Category: Risk

The Factors of Risk Taking Behavior

Risk taking behaviors is something that follows us throughout life but especially when we start to become more independent and seek more mature fun rather than toys that we played with as a kid. Although this so called ‘fun’ seems enjoyable it can become dangerous for many people and lead to death if not treated maturely or don’t take the correct precautionary. This may include smoking, alcohol and unsafe sex. All of these can lead to devesting results that can affect you for life.

Smoking

Smoking is a type of risk-taking behaviors that many young teenagers and young adults take for a plethora of reasons. Some may include looking cool, to feel relaxed, to less stressed and to remain calm in stressful situations. Although all these effects only last for a short period of time and after that’s ended a feeling makes you go back for another one to reach that ‘amazing’ feeling again. This may sound great, but the contents of a cigarette can lead to life threating dieses like multiple types of cancer, heart dieses, stroke and Aortic Aneurysm to name a few. The worst part of a cigarette is chemicals inside the it makes you keep going back for another cigarette even if you want to stop it is very hard and takes a lot of effort. Even if they stop for a period the chance of returning to smoking are high. This is because the sensation stays with you for life and will always affect you. This is most notable as 8 million people die to smoking every year which is horridness. Not to mention when we smoke, we are also affecting other as they are breathing in the smoke which can potentially lead to dieses as bad as smoking a cigarette. All these effects are not worth the benefits and will leave you not living a very long life for your family or your children. Although there are many mental and physical strategies that people have developed over the years including remind yourself or think about why you want to quit smoking whether its for your children or for your health. Try to reduce stress within your daily life as a smoke helps reduce stress and if there is very little stress to relived then our craving for a cigarette is reduced. Another strategy is to find a health habitat to distract yourself from smoking. Finally, if you are craving a cigarette find something to do with your hands.

Alcohol

Alcohol is a very common risk-taking behavior that occurs in many adults, young adults and teenagers that is done for many reasons such as it is a depressant therefore people don’t think to second guess there thoughts and just roll with it which can give them confidence to talk to girls or to make friends with people that they wouldn’t normally talk to if they weren’t under the influence of alcohol. It also makes us forget about stressful problems back at home or issues that have to do with family members. There are 6 types of alcohol each including beer, ciders, fortified wine, distilled drinks (spirits), table wines and liqueurs each one being stronger than the other. Although this sounds great and it has many negatives which can lead to major injures or possible death. This is because when we don’t second guess our thoughts it can help us but can lead us to dangerous scenarios such as drink driving which can lead even more issues like loss of licenses or car accidents, unnecessary fights, swing from objects and much more. But it doesn’t only effect what we do and think it can affect organs in our body especially our liver if over worked with a plethora of alcohol. It can also leave us vomiting or possibly passed out. An example of this was a famous Football star that had a great career but was ruined by the influence of alcohol constantly leaving him to have 2 liver replacements. He died young as a cause of another liver replacement. Luckily there are many strategies that we can use to prevent this from happening such before and after you have drinks each food as it helps absorb parts of alcohol in the digestive system. Also drink slowly is so then there isn’t time for heaps of drinks and the less drink you have the more likely you are to assess the scenario and decide whether its safe or unsafe.

Unsafe Sex

Unsafe sex is an action where the appropriate precautionary aren’t met during sexual intercourse. This can be intentional to reproduce but most times it’s out of laziness or are unaware of the possible consequences that can happen after sexual intercourse. Some of these may include STI which can affect your health permanently of for a period of time. Another major effect of unsafe sex is an unwanted baby which can lead to depression whether you keep the baby or have an abortion. It can also place stress on you and your family as you weren’t ready or mature enough to own a baby or didn’t get to live life and experience the things that you wanted to do as a young adult or a teenager leaving you stuck and locked in for the rest of your life. Depending on the family, children may be disowned or kicked out for these actions which can affecting the victim heavily again with stress and depression. Furthermore, depression and an overload of stress also leads to suicide attempts or death. This is all if the victim keeps the baby. But if they have an abortion the victim can be left thinking did, I make the correct decision? Should I have kept it? Am I a bad person? This most likely stays with you for the rest of your live and again may put you into a depression state. All of this can be prevented by using different types of contraception such as condoms. But if it has happened try to surround yourself with people that you love and will support you.

In conclusion as you can see risk taking behaviors can lead you into bad scenario where it can be potentially life threatening. Although some of these behaviors can be made much safer if done in a more sensible way and before doing it thinking about the consequences then weighting them up against the benefits.

Analytical Essay on the Administration of Business Risk

The administration of business risk is the progression of identifying threats, risk assessments and prevention, and controlling/minimizing the threat of these risks and having action plans in place should these events happen. Developing approaches to manage risks helps maintain a business continuity plan.

Reference BS 31100:2011 Code of Practice and Guidance; This book offers guidance to help management’s strategic understanding of risk and support decision making that ensures best practice. It provides practical and specific recommendations on how to implement key principles of a defined risk management process, which can be tailored to different types of businesses and to varying groups within an organization, helping to increase consistency and improve communication, as per the guidance of the international standard BS ISO 31000. It provides direction on how companies can integrate risk-based decision making into the organisation’s governance, preparation, management, reporting, policies, values and culture. It is an open, principle based system, meaning it allows organisations to apply the principles in the standard to the organisational context.

Risk is a necessary part of undertaking business, and in a world where enormous amounts of data are being processed at increasingly rapid rates, identifying and mitigating risks is a challenge for anyone. Some indemnity companies insist of clear evidence such as ISO 31000 which shows that business risk have been seriously assessed.

Another standard is BS 7799-2 this is regarding Plan to do It check List. I have used this as part of my monitoring of a risk plan. This standard has now been removed, it aligns with ISO/IEC 27001:2005 but you can see the benefit of it, it is a simple four phase model, of plan, do, check and act. Continued cycle. It is a good process for continuous improvement which is all about business risk. On the negative side it is a unhurried progression, so may not be appropriate for an urgent risk.

In the surgery, we have a business continuity plan plus risk assessments that takes place annually. This breaks down multiple areas of different topics, showing potential risks and what can be done to fix/prevent this. Example attached of our BCP which is currently under review.

There are multiple business risk concerns affecting many different topics. Three examples of business risks are as follows;

Employee risk: reference: management Staff health and well-being and the importance of sustaining sufficient staff members. Recently, one member of staff was having significant child care troubles. This greatly affected the staff rota and insufficient cover was unsustainable. It put a lot of pressure and strain on the other members of the reception team who were often lone working and doing more open/closes which is normally shared out amongst the team. Urgent one-to-one meetings were held with the member of staff and myself to try and work out the best way forward. The risk management here is sustainability.

Health & Safety. reference: risk document; As a GP surgery, we already abide by the national guidelines and are compliant with health and safety law and legislation. Actions are taken to ensure correct procedures are followed. This includes employment law and ensuring working conditions, from equality to holidays etc. are in line and complies with the employment law. One example here we have staff who believe in different religions. A Muslim calendar and their special celebrations are not on a bank holiday. To be fair to all staff and have the same equality we have introduced a system where they cover for each other. We plan well in advance and book locums to cover these holidays. This is an environment risk as a cultural.

Commercial risks. A lot of surgery income is based on various types of purchase claims. This includes travel vaccines and enhanced service claims. There are a number of various clinical stock items that we buy in and are then able to claim the money back plus with a profit. If there is a manufacturing shortage of certain items or a company goes into liquidation, this would cause a great loss of income. To minimise this risk, we have standing orders with pharmaceutical companies for minimum stock per month. We can increase the quantity if and when needed. This allows us to ‘tide ourselves over’ should there be a manufactory problem. When items are delivered, we must ensure recent expiry dates are used first avoiding missed expiry dates and again risk of losing stock/profit income.

It is important to understand the influences of any business risk. If you have no sustainability in your workforce then you put your business at risk with no staff, here in the surgery that has dramatic effect of not being able to open and not fit for purpose, unsafe for patient care and breaking agreement with the health authority and could be liable for not having safety net in place. Same with the wellbeing of staff you have processes in place to ensure equality and to consider physiological risk and behaviour risk. The commercial risk is about finance, if you cannot pay your staff and your overheads, then you have no business. These risk management is there to protect you, to guide you and to take heed of all internal, external factors and finances to have a continuing plan. ISO usually cost as they also certified that you are compliant, which is why food factories for example would pay a specialist company in to help with the process.

