These presentations will look at how an organisation may identify and manage risk more generally as well as identifying some specific risks – such as those posed by the organisation’s premises and its location, its customers, its suppliers, its staff, its financial transactions, its information technology and its competitors – how they may emerge and provide some strategies to manage them.
Organisations face many risks. Each has the potential to adversely affect its financial performance and create a negative image of the organisation in the eyes of its stakeholders. It is important to have in place a Risk Management Policy that recognises each prospective risk, how it may emerge and a Procedure that identifies the best way to manage it. Failure to properly manage risks may be serious enough for your organisation to fail. There is much for many organisations to contemplate in the development of such a policy so what needs to be considered?
Every organisation is subject to possible losses from unmanaged risks. Sound risk management should reduce the chance that a particular event will take place and, if it does take place, sound risk management should reduce its impact. Sound risk management also protects organisational wealth. Risk management starts by identifying possible threats and then implements processes to minimise or negate them. Sound risk management can produce the following benefits:
lower insurance premiums;
reduced chance that the business may be the target of legal action;
reduced losses of cash or stock and the like;
andreduced business down time.
Undesirable events, the probability of their occurring and their possible impact vary considerably from organisation to organisation. How should we identify and manage these particular risks?
The first step is to identify the events that may cause a loss or disruption to the operations of our organisation. Those events should then be analysed to ascertain the likelihood of their occurring and how serious the result would be if they did occur.
Start simply by assessing each event as ‘very likely’, ‘moderately likely’ or ‘very unlikely’. Then, prioritise them by putting a monetary value on each one (e.g. the replacement cost of a critical member of staff; or in the case of the closure of a key supplier, the total cost of sourcing a new supplier and the potential downtime while supplies from this new source are obtained). Once this is completed attend to the most likely and the costliest events first.
Next, for each possible event, develop procedures commensurate with the level of risk the organisation is willing to accept. The policies and procedures adopted by your organisation for a particular task or activity must match the risk tolerance determined by the owners or their representatives and be tailored to suit the organisation’s specific needs. It is not possible to simply implement a standard policy – the policy must be individually tailored, as each organisation’s level of risk tolerance and context is unique. Once the policy and procedures are put in place, they should be monitored regularly to ensure they are properly implemented and are effective.
At Park Advisory we understand this may be a complex task and would be more than happy to assist you in creating an appropriate risk management policy and associated procedures. Please do email us at firstname.lastname@example.org for a free, no obligation initial consultation.