Kannan Subbiah, profile picture
Uploaded byKannan Subbiah
PPT, PDF23,982 views

Introduction to risk management

Risk management is a critical process for any organization. It involves identifying potential risks, assessing their likelihood and impact, and developing strategies to mitigate negative risks and maximize opportunities. The document provides an overview of risk management concepts and best practices. It defines risk, discusses why risk management is important, and outlines the basic steps of the risk management process including identification, analysis, evaluation, and monitoring of risks. Various risk assessment and prioritization techniques are also presented. The goal of risk management is to increase awareness and preparedness so organizations can achieve their objectives and improve outcomes.

Embed presentation

Downloaded 1,040 times
Introduction to Risk Management Kannan Subbiah Director, Operations Knowledge Universe Technologies India 1
Objectives  Understanding Risk  Risk Management as a process  Exercise  Q&A 2
How to learn Risk Management?  http://www.youtube.com/watch?v=laKprX-HP94&feature=related 3
What is a Risk? A risk is ANYTHING that may affect the achievement of an organization’s objectives. It is the UNCERTAINTY that surrounds future events and outcomes. It is the expression of the likelihood and impact of an event with the potential to influence the achievement of an organization’s objectives. 4
Alternatively …  Risk is a potential event with negative consequences that had not happened yet  Could also be an event with positive consequences  A possibility of loss – not the loss itself  A source of problem  Find the root cause and not the leaves  Something that makes the project special  In the widest sense, everything is a risk  Helps identify better ways of handling problems 5
Why do we need Risk Management? The only alternative to risk management is crisis management --- and crisis management is much more expensive, time consuming and embarrassing. JAMES LAM, Enterprise Risk Management, Wiley Finance © 2003 Without good risk management practices, government cannot manage its resources effectively. Risk management means more than preparing for the worst; it also means taking advantage of opportunities to improve services or lower costs. Sheila Fraser, Auditor General of Canada 6
How does Risk Management help?  Increase risk awareness & understanding  Allows intelligent “informed” risk-taking.  Focuses efforts –helps prioritize.  Is proactive…. not reactive – Prepare for risks before they happen.  Improve outcomes – achievement of objectives  Enables accountability, transparency and responsibility  And maybe even mean survival 7
Key Terms  Risk – Exposure to chance of hazard  Risk Level – A measure to represent the significance of the risk  Controls – Action(s) that could eliminate or reduce the risk level  Residual Risk – Risk level after implementing controls  Risk Response – An action on the risk, whether to accept, or not to accept 8
Exercise - I  Think of a risk in your daily life  Determine the probability of occurrence  Make an assessment of an impact, if it occurs. 9
Who is involved?  Customer  End user  Project Team  Senior Management  Related Project teams  Vendors and suppliers 10
When?  A continuous process  Starts from proposal stage  Ends on project completion  Review stages  Business case analysis  Project approval  Project planning  Technology, Tools & Vendor selection  Project status reviews  Deployment and Maintenance 11
Risk Management Basics  Risk (uncertainty) may affect the achievement of objectives.  Effective mitigation strategies/controls can reduce negative risks or increase opportunities.  Residual risk is the level of risk after evaluating the effectiveness of controls.  Acceptance and action should be based on residual risk levels. INHEREN T 12
A Simple Framework Step 1 Step 2 Step 3 Step 4 Step 5 Assess Identify Evaluate Establish Risks & Monitor Risks & & Take Objectives Controls & Report Controls Action Communicate, learn, improve 13
Risk Identification Techniques  Brainstorming  Interviewing  Root cause analysis  Checklists  SWOT 14
Risk Management is critical to ALL levels of decisions UNCERTAINTY Strategic Decisions S trat egi c eg ic S trat Decisions transferring strategy into action e Pro g mm ra mme gra Pro Decisions required for implementation Pro jec l t& ona Op e ra ti r atio & Ope nal je ct Pr o Decisions can be categorized into three types. The amount of risk (uncertainty) varies with the type of decisions. Most decisions are concerned with implementation. The HM Treasury’s The Orange Book 15
Risk Environment External Risk Environment MOHLTC Extended Extended Enterprise P ep P u b ti la & er ns gu ws c lic o n t io Internal re La MOHLTC Risk Environment i c c/ O Go ol gi P at e rg ve y Or r a rn Pa iz at nito ni a tr ga S za nc rtn ion s ni s r t io e n o M i th e tr ie Es er M na - O l t ab s e c Co m al / plian F ina li s Le g h Evaluate ncia Outcomes Capacity Political Communication Communication Communication l & Learning & Learning & Learning T r c ou r na Ide an A c ove olo n sfe ntabi c e c hn a t i o gy G nt r P l i ty T e or m ay ify me f In n nt Assess & In l f orm na atio ra tio n Human O pe Resources io r at de ns ct ol pe eh T h nom E e x ta k co e y S LHINs Corporate Governance Requirements 16
Categorizing Risk – Comprehensive 1. Political or Reputational Risk 2. Financial Risk 3. Service Delivery or Operational Risk 4. People / HR Risk 5. Information/Knowledge Risk 6. Strategic / Policy Risk 7. Stakeholder Satisfaction / Public Perception Risk 8. Legal / Compliance Risk 9. Technology Risk 10. Governance / Organizational Risk 11. Privacy Risk 12. Security Risk 13. Equity Risk Slide 17 17
Risk Prioritization – likelihood and impact Likelihood of a risk event occurring Risk Impact: Level of damage that can occur when a risk event occurs  Very High: Is almost certain to occur  Very High: Threatens the success of the project  High: Is likely to occur  High: Substantial impact on time, cost or quality  Medium: Is as likely as not to occur  Medium: Notable impact on time, cost or quality  Low: May occur occasionally  Low: Minor impact on time, cost or quality  Very Low: Negligible impact  Very Low: Unlikely to occur Slide 18 18
Third dimension for rating risks - proximity  Immediate – now  Less than 6 months  Between 6-12 months  Between 12 – 24 months  Between 24 – 36 months  More than 36 months 19
Risk rating …Combining impact and likelihood RISK PRIORITIZATION MATRIX 5 RISK 4 IxL IMPACT RISK 3 IxL 2 RISK 1 IxL 1 2 3 4 5 LIKELIHOOD Slide 20 20
Risk reporting and communications Risk Level Action and Level of Involvement Required • Inform Chief Executive Officer and Board of Directors Critical Risk • Immediate action required • Inform Chief Executive Officer High Risk • Strategy Team involvement/attention is essential to manage risks – provide report to Board as appropriate • Management mitigation and ongoing monitoring required Moderate Risk • Inform relevant Strategy Team members • Accept, but monitor risks Low Risk • Manage by routine procedures within the program and site 21
22
Measure and report RM implementation progress • Advanced capabilities to identify, measure, manage all risk exposures within tolerances Excellent • Advanced implementation, development and execution of ERM parameters • Consistently optimizes risk adjusted returns throughout the organization • Clear vision of risk tolerance and overall risk profile • Risk control exceeds adequate for most major risks Strong • Has robust processes to identify and prepare for emerging risks • Incorporates risk management and decision making to optimize risk adjusted returns • Has fully functioning control systems in place for all of their major risks • May lack a robust process for identifying and preparing for emerging risks Adequate • Performing good classical “silo” based risk management • Not fully developed process to optimize risk adjusted returns • Incomplete control process for one or more major risks Weak • Inconsistent or limited capabilities to identify, measure or manage major risk exposures Source: Standard & Poor 23
The Cyclist and the Risk Manager 24
Exercise II – 15 minutes  Identify risks that the cyclists faces in cycling to work.  Report back. 25
Risks Threats: Opportunities:  Death  Exercise  Head Injury  Sunlight  Injury  Reputation  Reputation  Financial  Financial  Role model  Damage to the bike  Environment  Sunburn/frost bite 26
Mitigation Strategies for threats  Death, head injury, other injury – helmet, bright clothes, lights, bell, CANbike course, obeying traffic laws, positive attitude, anger management course  Reputation – great outfit, change of wrinkle-free clothes, shower, time management  Financial – high quality locks, “beater”, stopping at stop signs  Damage to the bike – regular maintenance, avoiding pot holes  Sunburn/frost bite – sunscreen, mittens, hats, token/change  Dehydration- filled water bottle 27
Acknowledgements  Practical approach to Risk Management - by Finance Management Institute, Toronto Chapter.  Introduction to Risk Management for Outsourcing projects - by Peter Kolb 28
Questions? 29

