FUNDAMENTAL OF RISK

MANAGEMENT
Dr. Josephine Adekola

Josephine.Adekola@gcu.ac.uk
Module Delivery Plan
Wee Pre-recorded lectures Online activities Lecturer
k Topic
No.
1 Introduction to Corporate Risk No seminar Josephine
Management
2 Risk Management Framework Online live Josephine

3 Risk Management in Practice – Online live Josephine

Guest lecture pre-recorded.
4 Business Continuity Planning Online live Josephine
5 Risk Identification Online live Taylor
6 Risk Analysis and Control Online live Taylor
Techniques
7 Monitoring and Reviewing Online live Taylor
8 When Risk Management Fails No seminar Coursework Taylor
one Test/Exam
9 Global Risk Issues Online live Sarah
10 Strategic Risk Management and Online live Sarah
ERM
11 Risk Culture and Leadership Online live Sarah
12 Course Work Two Review No seminar Sarah
page 2
Module Assessment
1. Course Work 01 30.00 35.00 Online Text/Exam
2. Course Work 02 70.00 35.00 Case Study Report
• Pass Mark 40% UG

Core text: Paul Hopkin, (2018). Fundamentals of Risk Management:

Understanding, Evaluating and Implementing Effective Risk
Management
Available online through GCU library

page 3
 Assessment1: Weighting 30%
Online exam – 24 hours

Assessment2: Weighting 70%

Individual Task – Critically discuss the following statement:
“Adherence to a risk management framework is an essential
requirement for modern organisations.”

page 4
Indicative Reading
Paul Hopkins (2018). Fundamentals of Risk Management: Understanding,
Evaluating and Implementing Effective Risk Management

Online sources:
• Chartered Insurance Institute: http://www.cii.co.uk
• Institute of Risk Management: http://irmqt.co.uk
• Association of Insurance & Risk Managers: http://www.airmic.com
• Health & Safety Executive: http://www.hse.gov.uk
• Financial Conduct Authority: http:// www.fca.gov.uk
• BBC: <http://www.bbc.co.uk>

page 5
Why talk about risk?
• Risk is something that we all face every day.
• Organizations take risks in pursuit of meeting set
objectives.
• To raise awareness that we all have to manage risk as
part of our daily working lives as well as personal.

page 6
What is a Risk?
• Risk is present in everything we do OR not do
• Anything that could harm, prevent, delay or enhance your ability to
achieve your objectives
• It is the UNCERTAINTY that surrounds future events and outcomes.
• ISO 31000, the international standard on risk management, defines it
this way:
Risk = the affect of uncertainty on your objectives.
• Risk can be a threat or an opportunity

https://www.youtube.com/watch?v=EREt_ZWSJgQ

page 7
 Other Pressures
• Greater transparency
• Better governance
• Better ethical standards
• Need for early warning systems
• Demands for higher quality services
• New legislation
• Systems reform/project management
Wrong assumptions about risk

• Risk is just something for finance and insurance to worry

about.
• Risk comes up on the agenda once a year.
• Risk management is just another layer of unnecessary
bureaucracy.
• Risk management is about downside not creation of value.
• Risk is a compliance issue.
What do we know about Risk Management?

 RM is part of our every day lives:

– Crossing the road - Risk of getting run-over
– Managing our finances – Risk of going broke
– Purchase of insurance – Risk of fire, theft, storm
– Choosing to smoke – Risk of cancer
– Going for a swim – Risk of drowning

 The choices we make in choosing to accept these risks is part of who we are

page 10
Definition of Risk Management

ISO / IRM:
Coordinated activities to direct and control an organization
with regards to risk. It generally includes risk:
– assessment,

– treatment,

– acceptance and

– Communication.

Contained in ISO 31,000

page 11
RM definition contd…

A process whereby organizations methodologically address

the risks associated with their activities with the goal of
achieving sustained benefit within each activity and across
the portfolio of all activities.

page 12
 Risk Management

International expectations are now that all organisations

should:
• Identify, evaluate and manage their key risks and assess
how they are controlled
• Ensure these are regularly reviewed on an appropriate
cyclical basis
• Have regular board level reviews of reports on risk
management and internal control
Risk Management
And that:
Risk management and internal control should be:
• Embedded in the operations of an organisation
• Capable of responding to the changing risks it faces
• Include procedures for reporting major weaknesses
immediately to appropriate levels of management
 Risk Management
In the UK all public bodies have been told:
• “…it is important that authorities have
arrangements in place for reviewing both
the nature and severity of risks…such a
review should not just be to “obvious
tangible” risks such as arson, vandalism and
other damage to property… risk
management should be an integral part of
an authority’s overall management
arrangements.”
 Risk Management
It went on to add:
“In order to be successful it is likely that the
approach will be cross-departmental and
inter-disciplinary and that senior
management will demonstrate
commitment.”
How does Risk Management help?

• Increase risk awareness & understanding

• Allows intelligent “informed” risk-taking.
• Focuses efforts –helps prioritize.
• Is proactive…. not reactive – Prepare for risks before they happen.
• Improve outcomes – achievement of objectives
• Enables accountability, transparency and responsibility
• And maybe even mean survival

page 17
Key Terms

• Risk – Exposure to chance of hazard

• Risk Level – A measure to represent the significance of the risk
• Controls – Action(s) that could eliminate or reduce the risk
level
• Residual Risk – Risk level after implementing controls
• Risk Response – An action on the risk, whether to accept, or
not to accept

page 18
Exercise - 1

• Think of a risk in your daily life

• Determine the probability of occurrence
• Make an assessment of an impact, if it occurs.

page 19
Who is involved?

 Customer
 End user
 Project Team
 Senior Management
 Related Project teams
 Vendors and suppliers

page 20
When?
A continuous process
•  Starts from proposal stage
•  Ends on project completion
Review stages
•  Business case analysis
•  Project approval
•  Project planning
•  Technology, Tools & Vendor selection
•  Project status reviews
•  Deployment and Maintenance

page 21
A Simple Framework

page 22
 End

page 23