Download to read offline
![i. Government & Public sector entities
• “Precautionary principle” in Governments [due public element in
every decision].
• Risk = any event with potential to inhibit Govt to execute its
mandate or jeopardize reputation/ image.
ii. Compliance
• Treasury Circular No. 12 (2012/13) - 2023
• Government Guidelines for Risk/ Fraud (2012)- updated 2023
• CAG Audit queries
7
August
20,
2025
Risk
Management
Awareness
Requirements for risk management](https://image.slidesharecdn.com/riskmanagementawarenesspresentation-dit-250820052344-5a7481de/75/RISK-MANAGEMENT-AWARENESS-PRESENTATION-DIT-pptx-7-2048.jpg)
RISK MANAGEMENT AWARENESS PRESENTATION-DIT.pptx
- 1. Introduction to RiskManagement (Theory & Practice) Event: RISK MANAGEMENT AWARENESS TRAINING Presenter: Francis Ngowi, Msc. Economics and Finance for Development, B.A. in Economics Venue: Kibaha Date: 19th May, 2025 Risk Management Awareness 1
- 2. Coordinated activities todirect and control an organization with regard to risk-ISO 31000:2018 It is a process to: • Identify all relevant risks • Assess / rank those risks • Address the risks in order of priority • Document risks • Monitor risks & report on their management Definition of Risk ;risk is defined as the effect of uncertainty on objectives- ISO 31000:2018 August 20, 2025 Risk Management Awareness What is Risk Management?
- 3. • A riskis an uncertain event which may occur in the future • A risk may prevent or delay the achievement of an organization’s or units objectives or goals • A risk is not certain – Its likelihood can only be estimated Opportunities - a risk that may HELP in the achievement of objectives Note: Not all risk is bad, some level of risk must be taken in order to progress / prevent stagnation. 3 August 20, 2025 Risk Management Awareness What is Risk?
- 4. Principles of RiskManagement August 20, 2025 Risk Management Awareness 4 ISO 31000:2018
- 5. Risk Management Framework-RMF RMF-Setof components that provide the foundations and organizational arrangements for integrating, designing, implementing, evaluating and improving risk management across the entity”.-ISO 31000:2018 • Risk Management Guideline- ISO 31000:2018-Global Standards for RM to any organization. • IAG- Guideline for implementing risk management to Public Sector Entities (AIG-PSE Guideline July 2023- Provide practical guidance to PSEs. August 20, 2025 Risk Management Awareness 5
- 6. Components of RiskManagement Framework • i. Risk Management Policy and procedures ii. Risk Management Annual Implementation Plan iii. Risk Register iv. Risk Mitigation Action Plan August 20, 2025 Risk Management Awareness 6
- 7. i. Government &Public sector entities • “Precautionary principle” in Governments [due public element in every decision]. • Risk = any event with potential to inhibit Govt to execute its mandate or jeopardize reputation/ image. ii. Compliance • Treasury Circular No. 12 (2012/13) - 2023 • Government Guidelines for Risk/ Fraud (2012)- updated 2023 • CAG Audit queries 7 August 20, 2025 Risk Management Awareness Requirements for risk management
- 8. • Reliable basisfor decision making and planning • Achievement of DIT objectives and performance targets • Minimize operational surprises and shocks and other costly and time-consuming litigation and/or unexpected losses • Management will grasp new opportunities in a timely manner • Compliance with relevant legal and regulatory requirements and international norms • Improve stakeholders’ confidence and trust • Effective use of resources and promotes continual improvement. How does Risk Management help?
- 9. 9 August 20, 2025 Risk Management Awareness The ISO 31000risk management process is a structured framework for identifying, analyzing, evaluating, treating, monitoring, and communicating risks in an organization. ISO 31000 Risk Management Process
- 10. Risk Identification –what are the threats and uncertainties associated with my organization’s or units objectives? • Separate out the risk into its cause & possible effect • Be concise & clear • Do not concentrate on symptoms only 10 August 20, 2025 Risk Management Awareness Risk Management Process
- 11. • Assess therisk’s Impact Likelihood • Prioritize the risks (High, Medium, Low) 11 August 20, 2025 Risk Management Awareness Risk Management Process Cont.
- 12. Take Action! For seriousrisks where controls are A) Weak B) Absent i. For risks where the Risk Appetite is exceeded ii. Examine Cost vs. Benefit 12 August 20, 2025 Risk Management Awareness Risk Management Process Cont.
- 13. Types of Action a)Tolerate b) Treat c) Substitute d) Terminate e) Transfer (The choice of the above will be decided upon by your risk appetite) 13 August 20, 2025 Risk Management Awareness Risk Management Process Cont.
- 14. Monitor & Report •Use a standard format for capturing risk data e.g. a “Risk Register” • Review all risks at least annually • Serious risks to be reviewed more often depending on circumstances • Report on risk to senior management / Board • Make Risk Register available to stakeholders to show good governance 14 August 20, 2025 Risk Management Awareness Risk Management Process Cont.
- 15. Categories of Risks Financial •Failure to safeguard assets • Poor cash flow management • Lack of value for money • Fraud / theft • Poor budgeting 15 August 20, 2025 Risk Management Awareness Risk Management Process
- 16. Operational • These risksresult from failed or inappropriate policies, procedures, systems or activities e.g. • Failure of an IT system • Poor quality of services delivered • Lack of succession planning • Health & Safety risks • Staff skill levels • No process to track contractual commitments/improvement 16 August 20, 2025 Risk Management Awareness Categories of Risks Cont.
- 17. Reputational Organization engages inactivities that could threaten it’s good name • Through association with other bodies • Staff / members acting in a criminal or unethical way • Poor stakeholder relations 17 August 20, 2025 Risk Management Awareness Categories of Risks Cont.
- 18. Governance & Compliance •Lack of oversight by Board • Segregation of duties not defined formally • Ensuring compliance with contracts/MOU terms and conditions • Compliance with applicable legislation Taxation Law Data Protection Health & Safety Law 18 August 20, 2025 Risk Management Awareness Categories of Risks Cont.
- 19. Involve all levelsof staff & management in the process Controls are relevant & effective Ensure risk owner takes responsibility for management of risks under their control Focus on risk cause, not its symptoms 19 August 20, 2025 Risk Management Awareness Tips for Success
- 20. Embedding risk management WhenFULLY-EMBEDDED there will be: i. A RISK MGT FRAMEWORK/ POLICY that is sponsored by the PS/Board/Council ii. People buy- in (deal with culture and change mgmt. issues) iii. Responsibilities assigned (Chief Risk Officer/Coordinator, Champions etc.) iv. Risk assessment conducted to create a RISK REGISTER v. MITIGATIONS measures are proposed/planned and IMPLEMENTED vi. Risk mgmt. REPORTS are prepared (quarterly) and acted upon vii. Continuous review and improvement (annual review). August 20, 2025 Risk Management Awareness 20
- 21. Limitations of scope Lackof top management support Did not engage all stakeholders Failure to share information RM not embedded within planning & management system 21 August 20, 2025 Risk Management Awareness Why Risk Management May Fail
- 22.