Risk Management

Basis for Risk Uncertainty

Compariso
n
Meaning The probability of Uncertainty
winning or losing implies a
something worthy is situation where
known as risk. the future

Risk VS events are not

known.

Uncertaint Ascertainme It can be measured It cannot be

y
nt measured.

Outcome Chances of outcomes are The outcome is

known unknown.

Control Controllable Uncontrollable

Minimization Yes No
Probabilities Assigned Not assigned
  The risk is defined as the situation of winning or losing
something worthy. Uncertainty is a condition where there is
no knowledge about the future.
 Risk can be measured and quantified, through theoretical
Key models. Conversely, it is not possible to measure uncertainty

Difference
in quantitative terms, as the future events are unpredictable.
 The potential outcomes are known in risk, whereas in the

s between case of uncertainty, the outcomes are unknown.

 Risk can be controlled if proper measures are taken to control
Risk and it. On the other hand, uncertainty is beyond the control of the

Uncertaint person or enterprise, as the future is uncertain.

 Minimization of risk can be done, by taking necessary

y precautions. As opposed to the uncertainty that cannot

minimized.
 In risk, probabilities are assigned to a set of circumstances
which is not possible in case of uncertainty.
  Risk management is a logical process or
approach that seeks to eliminate or at least
minimize the level of risk associated with a
business operation.

Risk  RM refers to the practice of identifying potential

Manageme risks in advance, analyzing them and taking

precautionary steps to reduce or curb the risk.
nt  The first step in the process has to do with
evaluating the utilization of resources as they
current stand.
  Risk management is the process of
identification, analysis and acceptance or
mitigation of uncertainty in investment decisions.
 RM occurs when an investor or fund manager
analyzes and attempts to quantify the potential for
Risk losses in an investment and then takes the
Management appropriate action (or inaction) given his
investment objectives and risk tolerance.
– Principles
 Inadequate risk management can result in severe
and consequences for companies, individuals, and for
Definitions the economy. Example: the subprime mortgage
meltdown in 2007 – mortgage-backed
securities (MBS)
 MBS is type of asset-backed security that is
secured by a mortgage or collection of mortgages.
  Risk management is the process of identifying,
assessing and controlling threats to an
organization’s capital and earnings. These threats,
or risks, could stem from the following sources:
Risk
1. Financial uncertainty
Management
2. Legal liabilities
– Principles
and 3. Strategic management errors

Definitions 4. Accidents and natural disasters

5. IT security threats
6. Data-related riks
  ISO 31000 defined Risk Management as the identification,
assessment, and prioritization of risks followed by
coordinated and economical application of resources to
minimize, monitor and control the probability and/or
impact of unfortunate events and to maximize the
realization of opportunities.

Risk  It provides frameworks for risks management process

Manageme improvements that can be used by companies, regardless

of the organization’s size or target sector,

nt  It is designed to “increase the likelihood of achieving

objectives, improve the identification of opportunities and
Standards threats, and effectively allocate and use resources for risk
treatment.”
 Benchmarking is one of the benefits of the ISO 31000
compliance since it allows organizations to compare their
risk management practices with the internationally
benchmarks.
  The process should create value
 It should be an integral part of the organizational
process
 It should factor into the overall decision making process
 It must explicitly address uncertainty
Principles  It should be systematic and structured
of Risk  It should be based on the best available information

Manageme  It should tailored to the project

nt (ISO)  It must take into account human factors

 It should be transparent and all-inclusive
 It should be dynamic and adaptable to change
 It should be continuously monitored and improved
upon as the project moves forward.
 1. Organizational Context
2. Involvement of Stakeholders
3. Organizational Objectives

Principles of 4. Reporting
RM 5. Roles and Responsibilities
(amalgamatio 6. Support Structure
n of PMBOK & 7. Early Warning Indicators
ISO) 8. Review Cycle
9. Supportive Culture
10.Continual Improvement
 1. Identification – perform a brainstorming session
where all conceivable risks are itemized
2. Planning - once defined, plan for contingencies
as part of the overall project plan; implement
Risk controls as needed

Manageme 3. Derive Safeguards - place specific ‘fallbacks’

into the overall project plan as contingencies for
nt Process risks if they arise
4. Monitor - continuously monitor the project to
determine if any defined (or un-expected) risks
manifest themselves
  Avoid the Risk – There are instances where a
perceived risk can be avoided entirely if certain steps
are taken.
 Reduce the Risk – This may be accomplished by fine
tuning aspects of the overall project plan or making
adjustments to specific areas of scope.

Techniques  Share the Risk – A joint venture with a third-party

pertaining for example will reduce the downside risk for the
organization as a whole. This could reduce the sunk

to RISK cost and potential losses of the project if sharing or

risk results in it being spread out over several
different individuals or groups.
 Retain the Risk – Once all options are exhausted,
the team members, sponsor and project manager
may just decide to retain the risk and accept the
downside potential as is.
 Risk
Manageme
nt Process
  Risk identification. The company identifies and defines
potential risks that may negatively influence a specific
company process or projects.
 Risk analysis. The company determines the odds of it
occurring, as well as its consequences. The goal of the
analysis is to further understand each specific instance of
Risk risk, and how it could influence the company’s projects

Management and objectives.

Strategies  Risk assessment and evaluation. The risk is then

further evaluated after determining the risk’s overall
and consequence.
Processes  Risk mitigation. Companies assess their highest-ranked
risks and develop a plan to alleviate them using specific
risk controls.
 Risk monitoring. Part of the mitigation plan includes
following up on both risks and the overall plan to
continuously monitor and track new and existing risks.
Learning  https://www.mindtools.com/pages/article/
newTMC_07.htm
Activity