perspective of the
project at hand and identifies where the team's attention should be directed.
Most importantly, it will assist you in identifying viable solutions for each risk.
As a result, the project is not significantly disrupted or delayed throughout the
therapy period.
4. Risk Treatment – Once the most serious hazards have been identified,
proceed with your treatment plan. While you cannot predict every risk, the

18. 18
preceding phases in your risk management strategy should have prepared
you for success. Starting with the highest priority risk, assign your team the
duty of either addressing or minimizing the risk so that it no longer poses a
danger to the project. Effectively handling and managing risk also entails
making optimum use of your team's resources without derailing the project in
the meanwhile. As time passes and you amass a larger database of previous
projects and associated risk records, you will be able to foresee potential
dangers and take a more proactive rather than reactive approach to more
successful treatment.
5. Monitoring of the risk for improvement - When it comes to constant threat
monitoring, clear communication among your team and stakeholders is
critical. And, while it may feel like you're herding cats at times, with your risk
management strategy and project risk register in place, keeping track of those
fluctuating goals becomes anything but perilous.
It is now safe to say, to be able to implement effective planning to reduce risk and
improve on productivity or the outcome of any project, the team must ensure that
they assess the likelihood for a pitfall and to ensure that they put things in place
to counter or correct the issues.

19. 19
Cost of Risks
In understanding the impact risk has on a business, one must understand the
cost of risk and its impact on the business. The cost of risk as defined by Khesal et.
al., (2018) is the expense of managing risks and experiencing losses is referred to as
the risk cost. The total cost of risk is the sum of all risk-related parts of an
organization's activities, including retained (uninsured) losses and related loss
adjustment expenditures, risk control costs, transfer costs, and administrative costs.
Cost risk analysis considers the many expenses connected with a project (labour,
materials, equipment, administration, and so on) and focuses on the uncertainties
and risks that may impact these costs. A model is used in a project simulation to
convert uncertainties into their possible influence on project objectives (Balci and
Sargent, 1981).
There are three common costs associated with risk analysis and management
that must be considered when a project is being defined. They are:
1. Preventive – Safety & Risk Management, Pre-Employee Screening, Safety
Equipment, Culture Management, Wellness, New Hire Training, Safety
Personnel Salary & Expenses, Personal Protective Equipment, Safety
Meetings.
2. Direct- Insurance, Managed Care, OSHA Fines, Deductibles, Legal
Expenses, Loss of Productivity post-accident, Management time to administer
Injury or attend hearings, Staff time to administer injury.
3. Indirect - Reputation with insurance carrier(s), reputation with vendors, loss
of morale, loss of reputation, employee gossip, and so on.

20. 20
Many projects tend to fail as noted in studies such as Gulla (2001) due to
cost. Cost issues are frequently caused by insufficient budgeting, poor budget
control, and poor planning. To minimize plans that fail because of this, there
are some factors that must be considered. Dorsey (2000) noted that the
following must be considered:
1. Types of contracts issued for the project – there are two types:
a. Firm fixed price/costing (FFP) - A FFP contract will not get any
additional funds. You bear most of the risk in this sort of
arrangement. From the customer's perspective, the contract cost is
fixed, therefore their cost responsibility is limited. The reason for
this is because you are contractually obligated to accomplish the
job scope and deliverables for the contract amount. You must
absorb any overruns. Consequently, the consumer faces less
danger, but you face greater risk. Because the risk is larger, the
price for this form of contract is normally approximately 12-15
percent.
b. Cost Plus (CP) - The consumer bears most of the risk in a CP
contract. You will be paid for all your expenditures. Even if there is a
significant overrun on the project, you will receive the whole
amount. In a competitive setting, your proposal usually does not
contain the cost and timetable for risks. To win the project, you
should keep the price low and then seek for additional scope items
and the accompanying charge. Because there is low danger for the