More Related Content

PDF
Risk Management Overview
byJIGNESH PADIA
 
PPT
Chapter 1 risk management (3)
byrafeeqameen
 
PPTX
Risk Management
bycgeorgeo
 
PPTX
Risk management
byAbhi Kalyan
 
PPT
Risk mangement
bycollege
 
PPTX
Risk management
bymamta bhaurya
 
PPTX
Risk Management
byKinza Razzaq
 
PPTX
Risk management
bybaderali2141
 
Risk Management Overview
byJIGNESH PADIA
 
Chapter 1 risk management (3)
byrafeeqameen
 
Risk Management
bycgeorgeo
 
Risk management
byAbhi Kalyan
 
Risk mangement
bycollege
 
Risk management
bymamta bhaurya
 
Risk Management
byKinza Razzaq
 
Risk management
bybaderali2141
 

What's hot

PPT
Risk Management (1) (1).ppt
byAjjuSingh2
 
PPTX
Risk culture presentation
byBenjamin Kpodo
 
PDF
Risk Management module PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Chapter2 risk management process
byDr Riyaz Muhmmad
 
PDF
Risk Management Process
byno suhaila
 
PDF
Risk Management Process And Procedures PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Risk management
byHarold Malamion
 
PDF
Risk strategies presentation
byRaven Morgan
 
PPT
Introduction to Risk Management
byFAA Safety Team Central Florida
 
PPT
Fundamentals Of Risk Management
byDr David Hancock
 
PDF
Risk Management Process Steps PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Chapter 1 risk management
byRione Drevale
 
PPT
Risk management: Principles, methodologies and techniques
byILRI
 
PPTX
Risk management
byAglaia Connect
 
PPTX
Risk management
byManish Tiwari
 
PPT
Risk Management Fundamentals
bymikaelastafrace
 
PDF
Risk management process
byeduCBA
 
PPTX
Risk Management
byStefan Csosz
 
PPT
Risk identification
bymurukkada
 
PPT
The importance of risk management in business
byr2financial
 
Risk Management (1) (1).ppt
byAjjuSingh2
 
Risk culture presentation
byBenjamin Kpodo
 
Risk Management module PowerPoint Presentation Slides
bySlideTeam
 
Chapter2 risk management process
byDr Riyaz Muhmmad
 
Risk Management Process
byno suhaila
 
Risk Management Process And Procedures PowerPoint Presentation Slides
bySlideTeam
 
Risk management
byHarold Malamion
 
Risk strategies presentation
byRaven Morgan
 
Introduction to Risk Management
byFAA Safety Team Central Florida
 
Fundamentals Of Risk Management
byDr David Hancock
 
Risk Management Process Steps PowerPoint Presentation Slides
bySlideTeam
 
Chapter 1 risk management
byRione Drevale
 
Risk management: Principles, methodologies and techniques
byILRI
 
Risk management
byAglaia Connect
 
Risk management
byManish Tiwari
 
Risk Management Fundamentals
bymikaelastafrace
 
Risk management process
byeduCBA
 
Risk Management
byStefan Csosz
 
Risk identification
bymurukkada
 
The importance of risk management in business
byr2financial
 

Viewers also liked

PPTX
Risk types
bysai precious
 
PDF
Risk Management and Insurance
byJohn Daniel
 
PPT
Rejda chapter 1 slides risk and its treatment
bynlmccready
 
PDF
Understaning Risk
byWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 
PPT
Introduction portfolio management
byNoorulhadi Qureshi
 
PPT
Introduction to Portfolio Management
byKhader Shaik
 
PDF
Types of-risk
byDr. Ravneet Kaur
 
PPTX
Portfolio mangement
byPolite Man
 
PPT
An Introduction To Risk Management Professional Societies
bymkaufer
 
PPTX
Diversification and Economic Development
byDany Bahar
 
PPTX
Introduction to risk management
byAnilkumar Garag
 
PPT
Hedging with currency option
byStudsPlanet.com
 
PDF
Spreading the risk, piling up the opportunities - offshore wind diversification
byStephenGeoMills
 
