Professional Documents
Culture Documents
Discuss the risk management process used by the organization to control the
occurrence of risk
The risk management process is a framework for the actions that need to be taken. There are five
basic steps that are taken to manage risk; these steps are referred to as the risk management
process. It begins with identifying risks, goes on to analyze risks, then the risk is prioritized, a
solution is implemented, and finally, the risk is monitored. In manual systems, each step involves
a lot of documentation and administration. Now let’s look at how these steps are carried out in a
more digital environment.
Once a risk has been identified it needs to be analyzed. The scope of the risk must be determined.
It is also important to understand the link between the risk and different factors within the
organization. To determine the severity and seriousness of the risk it is necessary to see how
many business functions the risk affects. There are risks that can bring the whole business to a
standstill if actualized, while there are risks that will only be minor inconveniences in analyzed.
In a manual risk management environment, this analysis must be done manually. When a risk
management solution is implemented one of the most important basic steps is to map risks to
different documents, policies, procedures, and business processes. This means that the system
will already have a mapped risk framework that will evaluate risks and let you know the far-
reaching effects of each risk.
1
Step 3: Evaluate or Rank the Risk
Risks need to be ranked and prioritized. Most risk management solutions have different
categories of risks, depending on the severity of the risk. A risk that may cause some
inconvenience is rated lowly, risks that can result in catastrophic loss are rated the highest. It is
important to rank risks because it allows the organization to gain a holistic view of the risk
exposure of the whole organization. The business may be vulnerable to several low-level risks,
but it may not require upper management intervention. On the other hand, just one of the highest-
rated risks is enough to require immediate intervention.
Every risk needs to be eliminated or contained as much as possible. This is done by connecting
with the experts of the field to which the risk belongs to. In a manual environment, this entails
contacting each and every stakeholder and then setting up meetings so everyone can talk and
discuss the issues. The problem is that the discussion is broken into many different email threads,
across different documents and spreadsheets, and many different phone calls. In a risk
management solution, all the relevant stakeholders can be sent notifications from within the
system. The discussion regarding the risk and its possible solution can take place from within the
system. Upper management can also keep a close eye on the solutions being suggested and the
progress being made from within the system. Instead of everyone contacting each other to get
updates, everyone can get updates directly from within the risk management solution.
Not all risks can be eliminated – some risks are always present. Market risks and environmental
risks are just two examples of risks that always need to be monitored. Under manual systems
monitoring happens through diligent employees. These professionals must make sure that they
keep a close watch on all risk factors. Under a digital environment, the risk management system
monitors the entire risk framework of the organization. If any factor or risk changes, it is
immediately visible to everyone. Computers are also much better at continuously monitoring
risks than people. Monitoring risks also allows your business to ensure continuity.
2
Q.2. Discuss the risk management process used by the organization to control
the occurrence of risk
The existence of data on the historical frequency of hazards and their impact forms the
basis of a robust disaster management system. Meteorological records of daily ambient
temperatures or precipitation provide a record of weather and climatic patterns, and assist
in their classification as a potential risk to the population. Losses during a hot weather or
drought event are generally calculated in terms of their impact on human mortality and
morbidity, although environmental and ecological losses are also important in calculating
drought vulnerability. Observed trends in mortality and morbidity rates during heat waves
can be compared with data from preceding years to present an overview of the impact on
human health during a heat wave.
The presence of scientific mechanisms for predicting and monitoring the meteorological
occurrence of extreme heat or drought events is an important aspect of effective risk
management. Also important is the existence of a formal and predefined system of risk
communication, with both climate scientists and policy makers clear on a common
framework of risk classification for hazard events.
3
The identification and measurement of vulnerable individuals and groups in a particular
setting is key to an effective risk management system. Vulnerability to hazards can be
dynamic, and is seen to vary across social groups, physical space, and different scales. An
ongoing review of vulnerable populations is necessary for an effective risk management
system; however, general trends observed in historical data provide an overall picture of
those most at risk to hazards.
Discussions with experts and practitioners of risk management in London highlighted the
importance of disseminating public information before and during an extreme heat or
drought event. In most cases, risk to such hazards can be reduced through increased
alertness and taking simple “common sense” measures. Since drought and heatwave
vulnerability are mainly measured by their human impact, providing basic information on
risk identification can make it relatively easy to alleviate risk and exposure to such
hazards through encouraging minor behavioral changes, and makes public information
and community awareness critical in hazard risk management. This input variable is
important because it affects the degree of preparedness and risk identification that exists
at the local level.
Q.3. Mention briefly the basic approaches used by the organization to measure risks
in the organization
The risk management approach determines the processes, techniques, tools, and team roles and
responsibilities for a specific project. After the company's specific risks are identified and the
risk management process has been implemented, there are several different strategies companies
can take in regard to different types of risk:
4
Risk avoidance. While the complete elimination of all risk is rarely possible, a risk
avoidance strategy is designed to deflect as many threats as possible in order to avoid the
costly and disruptive consequences of a damaging event.
Risk reduction. Companies are sometimes able to reduce the amount of damage certain
risks can have on company processes. This is achieved by adjusting certain aspects of an
overall project plan or company process, or by reducing its scope.
Risk sharing. Sometimes, the consequences of a risk are shared, or distributed among
several of the project's participants or business departments. The risk could also be shared
with a third party, such as a vendor or business partner.
Risk retaining. Sometimes, companies decide a risk is worth it from a business
standpoint, and decide to keep the risk and deal with any potential fallout. Companies
will often retain a certain level of risk if a project's anticipated profit is greater than the
costs of its potential risk.