21. 21
for you, the cost for this form of contract is normally about 7-8
percent.
In addition to the two contracts, there are other factors that can be considered in the
reduction of cost associated with failed projects. The considerations were outlined in
Henderson (2006) as:
1. Sub-contracts - The most significant risk for subcontractor cost risk is a lack
of time to develop proposals. Allow me to explain. In most cases, the
customer's request for quotation (RFP) gives you 60 days to submit your
proposal. This implies that the RFP for the subcontractor should be created
and delivered to them as soon as feasible after receiving the customer's RFP
to give them as much time as possible to submit their proposal. RFP
preparation for subcontractors might take two to three weeks or more. As a
result, the subcontractor offers are ‘soft' (based mostly on estimates). To
reduce this risk, increase the subcontractor's pricing before included it in your
bid.
2. Risk evaluation - During the proposal process, a full and detailed risk
assessment must be performed to determine the risk mitigation cost and
schedule requirements for inclusion in your proposal. If this is not done, there
is no way to acquire more payments from the client after the contract is
awarded.
3. Estimation of cost - A strong task breakdown structure is the foundation for
cost estimation (WBS). A work breakdown structure (WBS) divides the
contract job scope into manageable activities known as work packages
(WPs). Poor cost estimation will result from a poorly formed WBS or WPs.

22. 22
Bottom-up (WP level) and top-down sanity checks should be done in a
consistent manner. If not, figure out which strategy is flawed. A top-down
estimate can be based on prior similar projects that have been modified for
project changes, or it can be based on another approach.
4. Cost control strategies - Earned value management, in my opinion, is the
finest instrument for cost reduction (EVM). It assesses project progress in
relation to the baseline plan. To be effective, EVM must be properly set up
and performed. Finance publishes an earned value report once a month. The
report covers the performance of each WP and is color coded, making it
easier to identify badly performing WPs. This allows for the most time to
locate and address the problem.
Risks associated with project expenses and budgets may be handled and
minimized by keeping a variety of considerations in mind. What kind of agreement is
it? Have you considered the subcontractor? What about the project's progress?
Although it may appear that there is a lot to accomplish, it will help you keep your
project expenditures under control and contribute to project success.
Risk Control
Risk control techniques
Risk management is the process through which businesses assess
prospective losses and take steps to mitigate or eliminate them (Burke, 2013). It is a
strategy that employs risk assessment results, which entail detecting possible risk
factors in a company's operations, such as technical and non-technical components
of the business, financial policies, and other concerns that may influence the firm's
well-being (Baker et. al., 1999). Risk management also entails making proactive

23. 23
adjustments to lower risk in these areas. Thus, risk management assists businesses
in limiting the loss of assets and income. Risk management is a critical component of
an organization's enterprise risk management (ERM) methodology (Ogutu et. al.,
2018).
Modern organizations encounter a wide range of challenges, rivals, and
possible threats. Risk management is a corporate approach that seeks to discover,
analyse, and prepare for any dangers, hazards, and other possible disasters—both
physical and figurative—that may interfere with an organization's operations and
objectives. The following are the fundamental ideas of risk management:
1. Loss avoidance is the most effective approach of loss control. For
example, if a factory owner discovers that a chemical used in the
manufacture of a company's goods is hazardous to the workers' health, he
would seek for a safe alternative chemical to preserve the workers' health.
2. Separation entails distributing critical assets such that catastrophic
occurrences at one site damage only that location's business. If all assets
were in the same location, the company would face more significant
problems. For example, a corporation may employ a geographically varied
staff so that production may continue even if one of its warehouses
experiences problems.
3. Diversification is the allocation of corporate resources for the creation of
many lines of business supplying a wide range of products or services in
various sectors. A big revenue loss in one line will not have an irreversible
impact on the company's bottom line. A restaurant, for example, may sell

24. 24
salad dressings, marinades, and sauces at grocery stores in addition to
offering meals.
In summary, Risk management is the process through which businesses
assess prospective losses and take steps to mitigate or eliminate them. It is a
technique that makes use of the results of risk assessments. The purpose is to
identify and decrease possible risk factors in a company's operations, such as
technical and non-technical components of the business, financial policies, and other
concerns that might jeopardize the firm's well-being. Avoidance, loss prevention, loss
reduction, separation, duplication, and diversification are all risk control approaches.

