Chapter 1 Risk

Management
Definition Risk Management
The process of determining the maximum

acceptable level of overall risk to and from

proposed activity, then using risk
assessment technique to determine the
innitial level of the risk and if this excessive,
developing a strategy to ameliorate
appropriate individual risks until the overall
level of risk is reduce until acceptable level.
 Risk management is the identification,
assessment, and prioritization of risks
(defined in ISO 31000 as the effect of
uncertainty on objectives, whether positive
or negative) followed by coordinated and
economical application of resources to
minimize, monitor, and control the
probability and/or impact of unfortunate
events or to maximize the realization of
opportunities
Continue
Risks can come from uncertainty in financial
markets, threats from project failures (at
any phase in design, development,
production, or sustainment life-cycles), legal
liabilities, credit risk, accidents, natural
causes and disaster as well as deliberate
attack from an adversary, or events of
uncertain or unpredictable root cause.
Theory and Concepts
Risk to What?
Risk to achievement the

objectives
Risk is A chance of of

something happening that can

effect the objectives
 Why does Risk Management
Exist
Risk Management does not exist in isolation
by itself or for itself . The Risk Management
exist if need to satisfy the other party in any
condition of the third party.
Identify the Risk
What can happen
How , why can it happen?
 Risk can happen from this
sources
Political
Technologies
Economic
External Events
Management activities
People events ( Behavior, culture, gender,

Lifestyle, ETC
Two Factors of Concept of
Risk
Evaluate the Risk with 2 factors
i) The probability of something happening that we

don't want
ii) the consequences if it does.

For Example An airplane flight is a very good

example. The consequence of a airplane crash is
usually the loss of most, if not all life on board -
dreadful. Fortunately, when we fly, the probability
of being in an airplane crash is very small (1 in 52.6
million according to the National transportation
Safety Board). This very low probability makes the
risk very acceptable
Category of Risk
1. Political
Those with failure either the government policy
or uncertainties of government political scenario
For Example
Wrong political priorities
Not meeting government agenda
Too slow or failure to modernize
Decision based on incorrect information
Unfulfilled promises to electorate
Community planning oversight / errors
 2 Economic
those affecting the ability of the Council to

meet its financial commitments. These

include internal budgetary pressures, the
failure to purchase adequate insurance or
the consequences of proposed investment
decisions.
Continue .
For Example
General/regional economic problems
Missed business and service opportunities
Failure of major projects
Failure to prioritise, allocate appropriate

budgets and monitor

Inadequate control over expenditure or

income
Inadequate insurance cover
 Social
those relating to the effects of changes in
demographic, residential or socio-economic trends
on the Councils ability to deliver its objectives
For Example
Failing to meet the needs of disadvantaged
communities
Failures in partnership working
Problems in delivering life-long learning
Impact of demographic change
Crime and disorder
 Technology
Those associated with the capacity of the

Council to deal with the pace / scale of

technological change, or its ability to use
technology to address changing demands.
They may also include the consequences of
internal technological failures on the
Councils ability to deliver its objectives.
Continue
For Example
Breach of confidentiality
Failure in communications
Insufficient disaster recovery for key

data/systems
Failure of big technology related project
Breach of security of networks and data
Failure to comply with IT Security Policy
 Legislative
Those associated with current or potential

changes in national or International law

For Example

Inadequate response to new legislation

Not meeting statutory duties/deadlines

Failure to implement legislative change

Misinterpretation of legislation

Exposure to liability claims e.g. motor accidents,

wrongful advice
Breach of confidentiality / Data Protection Act
 Environment
Those relating to environmental

consequences of progressing the Councils

corporate objectives (e.g. in terms of
energy, efficiency, pollution, recycling, etc).
 For Example
Impact on sustainability initiatives
Impact of planning & transportation policies
Noise, contamination and pollution
Crime & Disorder Act implications
Inefficient use energy and water
Incorrect storage/disposal of waste
 Competitive
Those affecting the competitiveness of the

service (in terms of cost of quality) and / or

its ability to deliver best value.
For Example
Take over of services by government
Failure of bids for government funds
Failure to show value for money
Accusations of anti-competitive practices
 Customer / Citizen
Those associated with the failure to meet

the current and changing needs and

expectations of customer and citizens
For Example
Lack of appropriate consultation
Bad public and media relations
 Reputation
Those relating to public confidence and failure to
recruit high caliber staff
For Example
Adverse media attention
Policies misunderstood or misinterpreted
Negative implications identified by other which have
not been previously considered
Failure to keep partners on side
Breach of confidentiality
Lack of business continuity plan
Failure to maintain and upkeep land and property
 Partnership
Those associated with working in partnership
with another organization
For Example
Non compliance with procurement policies
Poor selection of partner
Poor contract specification, deficiencies
Failure of partner to deliver
Inadequate contract terms & conditions
Bad management of partnership working
The Six Domains of Risk
1. Strategic Risk Management
How to strategize to tackle and manage the Risk
2. Credit Risk
Default or non payment debtors
Payment Schedule
3.Operational Risk
4. Market Investment , Cash Flow
5.IT Risk or System management Risk
6. Legal Risk / Reputation Risk