Professional Documents
Culture Documents
risk
Dr. Trupti Karkhanis
1
What Is Risk?
Definition of Risk.
The threat that an event or
action will adversely affect an
organisations ability to achieve
its business objectives and
execute its strategies
successfully
2
Business Risk Definition 2
The chance of
something
happening that
will have an
impact on
business
objectives
Source :-Aus/NZ
Risk Mgt Standard
3
Wrong assumptions about risk
Risk is just something for finance
and insurance to worry about
Risk comes up on the agenda once a
year
Risk management is just another
layer of unnecessary bureaucracy
Risk management is about downside
not creation of value
Risk is a compliance issue
4
Types of Risk
Strategic
Operational
Reputation
Information
Financial
People
Regulatory
5
Strategic Risks
Risks that relate to doing the wrong
things
6
Operational Risks
Risks that relate to doing the right things
in the wrong way
7
Information Risks
8
Financial Risks
Risks that relate to losing monetary
resources or incurring unacceptable
liabilities
9
People Risks
The risks associated with Employees and
Management
10
Regulatory Risk
The Risks related to the regulatory
environment
11
Reputation Risk
Risks that relate to the organizations
brand or image
12
Inherent and Residual Risk
Inherent risk = Gross risk before
controls/ mitigation
Residual risk = Risk remaining after
applying controls
13
Evaluation and Measurement of
Risk
Risk is measured in terms of
consequences (or impact) and likelihood
(or probability)
14
Consequences Likelihood
Monetary (% of Rare (less than
income or budget) once in 20 years)
Reputation Unlikely (once in
Ability to recover 10-20 years)
Effect on Possible (once in
Organisation 10 years)
Likely (once in 3
Insignificant,Minor years)
, Almost Certain
Moderate,Major (once a year)
Catastrophic
15
Questions you need to answer
16
Risk Management
International expectations are now that
all organisations should:
Identify, evaluate and manage their key risks and assess
how they are controlled
Ensure that all aspects of internal control and risk
management are regularly reviewed on an appropriate
cyclical basis
Have regular board level reviews of reports on risk
management and internal control
17
Risk Management
And that:
Risk management and internal control should be:
18
Risk Treatment
Risk
Transfer Exposure
Loss Contingency
Control
reduction Plans
Action Plans
19
LETZ MITIGATE RISK…
20