RISK

MANAGEMENT
Tutorial 2
1. Why is risk management important in
the public sector?
■ Government Departments, Financial Institutions
■ Responsible for services such as Education, Healthcare, Regulation, Payment
■ Too big to fail because it affects the overall public welfare
– Unemployment
– Drop in living standard
– Inflation
■ Increasing expectation from stakeholder as society moves towards civilization
 2. Outline the 5 basis for poor risk
management

■ Focusing on inward facing project risks and without considering risks to the organization business as a
whole
■ Listing down the risks without prioritizing them or considering the extend to which risks are correlated
with each other
■ Failure to understand the ultimate risks of not meeting the business objectives
■ Depends on contract or penalty clauses to mitigate the risk
■ Failure to monitor the effectiveness of risk management process or no contingency plan
3. Discuss the role of corporate governance as the
proponent to good enterprise risk management system

■ Examination of recent developments in corporate governance reveals that they form

catalysts for and contribute to the current pressures on ERM.
■ It explains the expectations that shareholders have of boards of directors on the important
of ERM.
■ Besides, it also explains the approaches companies have adopted to risk management and
the extent of disclosure of risk management practice.
■ Corporate governance now forms an essential component of ERM because it provides the
top-down monitoring and management of risk management. It places responsibility on the
board for ensuring that appropriate systems and policies for risk management are in place.
■ Good board practices and corporate governance are crucial for effective ERM.
 4. Discuss the 6 features of effective risk
management
■ Risk management policies and benefits should be clearly communicated to all staff.
– Eg. Operational risk management; Quality risk management; hygiene risk management.
■ Senior management need to support and promote risk management.
– To ensure that management support and resources needs are meet as needed.
– Finance department - to ensure sufficient budget allocated for the implementation and installation.
■ The department’s culture should support nature of risk taking.
– Operation department – all worker closely followed the operation schedule
■ Risk management should be embedded in management processes.
– Finance department - cash flow management in decision making.
– Operation department – safety and hygiene management in operation process.
■ The management of risk should be closely linked to the achievement of objective.
– Organization goals is to maximize profit and cost efficiency.
– Operation department – more effective operation process; reduction in loss from damages.
■ Risks associated with other organizations should be also assessed and managed.
– Risk management should associated with third-parties.
– Eg. Suppliers – the quality of raw material.
5. State the 8 areas of ERM and explain
each area
6. What are the benefits of ERM?
Discuss.
7. Discuss the 7 steps in the risk
management process
■ Step 1: Establishing the context
– Establish the strategic, organizational and risk management context in which the
rest of the process will take place.
– Criteria against which risk will be evaluated should be established and the
structure of the analysis is defined.
■ Step 2: Risk Identification
– Identify what are the risk faced, how the risk arise, why the risk appear and when
the risk surface in order to form the basis for further analysis
7. Discuss the 7 steps in the risk
management process
■ Step 3 :Risk Analysis
– The analysis should consider the range of potential consequences and how likely
those consequences are to occur
– Consequence and likelihood may be combined to produce an estimated level of risk
■ Step 4 : Risk Evaluation
– In this step, a comparison is made on estimated risk against the pre-established
criteria. This enables risks to be ranked so as to identify management priorities
– If the levels of risk established are low, then risks may fall into an acceptable
category and treatment may not be required
7. Discuss the 7 steps in the risk
management process
■ Step 5 : Risk Treatment
– In this step, risk should be treated in term of priority, for example, accept those risk are low priority (i.e.
low risk & low impact).
* This stage requires the development of the risk management plan, and setting up of budgets for risk
funding.
■ Step 6 : Monitoring & Reviewing Risk
– Monitor and review the performance of the risk management system and changes which might affect it.
■ Step 7 : Communication & Consultation
– Communicate and consult with internal and external stakeholders as appropriate at each stage of the
risk management process and concerning the process as a whole.
– exp: when the risk registry is updated, policies revised and documented for the preparation of the next
risk management iteration.