When you complete a BCP (business continuity plan) it is the risk management which is in the driving seat. It is how we recognise a threat, with a plan to minimise the disruption. The crisis management is the response for example the current COVID19 pandemic. The risk management is a system already in place to reducing risks which was identified as a threat. This could be example a fire, so to reduce the risk you would write in your continuity plan to have annual electric plugs checked and have fire extinguishers situated in your premises. The attached document is regarding a flu pandemic which I reviewed and updated in September 2018. This was created in response to a crisis of the swine flu in 2009, and by having this in place has helped us to react to this new pandemic with a strategic plan.

If you don’t understand all the possible threats and able to identify them, then you could be working in crisis management a lot more. It is wiser to know the likely hood of any threats or risks you can plan in your BCP the possible impact and preventive steps.

Crisis management may mean insignificant preparation. You have to plan for everything before it happens. Another negative to crisis management is that it would be expensive and can be time consuming. There are no promises that when you identify a threat associated with your business you are done, as certain events for example an earth quake or snow that are beyond your control, may happen but you need to prepare the way forward after the disaster. To product your business, your job, your staff and the reason why we are here our patients, it is paramount that our BCP is relevant updated on annually and to learn from any crisis which may have happened during the year. I believe the following statement sums it up.

I think the above quote was an adapt way of my conclusion. Each of the BCP, risk management and crisis management are each all important, but by themselves they are not enough, the risk management I feel is the flour of a cake, where the BCP is the egg which binds it and the crisis is the icing on top and bound together stops the cake falling apart.

One method of scenario planning is a pestle, it helps to reduce the impact and effects of potential threats of our surgery. It is simple to use, as shown.

One disadvantage is that is can be oversimplified and too much information gathered. It is more ideal to use for example with SWOT. We use pestle to make sure that we have identified important effects for the surgery. They are both used to evaluate, where pestle is external and swot is internal, together they can be used to strength your strategic plan with better understanding of your business.

When I analyse business risks, I often use the brainstorming and SWOT identification techniques.

Below, I have explained how I would use both techniques to support me in identifying risks and how I find them useful;

Often involving other team members, each having in-put to a topic discussion. Both positive and negative opinions should be written down. This can also be done solo; however, I believe a team effort can bring more outcomes. All suggestions can be evaluated at a later time.

I believe this technique is useful as it is a fairly quick method that can highlight risks within a change/project quite quickly. Completing with other members also allows different points of views and may produce some risks that you/your team may not have thought of.

This technique helps you set out the strengths and weakness within the implementation of a change. By identifying the weaknesses or barriers to the change it helps me to identify potential risks and consider mitigation. I have previously used the SWOT technique when analysing situations within the surgery, most recently staff issues. See my SWOT table analysis for reference.

I find using this technique useful as it helps identify strengths and weakness; it’s a good tool to look back on and have the risks ‘’jump’’ out on you – identifies the areas requiring further work on to help implement any change. I can see that that the swot can be bias which is something you need to consider.

A crisis management model is Gonzalez-Herrero and Pratt, it has 3 stages = diagnosis of crisis, planning and adjusting to changes. It helps to be focused during a crisis, during on our policy review last year was our flu pandemic management plan, this came out due to the swine flu and now gives guidance for fortune situations. Any crisis plan helps to identify each person’s role helping to reduce the after affects. For example, our chain of command is for receptionist to go to their senior receptionist, that communication line would have to be included for any crisis so not mixed messages are given. During the COVID19 situation, I regular meet with my senior receptionists and feed information and updates so she can implement it with the reception staff.

I have attached a risk plan with migration and actions, the document is separate to this answer as it is a completed piece of work. As mentioned above, here at the surgery the GP partners and myself would brainstorm first before creating any planning and how to move forward with crisis management as this fits in with our business, we have a very good open communication line and more heads which can see risks and who can help to respond to any current crisis with regular team meetings to monitor how it is working.

My opinion since I started this course is that although brainstorming is the way we may do things in the surgery, it may not necessary be the correct process as I can see and understand that all the different models and theories I have learnt that there is a reason why it is recommended. The responsibility of these now lie with myself being the Practice Manager. I will be introducing more tools like using swot and pestle together to manage the business better. Bringing better risk management processes making sure we are not avoiding any risks. I have still got a long way to go with reviewing risks at the surgery, but can start with a plan, being objective.

Impact and probability are two main modules of any risk assessment. For any risk management you would identifying threat and the risk of them occurring. As shown in my document of a risk plan evidence.

Impact can be both good or harmful, and can be defined qualitative and in a quantitative manner.

While probability is the possibility of a risk occurring and again can be defined by a qualitative and in a quantitative way. Activities have a risk and it is finding out the probability which is the likelihood of an event occurring and the consequences, to which extent the project is affected by an event, are the impacts of risk and if this is explained in numerical as in quantity then it is quantitative, but if for example done and shown in a graph or text quality then this would be qualitative.

This example shows us how we can record a risk assessment using this grid as very low is the same definition of 0.1 to words of highly unlikely to occur.

I have used the first scale in my example of risk plan, it was simple to use. I have no preference of which to use, as they are both clear and simple to use, the main point is Identify all or as many as possible potential risks and loss to the surgery by estimating the likelihood of it occurring, assigning a loss amount to the potential risk and calculate total loss to the surgery. You can then decide if the business can withstand the loss and if the risk is worth taking.

One feature of these methods is a risk probability is a refined guess. Because we can identify risk but sometimes it is the experts of the team who assign the risk probability. It can be costly and especially if perception is incorrect. I prefer seeing and reading a text and overall would prefer the graph of the risk impact as to me it is more visual.

Market Risk and Operation Risk towards Profitability: Analytical Essay

Abstract

The main purpose of a business unit is to make profit and it should be duly noted that profitability alone is not very helpful in determining the efficiency and performance of the business firm unless it is related to other factors such as risk. In the context of business proliferation, we are witnessing an unprecedented diversification of risk situations and uncertainty in the business world where the whole existence of an organization are being related to risk. Each profit earns are associated to numerous of risk and every company consist different types of risks. Nevertheless, market risk and operational risk are very impactful to every business, as it directly influence business profitability and if it doesn’t manage well, the business will come into a drastic problem. This study was set out to examine the effect of market risk and operational risk management on profitability of Skechers from year 20014-2018. This study in the end halt that effective risk management is very fundamental for business insight and growth. INTRODUCTION

1.0 Introduction

This chapter begins with the establishment of Skechers(SKX), a sportswear industry first manufactured in the United States. It is followed by the discussion of problem statement, research objectives, research questions, and the scope of study.

1.1 Establishment of Skechers

Skechers was founded in 1992 by Robert Greenberg after he left LA Gear. During the days, there were no industry giants controlling both men’s and women’s streetwear, so Greenberg decided to focus on designing and manufacture shoes to be worn by either male or female. It became successful and this reflected the increasing popularity of the ‘grunge’ look in the early 90s. Skechers are well-known for being a brand that were aware of the changing trends among young consumers and that they provided what the people wanted to wear. It was then expanded to the global market and started producing footwear and children clothing. The company became successful enough to be rewarded with its own brand space and released a high fashion line in the global market. It maintains a trendy brand image by focusing on high profile celebrity driven advertising, thus making it one of the fastest growing footwear company in the United States. Skechers focus in three segments, the domestic wholesale sales, international wholesale sales as well as retail sales. The objective is to profitably grow operations in the worldwide while leverage its brand through diversified product lines, having innovative advertising and diversified distribution channels across the market globe.

1.2 Skecher’s governance

Skechers sourcing relates to good governance that helps them to achieve their objectives and giving proficient commercial to guarantee and empower itself to support in a long term. They are prepared to preserve the quality and notoriety of the items, guaranteeing that wrapped up products and all merchandise bearing Skechers trademarks meet the standard of quality. They perform array of inspection procedures in the production process to the final products prior to shipment. It also governed accountability in their product distribution channels serving as an fundamental work in the worldwide conveyance of its product. In the retail stores and online business, the stores are reviewed for impairment annually as required. The summary of cash flows for each retail stores are prepared to evaluate potential impairment of the assets and improvements by the directors. Skechers hold on to achieving success by fair and ethical mean and seek to maintain a reputation for fair dealing among their competitors and the public alike although the success of Skechers depends on their ability to outperform competitors. Skechers prohibits employees from engaging in any unethical or illicit business practices. Rather, employees must rely on good judgment and common sense. Suffice it to say that each employee working in Skechers should endeavor to deal fairly with the customers, suppliers, competitors, and employees itself, and not take dishonest advantage through manipulation, concealment, misrepresentation facts, or any other unequal business practice. In the concept of openness, all employees are expected and required to maintain the confidentiality of any information obtained through the employment of Skechers, except when disclosure is authorized or legally mandated. Skechers employees will be required to execute an agreement known as Confidentiality and Inventions Agreement with Company’s business needs. Besides, Skechers has created the BOBS shoe line to advance their socially responsible agenda. For every pair of shoes in this line sold, they will donate a pair of shoes to a child in need. This business model takes the three P’s into account: people, profit, and planet. They are caring for people by giving away a pair of shoes for every pair sold and are considering the environment by using environmentally friendly packaging and creating less waste” (Miratel Solutions Inc.). In addition, Skechers Foundation was built to support the general public with education and job training, fitness, and health and nutrition guidance.