PDF
RBG Communiversity Concepts in African-Centered Psychology, Two Pivotal Essays
byRBG Communiversity
 
DOCX
Subjects covered
byXander Horn
 
PDF
The Newest Element of Risk Metrics: Social Media
byPriyanka Aash
 
PPTX
An Introduction to Risk - by Vikram Sankhala
byVikram Sankhala IIT, IIM, Ex IRS, FRM, Fin.Engr
 
PPT
Introduction Risk Management
bywfth
 
Risk types
bysai precious
 
Risk Management and Insurance
byJohn Daniel
 
Rejda chapter 1 slides risk and its treatment
bynlmccready
 
Understaning Risk
byWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 
Introduction portfolio management
byNoorulhadi Qureshi
 
Introduction to Portfolio Management
byKhader Shaik
 
Types of-risk
byDr. Ravneet Kaur
 
Portfolio mangement
byPolite Man
 
An Introduction To Risk Management Professional Societies
bymkaufer
 
Diversification and Economic Development
byDany Bahar
 
Introduction to risk management
byAnilkumar Garag
 
Hedging with currency option
byStudsPlanet.com
 
Spreading the risk, piling up the opportunities - offshore wind diversification
byStephenGeoMills
 
RBG Communiversity Concepts in African-Centered Psychology, Two Pivotal Essays
byRBG Communiversity
 
Subjects covered
byXander Horn
 
The Newest Element of Risk Metrics: Social Media
byPriyanka Aash
 
An Introduction to Risk - by Vikram Sankhala
byVikram Sankhala IIT, IIM, Ex IRS, FRM, Fin.Engr
 
Introduction Risk Management
bywfth
 

Similar to Introduction to risk management

PDF
Project Management Risks Review
byDavid Tennant
 
PPT
Social Enterprise Learning Toolkit (Risk Management Module)
byEnterprising Non-Profits
 
PPT
Erm
byPankaj Kumar Kar
 
PDF
Risk leadership perspectives Risk Manager of the Year
byKarl Davey
 
PDF
Presentation qrm shc
byPeter Schellinck
 
PDF
Microsoft Power Point Simon Final
byguesta09d518
 
PPT
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
byprosenzw69
 
PPT
Enterprise risk-mgmt[1]
byartipradhan
 
PPT
Social Enterprise Learning Toolkit (Risk Management Module)
byEnterprising Non-Profits
 
PPTX
2013 SOPAC presentation understanding hidden risks
byKarl Davey
 
PPTX
Business continuity management fundamentals update
byExo Futures
 
PPTX
Engineering Symposium
byDean Eddy
 
PDF
Managing Risk in e-Learning
byKnowledgeWorking
 
PDF
Risk Health Check
byLjuba Bogdanovich
 
PPTX
SagaciousThink Overview
byLouAnn Conner
 
PDF
SAP Inside Track 2012 enterprise risk management newman v fx
byWilliam Newman
 
PDF
From technology risk_to_enterprise_risk_the_new_frontier
byRamsés Gallego
 
PPTX
Engineering Symposium
byDean Eddy
 
PPTX
Engineering symposium
byAdminatenhance
 
PDF
Whitepaper: Effective Risk Management – Substance over Form
byCBIZ, Inc.
 
Project Management Risks Review
byDavid Tennant
 
Social Enterprise Learning Toolkit (Risk Management Module)
byEnterprising Non-Profits
 
Erm
byPankaj Kumar Kar
 
Risk leadership perspectives Risk Manager of the Year
byKarl Davey
 
Presentation qrm shc
byPeter Schellinck
 
Microsoft Power Point Simon Final
byguesta09d518
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
byprosenzw69
 
Enterprise risk-mgmt[1]
byartipradhan
 
Social Enterprise Learning Toolkit (Risk Management Module)
byEnterprising Non-Profits
 
2013 SOPAC presentation understanding hidden risks
byKarl Davey
 
Business continuity management fundamentals update
byExo Futures
 
Engineering Symposium
byDean Eddy
 
Managing Risk in e-Learning
byKnowledgeWorking
 
Risk Health Check
byLjuba Bogdanovich
 
SagaciousThink Overview
byLouAnn Conner
 
SAP Inside Track 2012 enterprise risk management newman v fx
byWilliam Newman
 
From technology risk_to_enterprise_risk_the_new_frontier
byRamsés Gallego
 
Engineering Symposium
byDean Eddy
 
Engineering symposium
byAdminatenhance
 
Whitepaper: Effective Risk Management – Substance over Form
byCBIZ, Inc.
 