25. 25
New Prospective
The concept of risk analysis and management is not a new concept to me. I
have worked within the BPO industry for over eight years in various capacities that
requires project being carried out and cost to benefit analysis being done. This
research has further deepened my appreciation for the task of identifying business
situations that are potential risks, analysing them to understand the impact they may
have on the activity at hand. Once you understand the impact this situation may
have, the team can now develop a solution that will either remove the risk or lower
the probability of this occurring.
This research and the many that were done before mine has polished my
understanding of what is a risk, what is risk analysis and risk mitigation. This has
allowed me to craft my own understanding of what those terms mean. My personal
definitions are:
1. Risk – these are negating factors that may impact the overall objectives of a
company, a project, or a task resulting in loss of resources such as time and
money.
2. Risk analysis – this is the step-by-step process that is involved in
understanding the impact a risk may have on a company, a project, or a task
and its outcome.
3. Risk mitigation – this is the process that involves the development of
strategies that will negate the impact of risks on a company, a project, or an
organization.
Risk analysis and management have a positive impact on the success of a
business. A business can assess their objectives, the strategic plans they have

26. 26
developed to achieve these and the resources they must allocate to this. Risk
analysis methodology allows the company to analyse their current and future
situations to find issues that may affect their plan and the extent that this might
thwart the process. With the many risk mitigation tools available, the company would
be able to fashion solutions that will remove or reduce the impact that the identified
risk may have on their objectives. It is then safe to say, risks are issues that will
affect the company’s objective, risk analysis is the process a company uses to
identify, analyse, and control these risks using risk mitigation tools that aligns with
the resources of the company. No one mitigation tactic will work for all company.
Risk analysts would need to assess the current situation and develop a combination
of strategies that would fit the need of the company, the project, or the tasks they are
currently working on. If this is not done, the company run the risk of using incurring
unnecessary costs associated with not properly planning for risks.
In summary, risks (these are negating factors that may impact the overall
objectives of a company, a project, or a task resulting in loss of resources such as
time and money) can be identified using risk analysis methodologies (this is the step-
by-step process that is involved in understanding the impact a risk may have on a
company, a project, or a task and its outcome). Once risks are identified, the
company, the project, or tasks can employ risk mitigation strategies (this is the
process that involves the development of strategies that will negate the impact of
risks on a company, a project, or an organization) to aid in them achieving their
objectives.

27. 27
Conclusion
In summary, the article defined risk analysis as the likelihood or probability
that a person would be injured or suffer an undesirable health outcome if exposed to
a danger is referred to as risk (Holton, 2004). Risk management research began
after World War II and improvements were made on it over time to create the
situation, we currently have in risk analysis. In adopting risk analysis practices,
companies seek to reduce the impact of risk on their projects, reduce the cost
associated with these risks, and to reduce the impact it may have on manpower.
Risk analysis aims to allow a simpler way of identifying problems, promote high
quality decision-making, elevate communication, positively impact budgeting, and to
define clear path for escalation. Some drawbacks to risk analysis are that it is time
consuming, swallows up non-monetary resources (time), and it is not able to fully
assess the extent of the risk.
There are five trends impacting risk analysis today, they are data breaches
and cyber security, inability to innovate using AI and RPA, analytical breakthrough,
danger in could computing, and companies lagging in becoming digitalized. The
types of risk analysis tools are the Delphi Method for Risk Analysis, Decision Trees,
Matrix of Probability and Consequences, SWIFT Examination and Bow Ties. The
process to identify risk are risk identification, risk analysis, risk prioritization, risk
treatment and risk monitoring. Three costs associated with risk are preventative,
direct, and indirect costs. To help in mitigating risk contracts can be used. Two types
of contracts are the firm fixed pricing and the cost-plus contracts. Other ways of
mitigating risks are through sub-contracts, risk evaluation, risk estimation, cost
control strategies. To be able to control risk, some techniques that can be employed

28. 28
are the loss avoidance is the most effective approach of loss control, separation
entails distributing critical assets such that catastrophic occurrences at one site
damage only that location's business, and Diversification is the allocation of
corporate resources for the creation of many lines of business supplying a wide
range of products or services in various sectors.
This study concludes with my new prospective of risks (these are negating
factors that may impact the overall objectives of a company, a project, or a task
resulting in loss of resources such as time and money) can be identified using risk
analysis methodologies (this is the step-by-step process that is involved in
understanding the impact a risk may have on a company, a project, or a task and its
outcome). Once risks are identified, the company, the project, or tasks can employ
risk mitigation strategies (this is the process that involves the development of
strategies that will negate the impact of risks on a company, a project, or an
organization) to aid in them achieving their objectives.

