[email protected] 0207 099 2420

Summary

Is your business ready to deal with unforeseen events? These can seriously impact your effectiveness and profitability. We have an approach that increases your ability to respond to the unknown as it happens.

Definition

What is risk? Risk is commonly understood to be the possibility of a harmful or disruptive event that leads to failure and/or losses. In the context of change and improvement though, there is another face to risk that of opportunity. Business change requires innovation, taking advantage of new opportunities and managing the risks involved. In this context then, and as defined by HM Treasury,

Her majesty's treasury“risk is defined as uncertainty of outcome, whether positive opportunity or negative threat, of actions and events. It is the combination of likelihood and impact, including perceived importance.”

Therefore Risk Management is the identification, quantification, assessment, prioritisation and assignment of ownership followed economical use of resources to take mitigating action to reduce, minimise, eliminate or anticipate them, and then to monitor and review status and to test preparedness.

Often risk management is seen as risk logs, risk reviews and some business continuity testing. However, good risk management is a way of life – it permeates the way activities are planned, resourced and managed. While it is impossible for organisations to remove all risk, it is important they properly understand and manage the risks to a determined level they are willing to accept in the context of the organisation’s overall corporate strategy. Inadequate risk management can result, as highlighted by Investopedia,

investopedia“in severe consequences for companies as well as individuals. For example, the recession that began in 2008 was largely caused by the loose credit risk management of financial firms.”

Our Approach

Risk causes are many. They may be caused by market disruptions, strategic failures, competitor activity, errors in design or development, failures in production or operations, legal or financial liabilities, credit risk, accidents, natural causes, disasters, epidemics, regulatory violations or misinterpretations, deliberate attacks, or any event of uncertain or unpredictable outcome. With such a diverse possibility of causes a systematic approach is required to manage risks effectively. That is why we have developed the Risk Management Framework© which has three parts to it:

  1. Risk Analysis
  2. Risk and Business Continuity Planning
  3. Risk Managing

Many risk causes will have similar consequences and therefore similar mitigation actions. This is why our risk management plan is not organised by the long list of risk causes but rather by the likely impacts at different time stages – project/programme, implementation/rollout, and BAU deployment. The plan is set out such that when a risk emerges and the likely impact is identified, the appropriate governance level is easily identified and engaged to review and authorise the mitigation actions. This approach limits surprises and because mitigation actions are predefined, response time is quick, therefore reducing downtime for resources and the likelihood of the impact growing.