1.3 Problem Statement

The main risk Skechers is facing is the market risk compared to other risks such as credit risk, operational risk and liquidity risk. The market risk faced by Skechers are to be considered is the foreign currency exchange rate fluctuations which may impose an adverse effect on Skechers business and results of operations. Foreign currency fluctuations affect Skechers revenue and profitability because Skechers are largely segmented by international wholesale markets. The changes in currency exchange rates may influence the financial result positively or negatively in a period and it will be difficult to compare Skechers operating results from different periods. The third parties manufacturing Skechers product will also be influenced due to cost of raw materials or production cost which are more expensive due to the fluctuations of the currency exchange.

1.4 Research Objectives

In general, this study aims to determine the market risk and operation risk towards profitability for Skecher. Objectives studies included:

1. To analyze the market risk towards profitability.
2. To analyze the operation risk towards profitability.
3. To analyze the market risk and operation risk towards profitability.

1.5 Research Questions

1. Is there any dependency between market risk and profitability?
2. Is there any dependency between operation risk and profitability?
3. Is there any dependence between market risk and operation risk towards profitability?

1.6 Scope of Study

The sample study was taken from Skechers, calculations, and figures obtained from the financial report were based on Skechers company’s 5 years annual report from year 2014 to 2018.

1.7 Organization of the Study

This study consists of five main chapters. Chapter one provides an introduction consisting an overview of how company was established, company’s governance, the problem statement, research objectives and questions, scope of the study, and the organization of the study. Chapter two includes the literature review, highlighting four risks towards the company. Chapter three details the theoretical framework, measurement of variables, research methodology and data analysis. Chapter four discusses the results and findings of the study, includes the descriptive statistical analysis, trend analysis, and diagnostic tests from SPSS result. Lastly, chapter five include the conclusion of the study and further explained with recommendations.

Assessment of Risk Environment in Heathrow Airport: Analytical Essay

Heathrow airport has a long-term goal of making Heathrow into “Heathrow 2.0 in which their vision is to make it have a sustainable growth. In this vison, they have highlighted that they want to improve life for their colleagues, communities, contribute to thriving economy and also tackle global issues such as climate change” (Heathrow).

Risk environment

Corporate failure is guaranteed if the management team are not aware of the threats and opportunities that exist both within the entity and outside it. To analyse the risk environment of the company, I have used a key – SWOT analysis. This tool helps us to balance the business’s internal strengths and weaknesses with those possible opportunities and threats that the organization will face.

Strengths

• Strong brand reputation as they are regarded as one of the best airports in the country
• Leading market position
• Record number of passengers in 2019
• Large asset base

Weaknesses

• Weak finances – debt is rising
• Old terminals need refurbishing – could be costly
• Expensive to maintain standards (health and safety) and remain a market leader
• Frequent changes in management

Opportunities

• Economic growth – exploring new destinations/ routes
• Weak competitors
• Change in political and economic environment
• Market growth

Threats

• Economic downturn – Brexit
• Rising fuel prices
• Increased competition from other airports in the country
• Global warming/ weather
• Rising risk of drones

Risks they face

Risk 1 – increased debt and liabilities

“At 30 September 2019, Heathrow SP’s nominal net debt was £12,844 million (31 December 2018: £12,407 million)” (Heathrow, 2019). Compared t0 2018, the debt in 2019 has increased. Total liabilities as at 30th September 2019 (£19,835m) compared to 31st December 2019 (£17,402m). As you can see the, liabilities have increased even though the figure of (£19,835m) is not the year end figure. So, you can expect the year end figure to be even higher.

This is a weakness for Heathrow Airport. If the ratios are increasing – more debt in relation to equity, then the company is being financed by creditors/debt rather than by internal positive cash flow which may be a dangerous trend.

The liabilities compared to previous year have also increased meaning potential obligations of the business have also increased. Therefore, the company can face solvency and liquidity issues if their current assets aren’t higher than their current liabilities.

Risk 2- Brexit

This is very large issue and risk for all the businesses in the UK because of uncertainty regarding if UK leaves the European Union with a deal or no deal. This is a political issue and the only thing businesses can do is prepare for the months or year after Brexit and plan for the worst. UK’s economy has declined which has led to pound falling compared to other currency’s due to uncertainty. People are reluctant to book holidays therefore leading to less revenue for airports and airlines. Airports have also been asked by airlines for renegotiations of terms due to Brexit.

Risk 3 – Security

There is always a risk of security at the airports. In the past, there have been many incidents in the past like- smuggling, terrorism, proper checks. The responsibility falls on the airport to make sure the security is top class. For example- airport need to make sure their security officers are trained properly so they know what procedures to follow in case of an incident. Airports need to make sure their security cameras all working and cover all areas.

Risk 4/ Opportunity – Expansion

Heathrow airport have been in the process of expanding by building a 3rd runaway and also a 6th terminal. However, there have faced challenges form of local communities, environmental groups because of increased level of noise pollution as well as adding to the UK’s carbon emissions from the increased number of flights. However, the expansion plan has highlighted a new low-emission zone for the airport, meaning additional charges for those who drive a more polluting vehicle to the airport.

In recent years, the board of directors at Heathrow have been working to bolster the effectiveness of their organisation’s governance model. Boards appear to have strengthen their governance frameworks and policies as well as established board- level risk committees. They also have cleared the responsibilities of the other board committees and appointed chief risk officers.

In my opinion, Heathrow have a good governance structure as they have a clear line of sight into the management’s decision making and risk management process. For example- the board have established those line of sights by stating the types and amount of investments and transactions and the risk exposure at should come its attention. Their governance structure for Heathrow also specifies the information that the board and its committee require, from whom and how often. This assists the board in executing governance more effectively.

Heathrow proud themselves of having a great place to work at as they provide environment where colleagues feel safe, motivated and enjoy what they do. Heathrow continue to provide career opportunities along with best training. For example, in 2018 there were 472 colleagues that were promoted. Heathrow has seen a positive shift in their culture and behaviours which is very important for achieving great results.

The Board of directors determines-

• the long-term strategy
• group is acting ethically
• has necessary resources to meet its objectives
• to monitor performance

Executive Committee determines-

• developing, reviewing medium and long-term Group business strategies,
• policies and development plans for Board approval
• reviewing the principal risks and the risk management framework

Audit Committee determines-

• considering the appointment of the external auditor
• discussing with the external auditor the nature and the scope of the audit
• reviewing Internal Audit reports to the Audit Committee

Nomination Committee determines-

• recommending new appointments of independent N-ED
• ensuring a rigorous procedure is followed for the appointment of new independent N-ED

Remuneration Committee determines-

• the remuneration policy, compensation packages, contractual terms of the members
• the design and terms of long-term incentive plans

Finance Committee determines-

• the borrowing of any money
• the refinancing of any existing indebtedness
• the making of any repayments of principal

Executive Risk Committee determines-

• responsible for reviewing the effectiveness of the risk management strategy and framework and for reviewing the principal risks

Sustainability and Operational Risk Committee determines-

• reviewing Heathrow’s policies, and risk management approach
• reviewing and challenging the performance
• monitoring and challenging management over the effectiveness

Risk management is a key element of the Heathrow’s corporate operations and risks are managed by a fully dedicated senior team. Enterprise risk management function sets out the strategy for risk management to provide necessary framework. This ensures that they gain an understanding of the main risks that organisation faces at all levels of the business. The management attention is focused towards the mitigation of these risks and emerging risks are reviewed which may impact the business and strategy.

