RIZAL TECHNOLOGICAL UNIVERSITY

Boni, Mandaluyong City

Chapter 12: Practical Guidelines in Reducing and

Managing Business Risks
PICARRA, SHERILYN B CORPORATE GOVERNANCE, BUSINESS ETHICS& INTERNAL
CONTROL

CBET 01-201P REPORTING CONTENT & INFORMATION

PART 1:
 Understand the Nature of Risk
 Identify and Prioritize Risks
 Consider the Acceptable level of risk
 Understand why risks become reality
 Apply a simple risk management process
 Risk Assessment and analysis
 Risk management and control
 Avoiding and mitigating risks
 Create a Positive Climate for managing risk
 Overcoming the fear of risk

 Understand the Nature of Risk

 The willingness and readiness to take personal and financial risks is a defining
characteristic of the entrepreneurial decision-maker.
 Successful businessmen and decision-makers make sure that the risks resulting from
their decisions are measured, understood and as far as possible eliminated.
 They also go beyond the direct financial perspective and actively manage risk as it
affects the whole organization.
 Accepting that risks exist is a starting point for the actions needed, but the most
important is to create the right climate for risk management. People need to
understand why control systems are needed; this requires communication and
leadership skills so that standards and expectation are set and clearly understood.
  IDENTIFY AND PRIORITIZE RISKS
“To be alive at all involves some risk”
 Identification of significant risks both within and outside the Organization is crucial and
allows to make informed decisions. This makes it easier to avoid unnecessary surprises.
 Example of significant risks might be the loss of a major customer, the failure of a key
supplier or the appearance of a significant competitor.

• When identifying risks, it helps to define the categories into which they fall. This
allows for a more structured analysis and reduces the chances of a risk being
overlooked.

 CONSIDER THE ACCEPTABLE LEVEL OF RISK

 The usual first step is to determine the nature and extent of the risks the business will
accept. This involves assessing the likelihood of risk becoming reality and the effect they
would have if they did. Only when this is understood can measures be taken to minimize
the incidence and impact of such risks.
 There is also an opportunity cost associated with risk: avoiding a risk may mean avoiding
a potentially big opportunity.
 People can be too cautious and risk averse even though they are often at their best when
facing the pressure of risk deciding to take a more audacious approach.
 Sometimes the greater risk is to do nothing.

 UNDERSTAND WHY RISKS BECOME REALITY

Once risks are identified they can be ranked according to their potential impact and the
likelihood of them occurring.
 The five most significant types of Risk Catalyst:
• Technology – New hardware, software or system configurations can trigger risks, as can
new demands on existing information systems and technology. In early 2010, Metro
Manila Development Authority chair introduced a congestion change for traffic using the
centre of the City; the greatest threat to the scheme’s success and his tenure as chair was
posed by the use of new technology. It worked and the scheme was widely seen as a
success.

• Organizational Change – risks are triggered by, for example, new management structures
or reporting lines, new strategies and commercial agreements (including mergers, agency
or distribution agreements.

• Processes– New products, markets and acquisitions all cause change and can trigger
risks. The disastrous launch of “New Coke” by Coca- Cola was an even bigger risk than
anyone at the company had realized; it outraged Americans who felt angry that an iconic
US product was being changed. That Coca-Cola eventually turned the situation to its
advantage shows that can be managed and controlled, but such success is rare.

• People– Hiring new employees, losing key people, poor succession planning or weak
people management can all create dislocation, but the main danger is behavior:
everything from laziness to fraud, exhaustion and simple human error can trigger this
risk.
• External Factors– Changes to regulation and political, economic or social developments
can all affect strategic decisions by bringing to the surface risks that may have lain
hidden. The economic disruption caused by the sudden spread of the SARS epidemic
from China to the rest of Asia in 2003 highlights this risk.

o APPLY A SIMPLE RISK MANAGEMENT PROCESSS

The stages of managing the enterprise-wide risk inherent in decisions are simple.
• First – Assess and analyze the risks resulting from a decision by systematically
identifying and quantifying them.
• Second – Consider how best to avoid or mitigate them.
• Third- In parallel with the second stage, take action to manage control and monitor the
risks.

o RISK ASSESSMENT AND ANALYSIS

• It is more difficult to assess inherent in a business decision than to identify them. Risk
that lead frequent losses, such as an increasing incidence of employee- related problems
or difficulties with suppliers, can be solved using past experience.
• Unusual or infrequent losses are harder to quantify. Risks with little likelihood of
occurring in the next five years are not important company focused on meeting
shareholders’ shorter-term expectations.
• Thus, it is sensible to quantify the potential consequences of identified risks and then
define courses of action to remove or mitigate them.
• Each category of risk can be mapped in terms of both likely frequency and potential
impact, with the potential consequences being ranked on a scale ranging from
inconvenient to catastrophic.