More from Kannan Subbiah

PPTX
Disruptive Technologies – a closer look
byKannan Subbiah
 
PPTX
Developing & Deploying Effective Data Governance Framework
byKannan Subbiah
 
PPTX
Implementing an Effective Third-party & Vendor Risk Management Program
byKannan Subbiah
 
PPTX
SaaS Challenges & Security Concerns
byKannan Subbiah
 
PPTX
Cyber fraud and Security - What risks does family office's face in today's wo...
byKannan Subbiah
 
PPTX
Globalization & internationalization
byKannan Subbiah
 
PPTX
Cloud computing – An Overview
byKannan Subbiah
 
PPTX
Social Computing – The Promise And The Perils Final
byKannan Subbiah
 
PPTX
EAI Best Practices
byKannan Subbiah
 
Disruptive Technologies – a closer look
byKannan Subbiah
 
Developing & Deploying Effective Data Governance Framework
byKannan Subbiah
 
Implementing an Effective Third-party & Vendor Risk Management Program
byKannan Subbiah
 
SaaS Challenges & Security Concerns
byKannan Subbiah
 
Cyber fraud and Security - What risks does family office's face in today's wo...
byKannan Subbiah
 
Globalization & internationalization
byKannan Subbiah
 
Cloud computing – An Overview
byKannan Subbiah
 
Social Computing – The Promise And The Perils Final
byKannan Subbiah
 
EAI Best Practices
byKannan Subbiah
 

Recently uploaded

PPT
Business Management and Preactices - BMP - Unit Two.ppt
byVinuthPaul
 
PDF
20251106-collective-pensions-with-investment-choice-ppi-kcl-nuffield.pdf
byHenry Tapper
 
PPTX
Business management and practices unit 1
byVinuthPaul
 
PDF
Rural Frontier Entrepreneurship Presentation for NOVA Entrepreneur Center
byPayson Johnston
 
PDF
Buy Verified Western Union Accounts 2025.pdf
byusatrustacc3
 
PDF
how to besst top Buy Instagram Accounts (1).pdf
byjtjf0730
 
DOCX
_how best to// top Buy Onlyfans Accounts.docx
bygvd2437
 
PDF
20251106-ppi-press-release-collective-pensions-with-investment-choice.pdf
byHenry Tapper
 
DOCX
Buy Verified Western Union Accounts 2025.docx
byusatrustacc3
 
PDF
China to Europe Import Solutions for European Clients
byIreland in China
 
PDF
Salesforce Project Management & Business Analysis Panel Discussion on 11/5/2025
byMichael Orias
 
PDF
business-leader-letter-to-the-chancellor-06-11-2025_v2.pdf
byHenry Tapper
 
PDF
Stephen Tiller Bahamas - A Seasoned Leader In Real Estate
byStephen Tiller Bahamas
 
PDF
Event Report - SAP TechEd 2025 - Good progress on AI + Data & good news for ...
byHolger Mueller
 
DOCX
Top 3 Places to Buy Verified Binance Account Instantly.docx
bybusiness Guige Usaallhub
 
PDF
A Brief Introduction About Raman Bhaumik Plano
byRaman Bhaumik Plano
 
DOCX
Buying Old Facebook Accounts_ Introduction & Purpose.docx
byMarketing and Business
 
PDF
ACEN Nov. 2025 General Meeting. The video is online at the ACEN Substack page
byMark Rauterkus
 
PDF
Buy Verified Apple Pay Accounts in 2025.pdf
bycgvcr34cbd
 
PDF
David Slone Denver - A Respected Mentor
byDavid Slone Denver
 
Business Management and Preactices - BMP - Unit Two.ppt
byVinuthPaul
 
20251106-collective-pensions-with-investment-choice-ppi-kcl-nuffield.pdf
byHenry Tapper
 
Business management and practices unit 1
byVinuthPaul
 
Rural Frontier Entrepreneurship Presentation for NOVA Entrepreneur Center
byPayson Johnston
 
