Risk Management Program, Essay Example

Executive Summary

In any business enterprise, it is not possible to predict when risk will occur because it is never readily apparent. Risk is usually latent in the operations as well as the processes of any institution and it is a common reality that is always associated any business that is operating on a daily routine. Apart from the apparent demand for cognizant alertness in addition to proactive measures of risk mitigation, numerous momentous reasons as well as benefits are at the disposal of organizations that facilitate for the establishment of an effective program for risk management. In most business organization, the laid down infrastructure responsible for the management of risk have common elements. The most important step is the oversight responsibility which is a chore function of the risk management committee which is fully backed by the management of the organization.

It is also the responsibility of the organization to document policies as well as processes that assure consistency along with fairness during review by the committee and general approach to mitigation and management of risk. Programs of risk management and appropriate procedures of identification and measurement of risks have been established in business organization

Introduction

Risk implications are a potential loss endorsed by a threat incident or issue. In 2007, Robinson defined risk as an incident that is unseen and which can negatively affect the plans of a strategized agenda. Risks are in most cases categorized into artificial, natural as well as political and commonly perceived as dangerous occurrences in any institutional set up. Therefore, there is a need for every sector to set up the modeling rationale for controlling risks and in addition provide measures on how assessment and management of risks could be controlled. If the risk is controlled in good time, there will be possibility of achieving effective results.

Risk control is an organizational idea in most cases done strategically in order to prevent the risk effects from taking place. Therefore, risk control is a factor that should be maintained on a continuous process. There should also be a permanent model for risk control that addresses the past, present as well as the future risks that surround the construction industry in the public housing projects

Risk treatment can be expressed as a process whereby measures that modify the risk are identified and combined together. He also indicated that risk treatment has to include mitigation factors in order to be effective. Other factors that are involved in risk treatment are risk avoidance, risk transfer as well as risk financing. These elements are important in the construction execution of public housing sector projects.

Risk treatment could effectively be achieved if costs concerning the risk are implemented and deliberated with high-level confidence, accountability and transparency. This is because it develops grounds for measurement of cost effectiveness in different sectors. The loss that may be gained should also be considered in the estimation of comparison of the end result. According to Ryan, this will assist in determining on whether risk control model should be implemented.

The Process of Risk Control

In an organization, a risk management program is formulated in order to facilitate in managing risks successfully. The process included:

• Establishment of strategic objectives
• Assessment of potential risk
• Evaluation of the risk
• Monitoring together with controlling the risk.

Assessment of risks engrosses the actions of appraisal as well as investigation of the specific risk. Analyzing risk initially call for the identification of the risk in issue because identifying it leads to gaining a spotlight of how risks are supposed to be predicted. Predicting the risk engrosses merging the strategic decisions as well as activities on the basis of the long-term period of the business.

The other activity that should strategically be included is financial management. This involves some other external factors such as credit facilities and market interest rates. This area of finance should effectively be managed because it can easily lead to greater organizational losses if not well managed. In controlling the risks, the fields of production, human resources and procurement should also be given attention because they also can result to organization failing to attain its target and therefore this attracts risk. There are health and safety Acts for every different sector in Trinidad and Tobago and they should too be adhered to.

Identification of the Potential Risks

Risk analysis should be regarded as effective only if it describes the identified risks and providing comprehensive analysis that indicates the major risks. A better control model for this is to identifying the type, scope and as well nature of the risk. Other factors essential are determining the degree of the risk and coming up with control mechanism that portrays potent ability of reducing the risk. In conclusion, proper policies and strategies should be put in place to prevent the risk. The risk analysis process did not stop at the level of description but instead went ahead up to the level of estimation. This is according to its likeliness of occurring. This was argued as the best method of identifying the risk and at the same time finding means on analyzing the risk control method because it is helpful in advance planning and as well provides the possible mechanisms on controlling and managing the risk. In risk evaluation, the criterion for the established risk is compared with estimated risk and it may be useful in construction execution of public housing.

Risk Management Plan

Effective creation a risk management plan requires that the management in the organization selects the most suitable controls as well as countermeasures that can evaluate each type of risk. The top management in the organization has the responsibility of approving the needs of risk mitigation. For example, any risk in the organization that is associated with the image of the firm is subjected to the decision of the top management while a risk associated with computer virus is directed to the IT management of that organization.

In implementing a risk management plan, it is important to consider proposals for applicable as well as efficient security controls that are responsible for risk management. An appropriate risk management plan in the organization should account for a schedule that facilitates control implementation coupled with responsible individuals to take care of the issues at hand.

After comprehensively completing the phase risk assessment, the preparation of the risk treatment plan follows. This is responsible for documenting the identified working decisions of handling each of the risk that has been identified. The implication of risk mitigation is the choice of appropriate security controls as indicated in the statement of applicability. The security controls recognizes the specific control objectives as well as controls that have been given priority.

