Professional Documents
Culture Documents
Final Exams
Exams Questions:
1. What are the processes of Risk Management? Explain your answer using a case study.
2. What are the procedures for implementing TQM and the barriers? Explain your answer.
1
Table of Contents
Page
1.0 Abstract .................................................................................................................................... 2
2.1 Introduction …………………………………………………………................................................................. 4
2.2 The Risks Management Process ............................................................................................... 4
3.1 Risks Management Techniques .................................................………………………………………...... 5
3.2 Definition of TQM ........................................................................................................ 6
3.3 Procedures for Implementing TQM ............................................................................... 5
4.1 Barriers to Implementing TQM ...................................................................................... 7
4.2 Conclusion ..................................................................................................................... 9
2
2.1 Introduction
In the face a volatile business world, the concept of risks has become extremely important to
business organizations. Various definitions have been proffered and various risks management
strategies suggested. In a more common sense, risk is when you take a chance at something which
can either turn out better for you or could result in negative outcome. In more technical term, risk is
the potential that a chosen action or activity (including the choice of inaction) will lead to loss
(which is an undesirable outcome). Whilst ISO 31000 (2009)/ISO Guide 73:2002 define risk as the
effect of an uncertainty on objectives, the IIA looks at risk as the possibility that an event will
occur, which will impact an organization's achievement of objectives. Risk taking remain a critical
component of every profit oriented business decision. Business managers need to weigh the
potential fallout of risky decisions and the consequence of not adopting a prudent risk mitigation
strategy. On the other hand, investors require some amount of guarantee that if they expose their
investments to an identified risks it will result to adequate returns on their investments (Merna,
2004).
3
a cost-effective way. An implementation of risk management practice can avoid a substantial
consequence of the failure to adequately identify and manage risk. In other words, identification and
assessment of risks within a system can play a vital role in planning effectively and strategically.
I would like to use my organization, the National Social Security and insurance Trust (NASSIT) as a
case study for this analysis. As a pension scheme, risk management process entails a description
of steps taken to identify, monitor and control. These steps is a dynamic process, which requires
the following:
Commitment at the highest level of the Organization
Trained and competent assessors and
Total involvement at all levels of the organization
Identify Risks
Evaluate Risks
Risks management begins with establishing the context of the risk assessment. In the risk management
framework, the context is commonly thought of as the opportunity, strategy, outcome or process in which
4
stakeholders want formal analysis and assurance. Context here refers to the level in which management
feels the need to set strategy and assess risk. For risk assessment, the context must reflect the economic
value of the organization and the business model for creating value.
– Avoidance: applying safeguards that eliminate or reduce the remaining uncontrolled risks
for the vulnerability.
– Transference: shifting the risk to other areas or to outside entities
– Mitigation: reducing the impact should the vulnerability be exploited
– Acceptance: understanding the consequences and accept the risk without control or
mitigation
Risk Avoidance is the risk control strategy that attempts to prevent the exploitation of the
vulnerability. Avoidance is accomplished through:
– Application of policy
– Application of training and education
– Countering threats
– Implementation of technical security controls and safeguards
Risks Transference is the control approach that attempts to shift the risk to other assets, other
processes, or other organizations may be accomplished by
– Rethinking how services are offered
– Revising deployment models
– Outsourcing to other organizations
– Purchasing insurance
– Implementing service contracts with providers
Risk Mitigation is the control approach that attempts to reduce, by means of planning and
preparation, the damage caused by the exploitation of vulnerability. This approach includes three
types of plans:
– Disaster recovery plan (DRP)
– Incident response plan (IRP)
– Business continuity plan (BCP)
Mitigation depends upon the ability to detect and respond to an attack as quickly as possible.
5
Acceptance is the choice to do nothing to protect an information asset and to accept the loss when it
occurs. This control, or lack of control, assumes that it may be a prudent business decision to
– Examine alternatives
– Conclude the cost of protecting an asset does not justify the security expenditure
Risk control involves selecting one of the four risk control strategies for the vulnerabilities present
within the organization. If the loss is within the range of losses the organization can absorb, or if the
attacker’s gain is less than expected costs of the attack, the organization may choose to accept the
risk. Otherwise, one of the other control strategies will have to be selected.