Buy Verified Western Union Accounts 2025.pdf
byusatrustacc3
 
how to besst top Buy Instagram Accounts (1).pdf
byjtjf0730
 
_how best to// top Buy Onlyfans Accounts.docx
bygvd2437
 
20251106-ppi-press-release-collective-pensions-with-investment-choice.pdf
byHenry Tapper
 
Buy Verified Western Union Accounts 2025.docx
byusatrustacc3
 
China to Europe Import Solutions for European Clients
byIreland in China
 
Salesforce Project Management & Business Analysis Panel Discussion on 11/5/2025
byMichael Orias
 
business-leader-letter-to-the-chancellor-06-11-2025_v2.pdf
byHenry Tapper
 
Stephen Tiller Bahamas - A Seasoned Leader In Real Estate
byStephen Tiller Bahamas
 
Event Report - SAP TechEd 2025 - Good progress on AI + Data & good news for ...
byHolger Mueller
 
Top 3 Places to Buy Verified Binance Account Instantly.docx
bybusiness Guige Usaallhub
 
A Brief Introduction About Raman Bhaumik Plano
byRaman Bhaumik Plano
 
Buying Old Facebook Accounts_ Introduction & Purpose.docx
byMarketing and Business
 
ACEN Nov. 2025 General Meeting. The video is online at the ACEN Substack page
byMark Rauterkus
 