Heathrow have a proactive approach when it comes to its risk management. The directors are responsible for internal controls to mitigate the risks. Circumstances which pose short term risks to normal operations at the airport like- weather conditions, natural disasters, terrorism etc. can have significant impact to operating at full capacity. The business tries to anticipate the effects of these events and have contingency plans to minimise disruption. For example- the business seeks to have a flexible, competent workforce that can respond to the ever-changing environment. The plans and strategies on how to deal with these risks are implemented throughout the organisation.

Definition of Risk Management and Analysis of Risk Management Process

Definition of Risk

Risk implies future uncertainty about deviate from expected earnings or expected outcome. Risk measures the uncertainty that investors are willing to take to achieve a return on investment. Since a probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action.

In the aspects of finance, risk is the probability that an actual return on an investment will be lower than the expected return. Financial risk is divided into the few categories that are basic risk, capital risk, country risk, default risk, delivery risk, economic risk, exchange rate risk, interest rate risk, liquidity risk, operations risk, payment system risk, political risk, refinancing risk, reinvestment risk, settlement risk, sovereign risk, and underwriting risk.

In the aspects of food industry, there may be a certain level of negative impact due to a certain hazard in the food. In the aspects of insurance, risk is a situation in which the probability of a variable such as the burning of a building is known. In the aspects of securities trading, risk is the probability of loss or decline in value. Trading risks fall into two broad categories. First, systemic risk. It affects all securities in the same category and is related to the overall capital market system and therefore cannot be eliminated through diversification. It is also known as market risk. Second, non-systematic risk. It refers to any risk that is not related to the market or is not a systemic risk. It is also known as non-market risk, additional market risk or non-systematic risk.

Definition of risk management

Risk management is the process of identifying any potential threats that may occur during the investment process and doing everything possible to mitigate or eliminate dangers. There are many different types of risks in business, and even more risks in the investment field. Some of them include competition, economic factors and market volatility. In relation to the risk of the investment itself, the entity can also consider its location in terms of capital. For example, if a company has RM10,000 in assets, a risk management analysis may make it unwise for the organization to invest RM5,000 in highly volatile stocks.

Businesses typically assess risk in their day-to-day operations and on a regular basis before making any investment decisions. Companies will often review risk analysis to determine which type of securities they want to buy or the companies they are willing to invest in. When companies consider future product lines or factory expansions and they want to evaluate them, they want to assess the total danger of that investment before pulling the trigger.

Risk Management Process

Identifying potential losses

The first step in the risk management process is usually informal and can be performed in various ways, depending on the organization and the project team. It means that the identification of risks relies mostly on past experience that should be used in upcoming projects. In order to find the potential risks, an allocation needs to be done. This can be decided and arranged by the organization. In this case, no method is better than another, since the only purpose is to establish the possible risks in a project.

Risks and other threats can be hard to eliminate, but when they have been identified, it is easier to take actions and have control over them. If the causes of the risks have been identified and allocated before any problems occur, the risk management will be more effective. Risk management is not only solving problems in advance, but also being prepared for potential problems that can occur unexpectedly. Handling potential threats is not only a way to minimize losses within the project, but also a way to transfer risks into opportunities, which can lead to economical profitability, environmental and other advantages.

Measuring potential losses

Risk analysis is the second stage in the risk management process where collected data about the potential risk are analyzed. Risk analysis can be described as short listing risks with the highest impact on the project, out of all threats mentioned in the identification phase. In the analysis of the identified risk, there are two categories of methods which are qualitative and quantitative methods have been developed. The qualitative methods are the most applicable when risks can be placed somewhere on a descriptive scale from high to low level. The quantitative methods are used to determine the probability and impact of the risks identified and are based on numeric estimations. Companies tend to use a qualitative approach since it is more convenient to describe the risks than to quantify them. In addition, there is also one approach called semi-quantitative analysis, which combines numerical values from quantitative analysis and description of risk factors, the qualitative method.

Within the quantitative and qualitative categories, a number of methods which use different assumptions can be found, and it may be problematic to choose an appropriate risk assessment model for a specific project. The methods should be chosen depending on the type of risk, project scope as well as on the specific method’s requirements and criteria. Regardless of the method chosen, the desired outcome of such assessment should be reliable. The selection of the right technique often depends on past experience, expertise, and nowadays it also depends on the available computer software.

Selecting the risk management technique

This third step of the risk management process indicates what action should be taken towards the identified risks and threats. The response strategy and approach chosen depend on the kind of risks concerned. Other requirements are that the risk needs to have a supervisor to monitor the development of the response. The lower impact the risk has, the better it can be managed. Most common strategies for risk response are avoidance, reduction, transfer and retention. Beyond those types of responses, sometimes it is difficult to take a decision based on too little information. This may be avoided by waiting until the appropriate information is available in order to deal with the risk. This way of acting is called “delay the decision” but this approach is not appropriate in all situations, especially when handling critical risks.

Avoidance

If the risk is classified as bringing negative consequences to the whole project, it is of importance to review the project’s aim. In other words, if the risk has significant impact on the project, the best solution is to avoid it by changing the scope of the project or, worst scenario, cancel it. There are many potential risks that a project can be exposed to, and which can impact its success. The avoidance means that by looking at alternatives in the project, many risks can be eliminated. If major changes are required in the project in order to avoid risks, applying known and well developed strategies instead of new ones, even if the new ones may appear to be more cost efficient. In this way, the risks can be avoided and work can proceed smoothly because strategy is less stressful to the users.

Reduction

By having an overview over the whole project, it is easy to identify problems which are causing damage. In order to reduce the level of risk, the exposed areas should be changed. This is a way of minimizing the potential risks by mitigating their likelihood. One way to reduce risks in a project is to add expenditures that can provide benefits in the long term. Some projects invest in guarantees or hire experts to manage high risk activities. Those experts may find solutions that the project team has not considered. Those risks which should be reduced can also be shared with parties that have more appropriate resources and knowledge about the consequences. Sharing can also be an alternative, by cooperating with other parties. In this way, one project team can take advantage of another’s resources and experience.

Transfer

If a risk can be managed by another actor who has a greater capability or capacity, the best option is to transfer it. The risk should be transferred to those who know how to manage it. The actors that the risks can be transferred to are, for example, the client, contractor, subcontractor, designer etc., depending on the risk’s character. As a result this could lead to higher costs and additional work, usually called risk premium. It must be recognized that the risk is not eliminated, it is only transferred to the party that is best able to manage it.

Retention

When a risk cannot be transferred or avoided, the best solution is to retain the risk. In this case the risk must be controlled, in order to minimize the impact of its occurrence. Retention can also be an option when other solutions are uneconomical.

Implementing and monitoring the risk management program

This final step of risk management process is vital since all information about the identified risks is collected and monitored. The continuous supervision over the risk management process helps to discover new risks, keep track of identified risks and eliminate past risks from the risk assessment and project. It also states that the assumptions for monitoring and controlling are to supervise the status of the risks and take corrective actions if needed. The tools and techniques used to risk monitor and control can be risk reassessment which is identification of new potential risks and constantly repeated process throughout the whole project. Second, monitoring of the overall project status to see whether there are any changes in the project that can cause new possible risks. Third, status meetings which is the discussion with risk’s owner, share experience and helping managing the risks. Fourth, risk register updates.

Summarization of Articles

Article 1: Construction site accidents rising (appendix 1)

This article is reported by Tan Sri Lee Lam Thye on January 14, 2018. This article reported about accidents in construction site and as far as safety is concerned. It reported that the latest fatal incident, where a Bangladeshi worker died on the spot when the incomplete cement flooring beneath him gave way at the Tenaga Nasional Bhd substation, next to the Cochrane Mass Rapid Transit station in Kuala Lumpur. It also reported that contractors did not do well on the part of safety and healthy. They did not implement OSH practices, including adopting HIRARC, which is the concept of hazard identification, risk assessment and risk control well. From the news also reported the statistics that indicate the accidents in the construction industry in several years.

Article 2: Fire losses during construction can be alarming (appendix 2)

This article is reported by Eric Michot on September 15, 2016. This article reported that construction projects represent a significant risk for insurers. From the early stages of a project to the final phase when the largest concentration of values are on the site, losses from fire can add up for insurers. The article discussed a few examples of important buildings in France that faced with fire losses in recent years.

Risk Management Process for Article 1

Identifying potential losses

Human resources loss exposures: This is the largest loss exposures for the case since there is a Bangladeshi worker died on the spot. The death of the key employees during construction will reduce the manpower capacity and extend the duration for the project. In addition, the contractor is responsible for the death of the worker because they do not implement the safety and health practices well at the workplace.