TECHNIQUE DESCRIPTION
6
of their operations, operational manuals, policies,
system documentation, etc.
Berry (1991) defined TQM process as a total corporate focus on meeting and exceeding customer’s
expectations and significantly reducing costs resulting from poor quality by adopting a new
management system and corporate culture. Quality management is a long-term process that relies
on relative achievements through continuous improvement. Successful TQM implementation can
only come from radically challenging and changing the culture of the organization (Zairi, 1996).
Therefore, one may say that TQM is a philosophy, concept and powerful management approach. It
involves management and empowerment of people in order to create satisfied customers and
improve organizational performance.
7
The starting stage in TQM implementation is to assess the organization’s current reality. Relevant
preconditions have to do with the organization’s history, its current needs, precipitating events
leading to TQM, and the existing employee quality of working life. If the current reality does not
include important preconditions, TQM implementation should be delayed until the organization is
in a state in which TQM is likely to succeed.
If an organization has a track record of effective responsiveness to the environment, and if it has
been able to successfully change the way it operates when needed, TQM will be easier to
implement. If an organization has been historically reactive and has no skill at improving its
operating systems, there will be both employee skepticism and a lack of skilled change agents. If
this condition prevails, a comprehensive program of management and leadership development may
be instituted. A management audit is a good assessment tool to identify current levels of
organizational functioning and areas in need of change. An organization should be basically healthy
before beginning TQM. If it has significant problems such as a very unstable funding base, weak
administrative systems, lack of managerial skill, or poor employee morale, TQM would not be
applicable.
Organizations that would like to be successful have figured out that customer satisfaction has a
direct impact on the bottom line and that creating a conducive environment which supports a quality
culture requires well structured and systematic process. Below are systematic steps to implementing
a quality management system that will help to bring the process full circle.
i. A Clear Vision
The staff of the organization need to know how their job is tied to organizational strategy and
objectives which makes it important that all employees understand where the organization is
heading to, what it hopes to accomplish and the operational principles (values) that will steer its
priorities and decision making. Having a process to educate employees during new employee
orientation and a communication process to help ensure that the mission, vision and value is always
in front of the people is a major first step.
8
Financial Performance
Customer Satisfaction
Process Improvement
Market Share
Employee Satisfaction
Product Quality
Employees
Customers
Suppliers
Vendors
Volunteers
9
mistake of thinking they know what is important to customers and ask the wrong survey questions.
This this type of feedback is obtained through customer focus groups.
Performance Management: Setting expectations, creating job descriptions that support the
vision and holding staff accountable.
10
Lack of team Work
High Employee Turnover
Poor Measurement Techniques
Focus on Short term profits
4.2 Conclusion
For any business to grow and remain afloat the market management style is a key and Risk
management is basically the management style of managing the risks. It is so important that most
central banks are currently replacing Prudential Regulations with Risk management guidelines. Risk
is inherent in every business and every organization has to manage it according to its size and
nature of operation because without it no organization can survive in long run.
Whilst risks management remain important, the overall management system in place for every
organization is ultimate. This is where the issue of Total Quality Management (TQM) comes into
play. The advantages of TQM have been widely discussed, but the challenges of implementation
have received little attention. There are important strategic and systematic approach to
implementing TQM. Among many others it is important to make sure employees understand the
5.0 References
Gilbert, G. (1992). “Quality Improvement in a Defense Organization.” Public Productivity and
Management Review.
Hyde, A. (1992). “The Proverbs of Total Quality Management: Re-charting the Path to Quality
Improvement in the Public Sector.” Public Productivity and Management Review.
Martin, L. (1993). “Total Quality Management in the Public Sector,” National Productivity Review
Swiss, J. (1992). “Adapting TQM to Government.” Public Administration Review
Tichey, N. (1983). Managing Strategic Change. New York: John Wiley & Sons.
Hill Stephen, 1991. “Why Quality Circles Failed but Total Quality Management Might Succeed.”
British Journal of Industrial Relations.
Ishikawa, K, 1985.What Is Total Quality Control? The Japanese Way. Englewood Cliffs, New
11
Jersey, Prentice- Hall.
Smith, AK, 1993. “Total Quality Management in the Public Sector.” Quality Progress, June 1993
12