Buy Verified Apple Pay Accounts in 2025.pdf
bycgvcr34cbd
 
David Slone Denver - A Respected Mentor
byDavid Slone Denver
 

Introduction to risk management

  • 1.
    Introduction to Risk Management Kannan Subbiah Director, Operations Knowledge Universe Technologies India 1
  • 2.
    Objectives  Understanding Risk Risk Management as a process  Exercise  Q&A 2
  • 3.
    How to learnRisk Management?  http://www.youtube.com/watch?v=laKprX-HP94&feature=related 3
  • 4.
    What is aRisk? A risk is ANYTHING that may affect the achievement of an organization’s objectives. It is the UNCERTAINTY that surrounds future events and outcomes. It is the expression of the likelihood and impact of an event with the potential to influence the achievement of an organization’s objectives. 4
  • 5.
    Alternatively …  Riskis a potential event with negative consequences that had not happened yet  Could also be an event with positive consequences  A possibility of loss – not the loss itself  A source of problem  Find the root cause and not the leaves  Something that makes the project special  In the widest sense, everything is a risk  Helps identify better ways of handling problems 5
  • 6.
    Why do weneed Risk Management? The only alternative to risk management is crisis management --- and crisis management is much more expensive, time consuming and embarrassing. JAMES LAM, Enterprise Risk Management, Wiley Finance © 2003 Without good risk management practices, government cannot manage its resources effectively. Risk management means more than preparing for the worst; it also means taking advantage of opportunities to improve services or lower costs. Sheila Fraser, Auditor General of Canada 6
  • 7.
    How does RiskManagement help?  Increase risk awareness & understanding  Allows intelligent “informed” risk-taking.  Focuses efforts –helps prioritize.  Is proactive…. not reactive – Prepare for risks before they happen.  Improve outcomes – achievement of objectives  Enables accountability, transparency and responsibility  And maybe even mean survival 7
  • 8.
    Key Terms  Risk– Exposure to chance of hazard  Risk Level – A measure to represent the significance of the risk  Controls – Action(s) that could eliminate or reduce the risk level  Residual Risk – Risk level after implementing controls  Risk Response – An action on the risk, whether to accept, or not to accept 8
  • 9.
    Exercise - I Think of a risk in your daily life  Determine the probability of occurrence  Make an assessment of an impact, if it occurs. 9
  • 10.
    Who is involved? Customer  End user  Project Team  Senior Management  Related Project teams  Vendors and suppliers 10
  • 11.
    When?  A continuousprocess  Starts from proposal stage  Ends on project completion  Review stages  Business case analysis  Project approval  Project planning  Technology, Tools & Vendor selection  Project status reviews  Deployment and Maintenance 11
  • 12.
    Risk Management Basics  Risk (uncertainty) may affect the achievement of objectives.  Effective mitigation strategies/controls can reduce negative risks or increase opportunities.  Residual risk is the level of risk after evaluating the effectiveness of controls.  Acceptance and action should be based on residual risk levels. INHEREN T 12
  • 13.
    A Simple Framework Step1 Step 2 Step 3 Step 4 Step 5 Assess Identify Evaluate Establish Risks & Monitor Risks & & Take Objectives Controls & Report Controls Action Communicate, learn, improve 13
  • 14.
    Risk Identification Techniques Brainstorming  Interviewing  Root cause analysis  Checklists  SWOT 14
  • 15.
    Risk Management iscritical to ALL levels of decisions UNCERTAINTY Strategic Decisions S trat egi c eg ic S trat Decisions transferring strategy into action e Pro g mm ra mme gra Pro Decisions required for implementation Pro jec l t& ona Op e ra ti r atio & Ope nal je ct Pr o Decisions can be categorized into three types. The amount of risk (uncertainty) varies with the type of decisions. Most decisions are concerned with implementation. The HM Treasury’s The Orange Book 15
  • 16.