Intangible property loss exposures: The accident happened will bring damage to the contractors’ public image. It is because people will observe that the company is not careful in the part of safety and health practices, and fewer people are willing to work in this company due to the lack of security.

Measuring potential losses

Loss frequency: From the statistics of Social Security Organization, it indicates that 7,338 accidents were reported in the construction industry in 2016, compared with 4,330 cases in 2011, an increase of 69.47%. In addition, based on the Department of Occupational Safety and Health (DOSH) records, 106 deaths were reported in the construction industry in 2016 compared with 88 deaths in 2015. If the unreported cases are took into account, the figures would be higher. Therefore, the loss frequency in the aspects of human resources loss exposures is expected to be very high if these accidents continue to occur.

Loss severity: The loss severity of the accident is very high because it can lead to death of workers. Life is precious and irreplaceable, and the loss of life is the most serious thing.

Selecting the risk management technique

Avoidance: To avoid the latest fatal incident stated in the article, contractor should always ensure that every parts of the construction work are doing completely and carefully to reduce the risks that they may face afterward.

Reduction: The contractor should implement Occupational Safety and Health practices, including the use of HIRARC, which is the concept of hazard identification, risk assessment and risk control. This will help workers and their supervisors to identify hazards and risks, and find ways to avoid them. This is a way to minimize potential risks by reducing their likelihood. In addition, the safety checklists should be done before the construction work starts. Eye and face protection, hand protection, foot protection, and head protection should be given completely to the workers. According to the case, foot protection and head protection is extremely important. The victim was on the third floor at the center of the unfinished flooring, and fell through the flooring and landed on the first floor while he was layering and setting concrete cement. He was buried in tons of construction scaffolding, wet cement and metal reinforced beams. Therefore, foot protection is used for slip-resistant. For head protection, it can reduce the damage to the head after the victim falls from a height. The most critical part of a person is the head, so as long as the head is insured, that person may still be able to survive.

Insurance: The contractor should purchase insurance for their workers since the severity of loss is very high. According to the case, if the contractor has purchase insurance for the workers, the insurance company will help the contractor to compensate the loss of the dead worker. Therefore, the contractor can also reduce the compensation required.

Implementing and monitoring the risk management program

After the identified risks is collected and analyzed, and the techniques are selected, the contractor can implement and monitor the risk management program. The monitoring of the risk management program should be continuously proceed so that the company can keep track of identified risks and discover new risks if any. In addition, new techniques may be discovered and can be used in the risk management program. Besides, the internal members of the contractor company should always discuss on how to manage the risks, so that the risks level can be reduced until very minimum and provide maximum security to all workers.

Risk Management Process for Article 2

Identifying potential losses

Property loss exposures: The fire accident during construction will lead to huge losses in the part of building, furniture, and electric appliances. The less serious situation may involve only a small part. However, the most worrying situation is that the whole building has been burned. The contractor needs to recover all of those losses after the accidents. They are involved a high amount of money to do so.

Business income loss exposures: Since there are a lot of losses occurred, therefore the contractor will pay a lot on the expenses to cover the losses. And because of that, the profits received by the contractor will be reduced at the end of the project.

Human resources loss exposures: The death of key employees is less likely to happen in a fire accident. It is because sometimes the fire happens when no one is there, which may be caused by a fire on the circuit. However, fire can also occur during construction, which may be caused by factors such as employee negligence or inadequate safety facilities. Of course, if workers escape in time, the risk of death will be very low.

Measuring potential losses

Loss frequency: As can be seen from the article, there were four fire accidents in France, and this is only part of it. Fire accidents during construction are very common situation nowadays. Therefore, the probability of happening fire accidents is high. As for the loss frequency in the aspects of human resources losses, the frequency is low because fire accident may happen when workers are not working. However, in the aspects of property losses, the loss frequency is between high and low. As mentioned above, the biggest damage can be the entire building burns. The slightest accident may be just a small part burned down.

Loss severity: The loss severity of the fire accident is very high in the aspects of property losses. It is because it costs a huge amount of money the cover the losses. The most worrying thing is the contractor has not have enough money to cover the losses or restart the whole project. If there is no insurance company’s help, the company’s losses will be very heavy. Therefore, the loss severity is very high and can affect the contractor’s operation.

Selecting the risk management technique

Avoidance: A large part of the recent construction fires were caused by arson. Therefore, on-site safety and control measures can provide valuable protection. These include installation of monitoring systems, contracted security with active documented rounds to ensure alertness, signage, fences and adequate lighting, and rapid removal of refuse and scrap materials that may be used to start a fire. In addition, from the very beginning of the project, ensure that there are enough fire extinguishers on site and the sprinkler system is installed and put into use as soon as possible.

Reduction: The contractor should develop a detailed emergency response plan outlining the sequence of all actions to be taken when a fire occurs. The plan should be re-evaluated to ensure its feasibility and effectiveness. In addition, the plan should be physically rehearsed and tested to ensure that everyone understands their respective roles and responsibilities. At the same time, accidental fires continue to be an issue as well. To reduce the risks of unintentional fires, designated smoking areas, establish and implement a strict thermal permit system. This information needs to be communicated with all contractors and workers on site and reinforced in safety discussion and training.

Insurance: The contractor should purchase insurance for themselves since the severity of loss is very high. According to the case, if the contractor has purchase insurance for the workers, the insurance company will help the contractor to cover the losses of the property.

Conclusion

Because of fewer know-how and awareness among the people, the method of risk management are sparingly applied. When dealing with project risks, the tracking record is also small, which affects the project objectives. This paper details the risk management process of published literature. Risk management can better understand the nature of risk by categorizing risks. There are several ways to categorize risks to achieve different goals. For some people, in a construction project, risks can be broadly divided into external and internal risks, while other risks can be classified into more detailed categories. These categories depend on the condition of the project and the surrounding environment.

All methods of assessment are important for decision making, and all decisions recommend considering the risks of alternatives. In some methods, risk is measured better or more specifically than other methods, but they all have in common: high and medium levels of experience, time resources, and detailed data are required. Even though the quantitative approach uses more resources than the qualitative approach, they are also more complex.

The current state of the construction industry risk management methods in developing countries in the world generally attempts to avoid or transfer these risks, which leads to the risk of passive and informal transactions in risk management practices in a large number of industries. However, current awareness of risk management is continuing and there is a strong desire to learn from past mistakes.

The research work is considered a small part of a comprehensive research project aimed at reassessing the construction risk management process and promoting the elimination of existing gaps between the theory and practice of building risk in developing countries around the world.

Different Approaches to Risk Management Criteria in Different European Countries: Analytical Essay

Risk acceptance criteria in the Netherlands

According with the statutory order in 2004 the Dutch quantitative risk criteria as location-based risk, to ensure that nobody faced big risk. The Dutch have improved a software tool to estimate individual risk and societal risk. This software applies the methods from the books Committee for the Prevention of Disasters, 1997, Committee for the Prevention of Disasters, 1999. In calculation of the limits, the authorities must contrast the calculated societal risk with the proved limits for risk acceptance.

1. The expected rate of accidents involving more than 10 deaths must not exceed 10-5 per year.
2. For accidents involving more than 100 deaths, 10-7 per year.
3. For accidents involving more than 1000 deaths, 10-9 per year.

During the estimation of societal risk, a maximum consequence distance is used which, by definition, covers the region where the expected mortality rate is greater than one per cent for the worst-case accidents.

Risk acceptance criteria in Iceland

Safety distances between major hazard establishments or dangerous substances is a characteristic of Iceland’s risk management. The major hazard is the fire between overcrowded areas with the most victims. They do not use standard methods of dangers prevention. Several legislations specify the distance from facilities storing or using dangerous substances, including the statutory order for F-gas storage and storage of flammable liquids.

Risk acceptance criteria in the United Kingdom

Risk criteria for land-use planning in the vicinity of major industrial hazard are referred as ‘consultation distances’. These areas specified by the central authority, the Health and Safety Executive (HSE). The HSE calculate the risk in each case based on information gathered via the local authorities from the establishment’s permits (Hazardous Substances Consent data, including information on quantities of dangerous substances, tank sizes, pressure and temperature, etc.). The results from calculations can be approximate for toxic substances but can be accurate where the risk is due to the possible fire or explosion. The HSE offers assessments based on individual risk (comparable to location-based risk). HSE uses 10-6 per year as the minimum limit for the individual risk of the population. Any risk lower than this is not significant in relation to everyday risks.

