Please enable JavaScript.
Coggle requires JavaScript to display documents.
Block 17: Managing Risk, RAAT - Coggle Diagram
Block 17: Managing Risk
Introduction to Risk:
:eight_spoked_asterisk:
Risk is often seen as negative, but in a business context, it refers to the uncertainty of outcomes. It can arise from both action (e.g., taking on a risky client) and inaction (e.g., missing out on opportunities).
Example
: A company might avoid a risky investment, but the risk of not investing could mean losing market share to competitors.
Risk Management:
Organizations must balance threats (e.g., financial losses, reputational damage) and opportunities (e.g., new markets, innovation).
Risk management relates to reducing negative events and grasping opportunities to enable the company to thrive in the long-term.
Understanding Risk :thunder_cloud_and_rain:
Subjective Nature of Risk:
Risk perception varies among individuals and departments. For example, the IT department may prioritize cybersecurity risks, while the HR department focuses on compliance with labor laws.
Internal goals (e.g., retaining key employees) and external factors (e.g., regulatory changes) influence how risks are identified and managed.
Risk Perception:
People tend to underestimate familiar risks (e.g., driving) and overestimate unfamiliar ones (e.g., flying), even when statistics show the opposite.
Example: Businesses may underestimate regulatory risks because they are familiar with current laws, but fail to anticipate how new regulations will impact them.
over time, we reassess them based on the circumstances which surround them. If it was fine today, then we assign a slightly lower level of threat to that risk
Emerging Risks:
New risks can emerge over time, such as the disruption caused by volcanic ash to air travel or the global impact of COVID-19. Organizations must stay aware of changes in their environment to adapt their risk management strategies.
PESTEL Analysis :tanabata_tree:
Purpose:
PESTEL analysis helps organizations evaluate external factors that could impact their performance. It provides a structured way to identify risks and opportunities in the macro-environment.
Components:
Political: Changes in tax policy, government stability, or environmental legislation.
Economic: Interest rates, economic growth, labor costs.
Socio-cultural: Demographic shifts, societal values, education levels.
Technological: Advances in AI, new patents, changes in service delivery methods.
Environmental: Climate change, energy supplies, water resources.
Legal: Employment laws, business regulations, corporate governance.
Differences in Departmental Risk Identification :department_store:
Departments have different priorities and concerns, leading to varying perceptions of risk. For example:
IT Department
: Focuses on cybersecurity and data breaches.
HR Department
: Concerned with compliance with labor laws and diversity reporting.
Facilities Management
: Prioritizes health and safety regulations and environmental sustainability.
These differences can lead to disagreements about which risks are most critical for the organization.
Assessing Risk :eyeglasses:
Risk Assessment:
Risks are assessed based on their severity (impact) and likelihood (frequency). A scoring grid (e.g., 1-5 scale) helps prioritize risks.
Example: A high-impact, high-likelihood risk (e.g., a major data breach) would be prioritized over a low-impact, low-likelihood risk (e.g., minor equipment failure).
This approach enables organisations to focus action on those activities expected to deliver the most value to the organisation.
Action would be focused on those risks that have scores in the red zone, while those in the green can be ignored at present. Amber indicates a need to monitor and check that the risk is not approaching red status.
Data and Risk Types:
Some risks can be analyzed using historical data
Health & Safety assessments may make use of accident data
Actuarial assessments; insurance premiums calculated using historical data
Financial measures e.g. Internal Rate of Return (IRR), Value at Risk (VAR)
Statistical analysis requires knowledge of the data distribution to be valid
Example: Insurance companies use actuarial data to calculate premiums, but reputational risks (e.g., a scandal) are harder to quantify.
others rely on managerial judgment.
External environmental change: Particularly difficult to predict for public sector organisations, but also a challenge for private sector before new regulation is fully
Personnel change: New management approaches can be identified as a threat to some parts of the organisation or to particular products and services
Reputation: Secondary risk linked to other risk sources eg: VW cheat device (a secondary risk, since the primary risk was the cost of replacing the devices with compliant ones, but damage to reputation was of greater concern)
Managing Risk :silhouette:
Risk Appetite:
Organizations set a risk appetite to determine which risks they are willing to accept and which they want to avoid. For example, a company may accept financial risks for high-reward investments but have zero tolerance for safety risks.
Risk Treatment Strategies:
Reduce/Treat:
Implement measures to mitigate the risk (e.g., improving cybersecurity).
Avoid/Terminate:
Eliminate the activity causing the risk (e.g., discontinuing a hazardous product).
Transfer:
Shift the risk to a third party (e.g., purchasing insurance)
outsourcing
and
offshoring
Accept/Tolerate:
Accept the risk if it falls within acceptable limits (e.g., minor operational risks) "oil spill in Mexico where there was no action available to be taken at that point"
Portfolio Management :money_with_wings:
Diversification reduces risk by spreading investments across different asset classes (e.g., stocks, bonds, property). This reduces non-systematic risk (specific to individual investments) but not systematic risk (market-wide risks).
Example: Holding shares in both tech and healthcare companies reduces the impact of a downturn in one sector.
Balanced Portfolio
is an investment strategy that aims to balance risk and return by diversifying investments across different asset classes. This approach typically includes a mix of equities (stocks), fixed-income (bonds), and cash or cash equivalents, with the goal of providing steady growth while minimizing volatility. The exact allocation depends on the investor's risk tolerance, financial goals, and time horizon.
types of assets
cash
bonds
shares/stocks/equity
Scenario Planning :star_and_crescent:
Purpose:
Scenario planning helps organizations prepare for uncertain futures by exploring alternative scenarios and identifying strategies that work across multiple scenarios.
Process:
Involves identifying key drivers of change, imagining different futures, and developing strategies that are robust across various scenarios.
Application:
Used by companies like Shell to prepare for major market shifts (e.g., the 1973 oil crisis).
Guidelines
Identify assumptions, drivers, and uncertainties
Imagine plausible, but dramatically different, futures
Inhabit those futures
Isolate strategies that will be useful across multiple possible futures
Implement those strategies
Ingrain the strategies
Reputation and Risk: Social Responsibility
Reputation Risk:
Failure to meet stakeholder expectations can damage a company’s reputation, leading to financial and non-financial consequences (e.g., loss of customer trust, lower share prices).
CSR Measures:
Companies report on social responsibility metrics (e.g., carbon footprint, diversity, safety records) to demonstrate their commitment to ethical practices.
Example: Rio Tinto’s public apology for the destruction of Juukan Gorge highlights the importance of social responsibility in maintaining reputation.
Elements of CSR
Labour practices:
how people are treated, including health and safety, working hours and compensation
Human Rights:
how the company engages with human rights issues
The environment:
how the company impacts the environment, or may do in future
Fair operating practices:
designing business processes to ensure fair operating outcomes
Consumer issues:
how consumers are treated when they engage with the products or services that the firms produces حملية المستهلك
Diversity: use measures covering recruitment, promotion and/or redundancy equal pay based on gender, race, etc.
whistle-blowing activities (فتنه)
boeing
Ethical Decision Making: :confetti_ball:
Framework:
Ethical decision-making involves considering the consequences of decisions, alignment with corporate values, and the impact on stakeholders.
Sniff Tests
: Informal checks to ensure decisions align with ethical standards (e.g., "Would I be comfortable if this decision were publicized?").
doesn't smell bad
Ethical Decision-Making Diagram:
A structured process that includes preliminary decisions, sniff tests, and full ethical analysis before finalizing decisions.
RAAT