 RISK MANAGEMENT AND CONTROL

 Risk should be actively managed and given a high priority across the whole organization.
Risk management procedures and techniques should be well documented, clearly
communicated, regularly reviewed and monitored.
 To successfully manage risks, you have to know what they are, what factors affect them
and their potential impact.

If you plot the ability to control a risk against its potential impact, as shown in the
figure next slide, you can decide on actions either to exercise greater control over
the risk or to mitigate its potential impact. Risks falling into the top-right quadrant
require urgent action, but those in the bottom right quadrant (total/significant control,
major/critical impact) should not be ignored because complacency, mistakes and a lack
of control can turn the risk into a reality.

 AVOIDING AND MITIGATING RISKS

• Start by reducing or eliminating those risks that results only in costs: the non-trading
risks.
• These can be thought of as the fixed costs of risk and might include property damage
risks, legal and contractual liabilities and business interruption risks.
• Reducing these risks can be achieved through quality assurance programs, environmental
control processes, enforcing health and safety regulations, installing accident prevention
and emergency equipment and training people to use it.
• Taking security measures to prevent crime, sabotage, espionage and threats to people and
systems. Reducing a risk may also mean that the cost of insuring against it goes down.

• Risks can be reduced or mitigated by sharing them.

• For example, acceptable service agreements from vendors are essential to reducing risk.
Joint ventures, licensing and agency agreements can also be used to mitigate risk. To
reduce the chances of things going wrong, focus on the quality of what people do- doing
the right things right reduces risks and cost.
• Risk management relies on accurate, timely information. Management information
systems should provide details of the likely areas of risk and the information needed to
control the risks.
• This information must reach the right people at the right time so that they can investigate
and take corrective action.

 CREATE A POSITIVE CLIMATE FOR MANAGING RISKS

• Recognizing the need to manage risk is not enough. The ethos of an organization should
recognize and reward behavior that manages risk.
• This requires a commitment by senior managers and the resources (including training) to
match.
• Too often, control systems are seen only as an additional overhead and not as something
that can add value by ensuring the effective use of assets, the avoidance of waste and the
success of key decisions.

 OVERCOMING THE FEAR OF RISKS

• Everyone accepts that taking risks is needed to keep ahead of the competition.
• Consequently, employees need to understand better what the real risks are, to share
responsibility for the risks being taken and to see risk as an opportunity.
• Understanding how organization manage risk effectively is important but managing risk
is only one possible strategy.
• Another approach is to look for ways to use the risk to achieve success by adding value
or outstripping competitors –or both.

Additional information:

 Tacit Knowledge- is the kind of knowledge that is difficult to transfer to another

person by means of writing it down or verbalizing it.

 Complacency- self-satisfaction especially when accompanied by unawareness of actual

dangers or deficiencies.
 Financial Risk- is the possibility of losing money on an investment or business venture.
It is also any of various types of risks associated with financing including financial
transaction that include company loans in risk of default.
 Treasury Risks- associated with the management of an enterprises’ holdings- ranging
from money market instruments through to equities trading.
 Fraud- is intentional deception to secure unfair or unlawful gain or to deprive a victim of
a legal right.
 Robustness of Information management system-
Robustness is attributed to financial markets that continue to perform despite alterations
in market conditions.
A system is robust if it can handle variability and remain effective.
 Opportunity Cost- is the loss or the benefit that could have been enjoyed if the best
alternative choice was chosen. As a representation of the relationship between scarcity
and choice, the objective of opportunity cost is to ensure efficient use of scarce resources.
 BEST WAYS TO AVOID OR MITIGATE RISKS
1.) Include risk management in your projects
2.) Communicate risk to others
3.) Prioritize risks
4.) Analyze risks
5.) Implement risk responses as early as possible.
6.) Track them down regularly.

Examples of unusual or infrequent items include gains or losses from a lawsuit,

losses or slowdown of operations due to natural disasters, restructuring costs, gains or
losses from the sale of assets, cost associated with acquiring another business, losses
from them the early retirement of debt and plant shutdown costs.

Espionage- the practice of spying or of using spies, typically by governments to

obtain political and military information.
Ethos- means an ethical appeal.
Bureaucratic- a system of administration marked by officialism.
Overhead- refers to the on-going business expenses not directly attributed to creating
a product or service.

Other information is mentioned on my reporting so pay attention.

Thank you! stay safe and God bless :”)