Risk acceptance criteria in France

In order to deal with hazards, France has developed an elaborate method for the establishments and their surroundings. This method incudes simplification risk assessment in contrast with quantitative risk assessments used in the Netherlands, Flanders, and the United Kingdom.

The characteristic of this method is that identify various accident scenarios when assessing risk for the establishment in question. These scenarios are categorized into:

• Rapid accident scenarios.
• Slow accident scenarios. These kinds of accidents identify scenarios which the accident process permits the evacuation of all people who probably be affected before the accident develops.

The scenario characterized as slow when the establishment present the necessary information to justify classification. The frequency of the accident lead to the way of assessment.

Risk acceptance criteria in Germany

The German ‘Störfallkommission’ distinguish guidelines for implementing the necessary distances between major hazard establishments and vulnerable objects. The guidelines are used to assess special distance requirements address to stockpiles of explosives and ammonium nitrate. Distinction is made between conditions with or without detailed knowledge. General distance requirements are introduced based on the declared substances stored or used by the establishment. Where detailed knowledge of an industry is available consequence estimations are prepared for the specific establishment.

According to the above risk acceptance criteria, we observe that each country has different way to see the danger based on specific characteristics. Specifically, each country has risk acceptance limits based on:

Political situation. This is an assessment both of the government’s ability to carry out its declared program(s), and its ability to stay in office. Moreover, government unity and legislative strength play vital role in the risk management of each country.

Socioeconomic situation. Based on the government’s intervention of the employment and the social life as the level of dealing with the poverty. Moreover, these situations can be derived from social inequality, religion, ethnic differences, the development of cultural models, historical relations between countries, all of which can lead to the outbreak of disturbances, varied from relatively peaceful protest and societal boycotts of specific products, to acts of terrorism in extreme occasions, which with different ways impact on counties risk management. Relations with neighboring countries could also be a source of instability with declaration of war being the ultimate recourse

External Conflicts. The external conflict measure is an assessment both of the risk to the incumbent government from foreign actions. In other words, the possibilities for war or Cross-Borders conflicts.

Corruption. The greatest risk in such corruption is that at some time it will become so overweening, resulting in a fall or overthrow of the government, a major reorganizing or restructuring of the country’s political institutions, or, at worst, a breakdown in law and order, rendering the country ungovernable.

Military in Politics. For instance, the military become involved in government by faced an external threat. Such a situation would imply the distortion of government policy in order to meet this threat.

Economic situation. Overall the economic situation determines most of the risk management criteria as where its strengths outweigh its weaknesses it will present a low economic risk and where its weaknesses outweigh its strengths it will present a high economic risk. In other words, each country taking into consideration the economic cost before assessing each risk. As we can observe from the above analysis, countries with strong economies deal with risk with more complete methods and plans.

Culture. Culture reflects the attitudes and behaviors of a group of people regarding risk-taking and risk management. It is the essence of a risk management system. No matter how good risk management rules and models are, without a good risk culture, they are difficult to create value for the country. A healthy risk culture can boost the improvement of risk management from the inside of an organization or country.

1. People monitor and manage risk actively and consistently.
2. More risks are likely to be identified.
3. Risk issues can be escalated quickly in the organization.
4. Decision makers can get risk information timely with high quality.
5. Risk-adjusted metrics are used to measure the performance

Subcultures that might have an impact on risk management in the countries of EU. Specifically, multiple subcultures have different way dealing with problems, for this reason they can also lead to rogue, risk-taking behavior that can ultimately harm the organization. A sound risk culture consistently supports appropriate risk awareness, behaviors, and judgements about risk-taking within a strong risk governance framework. A sound risk culture bolsters efficient risk management, promotes sound risk-taking, and declare that emerging risks or risk-taking activities beyond the institution’s risk appetite are recognized, assessed, escalated, and addressed in a timely manner. Risk culture evolves over time in relation to the events that influence the countries’ and to the external context within which the institution operates. Sub-cultures within countries may exist depending on the different contexts within which parts of the institution operate. However, sub-cultures should hang on to the high-level values and elements that supply the counties’ overall risk culture.

Understanding and Managing Risks with the Cardiff Women’s Aid Domestic Violence Charity

The aim of risk management is to keep the organization and its employees safe as it is the duty of care of the employer; to provide financial security with regards to money spent on things such as legal fees, payouts to insured parties etc.; and it needs to comply with the national legal and statutory advice set for businesses/organizations alike.

Risk Management within a Domestic Violence Charity will need to ensure that all vulnerable clients and employees are managed effectively. This involves following and ensuring the following of standards to eliminate risk. Cardiff Women’s Aid is a Domestic Violence Charity, which means that it is a high-risk environment for both clients and employees. This means that the standards we need to uphold our organization against are ones that include Safeguarding Children and Young People, Safeguarding Adults etc.

Safeguarding Children and Young People and Safeguarding Adults are written within the policies and procedures to ensure compliance. If these standards are not followed then this could lead to serious repercussions. The standards provide a framework of how best to ensure all staff and clients follow the same training and have the same information given to them in order to prevent risk. For example; if our IPAs (Independent Personal Advisors) are not trained on how to tactfully ask questions surrounding a traumatic event, this could lead to a potential situation where the client becomes offended and lashes out at the IPA, or in turn could affect the IPA through vicarious trauma, leading to that employee becoming unwell.

Health and Safety is another example of how we need standards to ensure correct risk management. There are a set of legal and national standards set by the Health and Safety Executive, which if they are not followed can lead to the shut down of an organization. This is a major risk. To avoid this, we need to ensure training, signs, alarm practices, etc. are issued to everyone to follow. For example: fire exits must be empty and not have clutter in the way – this is to ensure that everyone can get out of the building. Should we not have known that these need to be kept clear, someone could have gotten trapped during a fire and died. The standards ensure that legally we keep them clear and therefore the risk has gone from a high to a very low.

The relationship between risk management and standards is extremely important. They are to make sure that when we are working the clients are safe, we need to ensure that our employees are correctly trained against a nationally recognized set of standards, and that if they do not follow these standards then they are a risk to the business and therefore need to be eradicated.

Business Risks

Business risks are those that can have a large impact on the organization. I include these risks within a risk register and divide them into sections of the business – strategic, financial, operational, H&S, staff, environmental etc. to provide an overall view of each area and its potential risks. Factors that could influence business risks are defective impacts/effects to these areas.

In the area of Health & Safety there are many influences and risks. The main business risk I would look at would be non-compliance to legal national standards. A factor that could influence this risk would be to not have an induction in a new building. Staff legally need to know the location of fire exits in case of a fire, If they do not know this information and we had a fire, there would be a high risk of injury or death which fails on our duty of care to all staff members and it would impact the organization financially and legally.

In the area of legal and regulatory, looking at confidentiality within the organization, the business risk would be divulging client information to a 3rd party that has not been authorized by the client. The factor that would influence this would be non-adherence to the data protection Act, whereby not following the set standards and divulging personal information without permission of the client is a criminal offence.

In the area of environmental and the risk of a pandemic virus spread to all staff and clients. This would be influenced by the lack of a business continuity plan in order to eliminate spread and how to reduce further impact on the organization.

In conclusion, they are essential and together form an analysis of what is needed to prevent these risks and prevent further legal/financial implications for the organization. It is clear that the main influences of business risk can be established and monitored carefully with the correct management tools.

Risk Management as a Strategic Approach

Risk management is a strategic approach by which the organization implements a risk register to identify the risk, its level of impact/likelihood (e.g. critical, high, medium or low) and its mitigation plan. These are compared against the set of risk standards for compliance and must be regulated. For example: a pandemic is a risk, this is rated on how it could be disruptive and at what level within the organization; and how to either eliminate or reduce the risk.

Managing crisis is an operational approach to the disruption caused by a risk. This is ‘attacking’ the risk through careful management, rerouting and alteration of the organization to prevent further damage/disruption. Having looked at the risk register for level and impact, crisis management is to use the mitigation and put it into action. For example, the Covid-19 pandemic risk was at a critical risk level and mitigation plans included allocating staff to safer areas (working from home) to prevent further contamination.

