Professional Documents
Culture Documents
Types of Risk
There are many different types of risk that risk management plans can mitigate.
Common risks include things like accidents in the workplace or fires, tornadoes,
earthquakes, and other natural disasters. It can also include legal risks like fraud, theft,
and sexual harassment lawsuits. Risks can also relate to business practices, uncertainty
in financial markets, failures in projects, credit risks, or the security and storage of data
and records.
Goals of Risk Management
The idea behind using risk management practices is to protect businesses from being
vulnerable. Many business risk management plans may focus on keeping the company
viable and reducing financial risks. However, risk management is also designed to
protect the employees, customers, and general public from negative events like fires or
acts of terrorism that may affect them. Risk management practices are also about
preserving the physical facilities, data, records, and physical assets a company owns or
uses.
In extreme cases, these risks can lead to heavy loss and even corporate
failure. Recent high-profile cases outlined in Table 1below), highlight
how poor-quality records and information, and the organizational
practices that lead to them, can expose an organization to risk. These
cases highlight the need for organizations to pay attention to records
and information related risks.
Aside from risk avoidance and control, however,
effective records and information risk management
can lead to improved performance of the
organization. Records and information risk
management initiatives are as much about identifying
and capitalizing on opportunities to manage
information strategically as they are about minimizing
risks and losses. Some of the ways in which a records
and information-related risk assessment can be used
to enhance an organization’s performance include:
Some of the ways in which a records and information-related risk assessment
can be used to enhance an organization’s performance include:
1)• More effective planning of records and information management
strategies and programs to ensure alignment with strategic business objectives
2)• Better control of records and information management costs
3)• Improved assessment and measurement of records and information
management functions
4)• Improved decision-making in the records and information management
arena
5)• Enhanced share value as a result of credible strategies to mitigate and
manage records and information related risks
6)• Improved compliance with records and information-related legal and
regulatory requirements
7)• Higher level of preparedness for outside regulatory review
8)• Minimized operational disruptions
9)• Improved management information
10)• Improved knowledge sharing throughout the organization
How should records and information risk management be administered within an
organization? Generally speaking, it should be fully integrated into the organization’s
enterprise-wide risk management program.
2)Roles and responsibilities for records and information risk management will be clearly
identified and will permeate all levels and locations of the organization.
3)Records and information risks will be highlighted in all training and development
initiatives.