Implementation of Risk Management Plan

Implementation of risk management plan is executed in accordance with the chosen methods in as far as mitigating the risk effects is concerned. For example, if risk transfer is the most appropriate option arrived at, insurance policies should then be purchased from the insurer. If risk avoidance is the choice, then the appropriate measures of avoidance are taken in consideration of the importance of the organization goals. During implementation phase of risk management plan, it is important to follow all the methods that have been identified to potentially mitigate the risks

Evaluation of risk management plan is a very important consideration bearing in mind that the plan might not be perfect. The precise consideration of experience, results of actual loss as well as practice might call for changes and modifications of the plan and additional information that might facilitate alternative decisions in addressing the imminent risk. It is also important to consider regular updates of the results of risk analysis and the management plan. This is important for two special reasons namely; evaluation of effectiveness and applicability of security controls that were initially selected and evaluation of possible changes in the risk level in as far as the business environment is concerned. A good example of this is information risks that give an indication of rapid changes in the business environment.

Risk Management Tools

Potential Risk Treatments

On successful identification and evaluation of possible risks, the next step involves application of techniques that are responsible for the management of the risks. Several categories of risk treatment have been identified that include the following:

• Risk avoidance (elimination and withdrawal from any possible risk)
• Risk reduction (optimize – mitigate)
• Risk sharing (transfer  of risk by  outsourcing or insurance)
• Risk retention (accepting the risk and budgeting)

The ultimate applicability of the mentioned strategies may prove to be impossible. Most of the strategies may require the contribution of trade-offs which may not be compatible with the goals and objectives of the organization.

Risk Avoidance

The implication of risk avoidance is total elimination of events that appear as being uncertain and consequently are likely to trigger losses as well as damages in the organization. Withdrawal is another implication of risk avoidance. In the scenario, the management decides to desist from an identified activity that is thought to be associated with potential risk. The option of avoidance gives the best answer to any form of risk but also, it will mean that any potential gain that is associated with the opportunity forfeited is lost. If the decision of a business venture regarding any possible risk in business is made in favor of risk avoidance, the possibility of benefiting from the profits from that business is therefore avoided.

Some of the risks associated with business come with significantly high costs and this burden is anticipated to be carried by the management of the company. Consequently, the prudent action of the company is averting from such ventures as a means of risk mitigation. In the situation of avoidance, risk is usually debarred but at the same time, the company also forfeits any potential gains that would otherwise have been achieved if the organization opted to take the risk. Making a decision to avoid a risk requires great thinking in as far as the business ventures are concerned. The action is also associated with limiting the investor from the possibility of tapping the treasures that are associated with the business. An important consideration in making this decision is that total elimination of risk in any business is not achievable. Consequently, it is prudent for organization management to make us of Business Continual Planning, BCP that deals with mitigation of residual risks. The appreciation of the fact that complete avoidance of risk and mitigation is not achievable, a fact attributable to monetary as well as practical limitations would possibly give appropriate guidance to the management in taking the option of risk avoidance or not.

Due to the sensitivity of taking risk avoidance as the best option, the management requires extremely compassionate risk assessment in addition to evaluation in the determination of potential possibility of risk occurrence and the anticipated rigorousness of the damage. An accurate determination of this aspect will help in reducing the chances of loosing the gains that may be associated with acceptance of the risk, sharing or its retention.

Risk avoidance may also take the direction of application of mitigation measures which can prevent any possibility of occurrence of risk. A good example of this is a situation of risk caused by striking employees attributed to poor strategies of solving problems in the organization or poor management practices. The management can take the initiative of addressing the complaints of the employees in detail leading to an amicable solution to the problems. The application of intuitive as well as intellectual skills in this respect allows the management to come up with measures of mitigation that prevent any possibility of a strike by the employees. This entails measures of making a contented and happy environment for the employees.

Success in the use of risk avoidance may require a highly strong connection between organization management and the workers in subordinate positions that will facilitate in successful breaking of uncertainties. Taking care of any industrial strikes and conflicts arising from the employees is achieved in the organization through implementing effective ethical codes, raising the morale of the employees, creating avenues of solving problems within the organization and maintaining a conducive environment in the work place. Any potential threat of strike from the employees is therefore averted and this is a realistic model of risk avoidance.

Works Cited

Dirggers, P. F. “Risk Management for Volunteer Programs.”  Colorado Libraries 26, no. 1 (2000): 45-6.

Schroeder, Stephanie. Risk management key notes. Vol. 46, Risk Management, New York, January 1999, p. 56

Snyder, H. W. “Bonding with Your Employees and Board Members.”  Library Administration & Management 4 (2000): 22-24.

Schroeder, Stephanie. The human factor. Vol. 46, Risk Management, New York, 1999.