Business continuity is a strategic approach to continuing the organization after a disruption has occurred. This would include highlighting the objectives of the business, understanding how they were disrupted (financially, operationally, resourcefully etc.) and provide a clear plan of how to continue the service, should a disruption occur again. For example, the Covid-19 pandemic caused staff to work from home, this caused a few issues as not all staff were issued with laptops, and needed purchasing. It has now been planned that all staff are to be issued with laptops instead of desk PC’s to continue service from any location and avoid disruption.

Together they all form an essential framework for a business as they are the beginning, middle and end of effectively managing risk as a whole. Following the risk management procedures, managing the crisis and following or/and developing the continuity plan highlights the risk, risk level and provides a basic mitigation plan. This allows for a business to run smoothly operationally and provides the foundation for a solid continuity plan to reduce or eliminate any risk in the future.

Scenario Planning

Scenario planning is to evaluate the risks of a particular scenario (e.g a pandemic) that may occur and to be prepared for it. A crisis management model would be used to collate this information, depending on the scenario. In order to plan for a scenario, I would use a pre-crisis model PESTLE. The PESTLE is made up of political, economical, social, technological, legal and environmental risks that could affect the organization. These map out a variety of external risks to prepare for all possibilities.

For example: Cardiff Women’s Aid need to be aware of any political changes that could cause risk to the organization, for example, the VAWDASV 2015 Act (Violence Against Women Domestic Abuse and Sexual Violence) is an Act that states the Welsh Government must work with preventative services. The RISE service we provide is under contract with the Welsh Government and if this Act was abolished, the service would not be funded, the work could not be provided and the risk of women being murdered would increase rapidly. By using this we are able to play out varied scenarios and understand how it could impact the organization.

Another crisis management model would be to use a business continuity plan for a post-crisis recovery. This is where the organization has had something happen that possibly could not have been predicted and therefore enables organizations to learn what to do from after the risk happening in order to prevent/eliminate it from happening again.

For example: Cardiff Women’s Aid had never encountered a pandemic before and therefore had not been prepared. This meant that the model we would need to use was a business continuity plan that was created from the scenario that happened and what did and did not work. It allowed for us to learn from the mistakes we made and evolve a plan for both.

The issue with preparing for risks that haven’t happened with the pre-crisis models, is that it can be a lengthy process and could potentially waste time thinking of endless scenarios to prevent/eliminate a risk. The issue with dealing with the aftermath of a risk with the post-risk models is that the risk has already done the damage, and the way that it was handled could have been appropriate for the moment but possibly not for the business’ reputation for example. I personally think that it is better to have a pre-crisis, crisis and post-crisis response when managing risks due to their unpredictability and to ensure there is more than one way to eliminate or reduce a risk.

Calculating Risk

Calculating risk probability is determining how a risk will impact the organization by calculating the likelihood it will happen and what the impact will be. This will provide a level at which you can understand the severity of that risk.

Calculating risk probability can be done via quantitative or qualitative methods. These can provide either a figure answer that can be used against other quantitative data and provide more statistical answers within graphs that show trends; or it can provide data which is data gathering and analysis from risk assessments that can provide narrative.

If we calculated risk via a quantitative method, I would use a risk register. The risk register is a tool that provides a final risk level that is linked to a code of a low to high risk. The higher the number, the higher the risk.

For example, the risk of fire in a room that always has candles and a cat in would be calculated like this: the likelihood of the cat hitting a lit candle off the side is high (4) x the impact of the lit candle falling onto the fluffy rug below would be high (x4), therefore the probability of the risk would be critically high (4×4 = 16) and means to eliminate or reduce the risk can be created from this.

If we calculated risk via a qualitative method I would use a risk assessment. The risk assessment is a tool used by an assessor to write down all the risks that they see/predict would happen. This is written on a form with actions on how to eliminate or reduce that risk within a timescale that would be as reasonably as practicable. This can be monitored and provided as checklists for employees to use in the future.

For example, the carpet on the stairs is damaged and sticks up. The assessor writes this as a trip hazard which could cause someone to fall down the stairs, leading to a potential injury or death. The action is to replace the carpet, but as a carpet could take a while to turn up, the instant action would be to provide hazard tape on the carpet and a warning sign for those walking on the stairs.

Both of these methods can be used to effectively calculate risk depending on how the data needs to be presented or used.To break something down into components or essential features, to identify possible causation and/or draw conclusions.

Risk Monitoring Techniques

Risk monitoring techniques are so organizational risks can be eliminated/prevented from returning and how this is done. It is also a way of providing evidence of compliance against the national and legal standards and is a way of showing the organizations effective and efficient risk management.

There are different techniques for different types of risks such as whether they are static risks or dynamic risks. Examples of static risks would be ones that always occur such as dealing with vulnerable adults and the potential of abuse to employees. Working within Cardiff Women’s Aid there is always this risk. This means that the static risk could be regulated by ensuring that all staff have annual safeguarding training and refresher training on a bi-monthly basis to reduce the risk of potential harm.

Dynamic risks examples are ones that occur due to the progression of the business, for example: securing a grant for double the machinery would mean double the risk of potential harm to employees using the machines. This means the dynamic risk could be regulated by ensuring every time funding for machinery is awarded, refresher training is given to all employees on how to use the machines.

The techniques that could be used are reassessing, audits, analyzing the effect, reporting its trends and then communicating these. There are techniques that can be used for different risks depending on the reasons for wanting the data. If you are wanting to report on the amount of risks per year, or how the business is being affected by the risks then these techniques can provide this information. For example, the risk of a computer virus spreading across the work network could be monitored by asking staff to reassess their laptops (antivirus checks every week), reporting back any faults to the ICT team, the ICT team providing monthly and annual checks of the network, then reporting the results with any faults to the Senior Management Team, which could be used within a preventative plan. This also ensures that the risk is being managed to the best of the organization’s ability.

Each technique provides a different way which is needed when monitoring unpredictable risks. It ensures that all risks are monitored for their specific type and to enable the best record for noticing trends or gaps to provide effective risk management.

The essential features of risk governance structures are inbuilt within an organization to ensure the compliance to the national and legal standards for both the employee, employer and client by providing the information so they can understand and accept that if a risk happens, this is how it is dealt with.

It allows for the organization to govern staff and clients into being responsible and taking ownership of their actions that could cause the organization, client or employee from becoming financially or legally responsible should a risk have serious implications; For example, the staff are inducted into the organization on their first day, within this induction includes a staff handbook, a safety handbook etc. to sign once read. These are written guidance and broken down policies and procedures for the employee and for the organization to have clear evidence of whose responsibility it is in case of a risk and who has ownership of the implications caused by actions of non-compliance.

There can also be issues with the risk governance structures by giving onerous responsibilities to individuals or for the organization, that could in turn lead to potentially another risk.

Overall, there needs to be a balance of what is legally the duty of employees, clients and employers, alongside the organization policies and procedures. It is a great way to manage the organization in terms of providing clear, coherent guidelines and gaining the signatures of employees for confirmation of ownership, to prevent further long-term financial or legal risks.

Positive Risk and Its Examples

Risk analysis is the review of the risks associated with a particular event or action. It is applied to projects, information technology, security issues and any action where risks may be analyzed on a quantitative and qualitative basis. Risk analysis is a component of risk management. Most of us do anything possible to avoid risk, right? However, once we understand that there are different types of risk – each having their own potential outcomes – we might better put those risks into proper perspective. Positive risk is the type of risk that is also known as an opportunity.

What Is Positive Risk

Positive risk is just one of the many types – along with negative, known, unknown, residual and secondary – that you are likely to face in your business. Basically, a positive risk is any condition, event, occurrence or situation that provides a possible positive impact for a project or environment. A positive risk element can positively affect your project and its objectives. Often when teams know this risk, it provides even more reason to pursue and realize this opportunity. As counterintuitive as it sounds, when discussing any type of risk, the response strategy when encountering positive risks is to work to increase the likelihood for this event to occur. The very word ‘risk’ may throw off many newly minted risk managers, with its generally negative connotations, but take heart; positive risk is good for business. But really, risk in general is not defined as specifically good or bad. It is merely an event that can have some type of potential on business objectives. However, since business leaders must protect the interests of their business, employees, clients and third party stakeholders, it feels more urgent to focus on the negative consequences in order to avoid negative impacts. The human condition generally dictates that we protect what we have, first and foremost. As a practical and familiar daily example, we lock our doors and windows before placing our valuables and loved ones inside our homes. All the positives come after negotiating the negatives, but we certainly proceed to fill our home with good things, often based on positive risks like working overtime to afford a new high-tech television. All that noted, it is just as important to concentrate on the positive aspects of risk. Once you have all the negative consequences of risk accounted for and managed, it is time to explore positive risk.

