What is risk management?
ISO 31000 defines risk management as the effect of uncertainty on objectives. It can also mean; to identify, assess and prioritize risks then economize and coordinate application of resources to control, minimize and the chances of occurrence and/or impact of unfortunate events, or to increase the realization of opportunities.
Why do we need to manage risks?
The sole need of managing risks is to minimize their threats and maximize their potential; to maximize the realization of opportunities.
How can we manage risks?
Step 1: Identify the threat
Risks can be classified into different categories such as:
- Operational risks – these are threats that directly implicate operations for example labor strikes
- Strategic risks – these threats implicate strategy and they include: loss of reputation and management alterations.
- Financial risks – such as liability judgments and cost of claims.
- Perimeter risks – political change or weather.
Assess the vulnerability of critical assets to specific threats.
There are methods used to predict risks and quantify them. The main aim of doing this is to calculate the estimated cost of the risk and include it in the budget. The whole process is formulated and evaluated around the cost of the risk.
The cost of the risk is comprised of;
- The cost used to control activities
- The cost used by the administration to manage the program
- Total insurance proceeds
- Management expense claims
- Retention/exclusions, and deductibles which fall under retained losses
Determine the risk
Loss exposures types include: property, liability. net income and personnel.
Strategies of risk management may involve many concepts such as:
- Awarded judgments, cost of investigation, fines and legal fees.
- Payments made as a result of disability, death, and/or resignation of employees.
- Maintenance; replacement and repair of physical assets.
- Insurance premiums with a higher potential.
- Reduction of revenue or increased expenses due to loss
- Loss due to low productivity of the workers influenced by external factors such as public opinion and adverse publicity.
Identify ways to reduce those risks.
- Risk prevention
- Transfer of responsibility (insurance)
- Risk reduction
- Avoidance of situations that will create a threat
Based on a strategy; prioritize risk reduction measures
- Use of other forms of capital such as use of bonds or borrowing.
- Transfer insurance to a non-owned insurance company
- Transfer of responsibility.
- Retain losses using omission or design.