29. 29
References
Aven, T. (2017). How some types of risk assessments can support resilience
analysis and management. Reliability Engineering & System Safety, 167, 536-
543.
Aven, T., & Renn, O. (2010). Risk management. In Risk Management and
Governance (pp. 121-158). Springer, Berlin, Heidelberg.
Ayyub, B. M. (2003). Risk analysis in engineering and economics. Chapman and
Hall/CRC.
Baker, S., Ponniah, D., & Smith, S. (1999). Risk response techniques employed
currently for major projects. Construction Management & Economics, 17(2),
205-213.
Balci, O., & Sargent, R. G. (1981). A methodology for cost-risk analysis in the
statistical validation of simulation models. Communications of the ACM, 24(4),
190-197.
Bernstein, P. L. (1996). The new religion of risk management. Harvard business
review, 74(2), 47.
Burke, R. (2013). Project management: planning and control techniques. John Wiley
& Sons.
Crockford, G. N. (1982). The bibliography and history of risk management: Some
preliminary observations. Geneva Papers on Risk and Insurance, 169-179.

30. 30
Dilley, M. (2005). Natural disaster hotspots: a global risk analysis (Vol. 5). World
Bank Publications.
Dorsey, P. (2000). Top 10 reasons why systems projects fail. Retrieved
February 10, 2005.
Endoh, H., Yamamoto, R., Satoh, Y., Kuwano, H., & Nishizawa, N. (2013). Risk
analysis of pulmonary resection for elderly patients with lung cancer. Surgery
today, 43(5), 514-520.
Funtowicz, S. O., & Ravetz, J. R. (1985). Three types of risk assessment: a
methodological analysis. In Environmental impact assessment, technology
assessment, and risk analysis (pp. 831-848). Springer, Berlin, Heidelberg.
Gulla, J. (2011, August). Seven reasons why information technology projects fail.
In SHARE Conference.
Henderson, P. (2006). Why large it projects fail. ACM Trans. Program. Lang.
Syst, 15(5), 795-825.
Holton, G. A. (2004). Defining risk. Financial analysts journal, 60(6), 19-25.
Hubbard, D. W. (2020). The failure of risk management: Why it's broken and how to
fix it. John Wiley & Sons.
Hulebak, K. L., & Schlosser, W. (2002). Hazard analysis and critical control point
(HACCP) history and conceptual overview. Risk analysis, 22(3), 547-552.
Jorion, P., & Khoury, S. (1996). Financial risk

31. 31
management. Cambridge/Massachusetts.
Khesal, T., Saghaei, A., Khalilzadeh, M., Galankashi, M. R., & Soltani, R. (2018).
Integrated cost, quality, risk and schedule control through earned value
management (EVM). Journal of Engineering, Design and Technology.
Konings, M. (2016). Governing the system: Risk, finance, and neoliberal
reason. European journal of international relations, 22(2), 268-288.
Li, F., Yan, J., Wei, Y., Zeng, J., Wang, X., Chen, X., ... & Lü, G. (2021). PM2. 5-
bound heavy metals from the major cities in China: spatiotemporal
distribution, fuzzy exposure assessment and health risk management. Journal
of Cleaner Production, 286, 124967.
Mackenzie, F. D., Hirst, L. W., Battistutta, D., & Green, A. (1992). Risk analysis in
the development of pterygia. Ophthalmology, 99(7), 1056-1061.
Morris, M. H., Kuratko, D. F., Audretsch, D. B., & Santos, S. (2020). Overcoming the
liability of poorness: disadvantage, fragility, and the poverty
entrepreneur. Small Business Economics, 1-15.
National Research Council. (1983). Risk assessment in the federal government:
managing the process.
Ogutu, J., Bennett, M. R., & Olawoyin, R. (2018). Closing the gap: between
traditional and enterprise risk management systems. Professional
Safety, 63(04), 42-47.

32. 32
Renn, O., Lucas, K., Haas, A., & Jaeger, C. (2019). Things are different today: the
challenge of global systemic risks. Journal of Risk Research, 22(4), 401-415.
Sadgrove, K. (2016). The complete guide to business risk management. Routledge.
Salar, M., & Salar, O. (2014). Determining pros and cons of franchising by using
swot analysis. Procedia-Social and Behavioral Sciences, 122, 515-519.
Smith, P. G., & Merritt, G. M. (2020). Proactive risk management: Controlling
uncertainty in product development. productivity press.
Suh, B., & Han, I. (2003). The IS risk analysis based on a business
model. Information & management, 41(2), 149-158.