Examples of Positive Risk

One of the best ways to sum up positive risk is that it often boils down to having too much of a good thing. Even better, these risks allow for opportunities instead of consequences.

Positive Risk in Project Management

Every project leader develops a budget for their respective project and its resource needs. However, as in most things in life, there are often adjustments throughout the course of projects. Many times, a project finishes well under budget, which is technically an error that is attributable to the project leader’s miscalculation or lack of foresight. Most project managers try to avoid the risk of miscalculating a project and bringing it in under budget, but it is hard to argue with the positive outcome of keeping more money for the organization. It is easier to re-allocate those funds than to need to recoup what is lost for going over budget.

Positive Risk in the Supply Chain

Supply chain logistics are often fraught with risks, but there are times when it works in your favor. Any time that you are able to deliver a good or service ahead of time to your clients, as long as it is convenient for them, you can certainly consider this a positive risk. Again, as long as clients have the space and other accommodations to facilitate early delivery, supply chain risks often work in your favor.

Positive Risk in Engineering, Designing and Building

Engineers and building designers often look at the materials and design plans in terms of how long a structure will last. If they strike out to build a structure intended to last for 20 years and end up with a 100-year project, the client benefits from the engineer’s positive risk. Such risk may result from an over-estimation of necessary funds, but the outcome is likely to please the client. If the budget did not greatly exceed the initial plans, it is likely to be considered a positive outcome by everyone since the client is likely to spread the word of the firm’s having exceeded expectations.

Positive Risk in Marketing

Marketing teams are often mired in demographic data to help project interest in a product, service or event. Sometimes these savvy teams may slightly miss the mark and attract an abundance of interest. While this may initially cause issues in an adequate amount of product or space to accommodate customers, adjustments can be made to allow for a positive outcome for everyone.

Positive Risk in Technology

Businesses are increasingly searching for new ways to incorporate technology for greater efficiency. More and more organizations are finding that, with such technological investments, they may be eliminating the need for some jobs within the company. While this type of risk is bad for employees who may risk losing their jobs due to technological efficiency, it does benefit the company in savings.

A Risk Appetite of Heathrow Group

A risk appetite of Heathrow group would be their plan to expand by building a 3rd runway and opening a new terminal. In this ace, the business is operating as risk tolerance and being risk taker as they are willing to put huge capital into developing and expanding. This could be costly due to Brexit and if economy in the future collapses and they don’t have enough cash to operate at full capacity. But by being in between risk tolerance, they are willing to take risk and they are hoping that their expansion proves successful.

Heathrow has a low tax risk appetite as it ensures that both tax and tax risks are managed to provide sustainable outcomes. The approach is to mitigate any risk by taking reasonable care whilst also considering Heathrow’s brand, reputation and the wider airport community. The risk matrix shows the level of risk and the impact it has. The risk in this case is market with a X and it represents an inherent risk of security such as- terrorism. Terrorism is global issue and a major issue for airports and airlines. To mitigate and control this risk, Heathrow have adopted and rigorous policies and procedures which are supported by professional training. They also have plans and are investing in latest security technology. Another way Heathrow are dealing with these threats is by working closely with the police, government agencies and the airlines to establish joint accountabilities for the airport security. You can only reduce the likelihood of these risks from happening to a tolerable level, but you can’t exterminate them.

One of the key risks that organisation such as Heathrow face are related to security particularly cyber-attacks, which can lead to massive disruption for any business. These disruptions can be due to systems not working therefore creating interruption to services. in an event of cyber-attack, business’ system would be impacted so the flights would be cancelled or delayed for long periods. This would result in financial loss and business having its reputation damaged. To have a better management fore this risk, the business needs to make sure that they have the latest software and technology installed but also ensuring that they have trained their employees to use the latest software and they know what procedures to follow in case of a cyber-attack.

The costs of countering the threat of cyber-attack would be having latest technology installed which could be very expensive when you consider the scope of operations of Heathrow. The cost would be additionally raised because having latest technology and software means the need to train employees to be able to use it.

The benefit of implementing these strategies to reduce risk of cyber-attack would be that in case of a cyber-attack, the business would be able to resume its operations quickly and efficiently. The reputation of the business wouldn’t be that impacted since they would be able to respond quickly to these situations. Competitors in the similar market as Heathrow would also be investing in latest software and technology to get ahead of its rivals. Having a reliable technology would mean there is less chance of suffering financial loss due to disruptions.

Business Risk and Its Main Types

Business risk is an evaluation of the balance in the day to day and long-term operation of the business in meeting its expenses. Business risks describe whether the business will be able to provide notable returns to the stakeholders and at the same time, maintaining credit. It occurs in various ways, such as business managers not anticipating certain events within the future, inflicting the business to incur losses or fail.

Business risk is affected by a variety of factors, including consumer preferences, demand, sales volumes, Per-unit worth and input prices, competition, government regulation, and the overall economic climate.

A company with a high chance of business risk should select a capital structure with a lower debt ratio; making sure it will meet its monetary obligations in any respect times. Once revenues drop, the business might not be able to service its debt, which can result in bankruptcy. On the contrary, once revenues increase, it experiences higher profits and is ready to stay up with its obligations to repay the credit.

To calculate risk, analysts use four easy ratios: contribution margin, operation leverage impact, monetary leverage impact, and total leverage impact.

Financial Risk

Financial risk describes the possibility that the stakeholders in a company will lose money. This type of risk originates when the company seeks outside financing sources, putting both the business and the stakeholders at risk. It is more concerned with the costs used in financing the entity

Financial risk is broad, but in a credit application, it refers to default in payment of the acquired credit. Default in payment could either be categorized as debt service or technical default.

Debt service default results when the recipient has not created a regular payment of interest or principal, while a technical default is brought when an associate degree affirmative or a negative covenant is profaned.

Affirmative covenants are clauses in debt contracts that need corporations to take care of sure levels of capital or money ratios. the foremost ordinarily profaned restrictions in affirmative covenants are tangible internet value, operating capital/short term liquidity, and debt service coverage.

Negative covenants are clauses in debt contracts that limit or disallow company actions that would impair the position of creditors. Negative covenants could also be continuous or incurrence-based. Violations of negative covenants are rare compared to violations of affirmative covenants.

Structural Risks

In a simple definition, this means the cost of doing business. One thing that stands out about this type of risk is that it is an industry-based risk that affects a group of companies in the same line of operation. It is entirely dependent on the economy’s drive towards purchasing power and the sale of companies.

In any risk analysis, the structural risk is the first aspect of inspection in the risk profile. It gives an advantage to the borrower but not so much to the bank. This is due to the fact that structural risks give a blanket to the borrower as the risks are beyond their control and cannot be accountable for.

Recommendation

Credit analysis is conducted to determine the capacity of an entity to be able to fulfill its financial obligation. The preparation of a credit application is about making decisions concerning the past, present, and future. For a company seeking credit, all the mentioned financial ratios come in hand to assist the lender to make an informed decision based on actual evidence. The financial aspects included in the application will give a credit rating of the business entity. The process contains both quantitative and qualitative factors. For instance, a company seeking a line of credit, the various critical details have to be included. Details about:

• The repayment period, usually in years;
• The percentage of interest rates imposed on the credit;
• In most cases, they are interest-only payments;
• The credit facility is kept open by a fee, which may be a monthly, quarterly or annual fee;
• The credit can be secured by inventory and receivables, or be unsecured.

The key risks addressed by any bank in lending out funds at large is the credit risk. The risk of the borrower not paying back the loan brings about scrutiny of many eyes. In addition to that, capital investment in the business, credit history, capacity to repay, collateral, and the loan condition are also emphasized. These maps out the viability of the client to receive credit and determine if the generated cash flow would be sufficient to pay off debtors.

Financial covenants are highly looked upon in any credit application to ascertain the terms and the condition of the loan. The affirmative covenants are in place to boost a healthy relationship between the borrower and the lender. The breach of this covenant could lead to unfavorable circumstances like demand full loan repayment. On the other hand, a negative loan covenant depicts unethical practices to be avoided, to create transparency.

References

1. https://www.investopedia.com/terms/f/financialrisk.asp
2. https://www.pinkerton.com/our-thoughts/blog/2080/what-are-structural-risks-vs-variable-risks
3. https://corporatefinanceinstitute.com/resources/knowledge/credit/commercial-credit-analysis/