    Risk Environment External Risk Environment MOHLTC Extended Extended Enterprise P ep P u b ti la & er ns gu ws c lic o n t io Internal re La MOHLTC Risk Environment i c c/ O Go ol gi P at e rg ve y Or r a rn Pa iz at nito ni a tr ga S za nc rtn ion s ni s r t io e n o M i th e tr ie Es er M na - O l t ab s e c Co m al / plian F ina li s Le g h Evaluate ncia Outcomes Capacity Political Communication Communication Communication l & Learning & Learning & Learning T r c ou r na Ide an A c ove olo n sfe ntabi c e c hn a t i o gy G nt r P l i ty T e or m ay ify me f In n nt Assess & In l f orm na atio ra tio n Human O pe Resources io r at de ns ct ol pe eh T h nom E e x ta k co e y S LHINs Corporate Governance Requirements 16
  • 17.
    Categorizing Risk –Comprehensive 1. Political or Reputational Risk 2. Financial Risk 3. Service Delivery or Operational Risk 4. People / HR Risk 5. Information/Knowledge Risk 6. Strategic / Policy Risk 7. Stakeholder Satisfaction / Public Perception Risk 8. Legal / Compliance Risk 9. Technology Risk 10. Governance / Organizational Risk 11. Privacy Risk 12. Security Risk 13. Equity Risk Slide 17 17
  • 18.
    Risk Prioritization –likelihood and impact Likelihood of a risk event occurring Risk Impact: Level of damage that can occur when a risk event occurs  Very High: Is almost certain to occur  Very High: Threatens the success of the project  High: Is likely to occur  High: Substantial impact on time, cost or quality  Medium: Is as likely as not to occur  Medium: Notable impact on time, cost or quality  Low: May occur occasionally  Low: Minor impact on time, cost or quality  Very Low: Negligible impact  Very Low: Unlikely to occur Slide 18 18
  • 19.
    Third dimension forrating risks - proximity  Immediate – now  Less than 6 months  Between 6-12 months  Between 12 – 24 months  Between 24 – 36 months  More than 36 months 19
  • 20.
    Risk rating …Combining impactand likelihood RISK PRIORITIZATION MATRIX 5 RISK 4 IxL IMPACT RISK 3 IxL 2 RISK 1 IxL 1 2 3 4 5 LIKELIHOOD Slide 20 20
  • 21.
    Risk reporting andcommunications Risk Level Action and Level of Involvement Required • Inform Chief Executive Officer and Board of Directors Critical Risk • Immediate action required • Inform Chief Executive Officer High Risk • Strategy Team involvement/attention is essential to manage risks – provide report to Board as appropriate • Management mitigation and ongoing monitoring required Moderate Risk • Inform relevant Strategy Team members • Accept, but monitor risks Low Risk • Manage by routine procedures within the program and site 21
  • 22.
  • 23.
    Measure and reportRM implementation progress • Advanced capabilities to identify, measure, manage all risk exposures within tolerances Excellent • Advanced implementation, development and execution of ERM parameters • Consistently optimizes risk adjusted returns throughout the organization • Clear vision of risk tolerance and overall risk profile • Risk control exceeds adequate for most major risks Strong • Has robust processes to identify and prepare for emerging risks • Incorporates risk management and decision making to optimize risk adjusted returns • Has fully functioning control systems in place for all of their major risks • May lack a robust process for identifying and preparing for emerging risks Adequate • Performing good classical “silo” based risk management • Not fully developed process to optimize risk adjusted returns • Incomplete control process for one or more major risks Weak • Inconsistent or limited capabilities to identify, measure or manage major risk exposures Source: Standard & Poor 23
  • 24.
    The Cyclist andthe Risk Manager 24
  • 25.
    Exercise II –15 minutes  Identify risks that the cyclists faces in cycling to work.  Report back. 25
  • 26.
    Risks Threats: Opportunities:  Death  Exercise  Head Injury  Sunlight  Injury  Reputation  Reputation  Financial  Financial  Role model  Damage to the bike  Environment  Sunburn/frost bite 26
  • 27.
    Mitigation Strategies forthreats  Death, head injury, other injury – helmet, bright clothes, lights, bell, CANbike course, obeying traffic laws, positive attitude, anger management course  Reputation – great outfit, change of wrinkle-free clothes, shower, time management  Financial – high quality locks, “beater”, stopping at stop signs  Damage to the bike – regular maintenance, avoiding pot holes  Sunburn/frost bite – sunscreen, mittens, hats, token/change  Dehydration- filled water bottle 27
  • 28.
    Acknowledgements  Practical approachto Risk Management - by Finance Management Institute, Toronto Chapter.  Introduction to Risk Management for Outsourcing projects - by Peter Kolb 28
  • 29.

Editor's Notes

  • #18 1. Financial Risk - The risk of financial losses, overspending, or the inability to meet budgets and plans. 2. Service Delivery or Operational Risk - The risk that products or services will not get completed or delivered in a timely manner as expected. This also includes risks to business continuity. 3. People / HR Risk - The risk that capable & motivated staff will not be available to get the job done. This could be the result of resignations, turnovers, inability to hire, lack of skills, strikes, injury etc. 4. Information Risk - The risk that information produced, or used, is incomplete, out-of-date, inaccurate, irrelevant, or inappropriately disclosed 5. Strategic / Policy Risk -The risk that strategies and policies fail to achieve required results 6. Stakeholder Satisfaction / Public Perception Risk - The risk of failure to meet expectations of the public, other governments, ministries, or other stakeholders 7. Legal / Compliance Risk - The risk that a government initiative, or action, will be in breach of a statute, regulation, contract, MOU, or that the government will face litigation 8. Technology Risks - Risk that information technology infrastructure does not align with business requirements, and does not support availability, access, integrity, relevance, and security of data. This also includes risks to business continuity 9. Governance / Organizational Risk - Risk that the organization structure, accountabilities, or responsibilities are not designed, communicated, or implemented to meet the organization’s objectives, and the risk that business culture and management commitment does not support the formal structures 10. Privacy Risk - Risk that associated with the collection, use and disclosure of personal information and personal health information. 11. Security Risk - Risk that is associated with the protection of confidentiality, integrity, availability and value of assets (tangible and intangible) and people.
  • #19 In phase I we facilitated a number of IRM activities. Here are three examples: Oak Ridge Facility at the Mental Health Centre Penetanguishene Colorectal Cancer Screening Program LHIN Readiness I and II These 3 examples showed us how we could implement IRM. Sharon Zwicker told us: put in quote Marsha Barnes told us: put in quote Gail Paech told us: put in quote Carrie Hayward told us: put in quote
  • #21 In phase I we facilitated a number of IRM activities. Here are three examples: Oak Ridge Facility at the Mental Health Centre Penetanguishene Colorectal Cancer Screening Program LHIN Readiness I and II These 3 examples showed us how we could implement IRM. Sharon Zwicker told us: put in quote Marsha Barnes told us: put in quote Gail Paech told us: put in quote Carrie Hayward told us: put in quote
  • #27 Statistics from Transport Canada Most Canadian deaths were unhelmeted riders. Transport Canada statistics show that 88 per cent of the 80 cyclists who died nationwide in 2001 were not wearing helmets.
  • #28 Statistics from Transport Canada Most Canadian deaths were unhelmeted riders. Transport Canada statistics show that 88 per cent of the 80 cyclists who died nationwide in 2001 were not wearing helmets.