How to manage risks systematically?

silver bullet risk - blog - risk management process

Systematic enterprise risk management is a never-ending process in a company that ensures that the risks are appropriately managed.

Risk management process is in its simplest form divided into 4 main phases:

1) Identification
2) Assessment
3) Treat
4) Control

While many ERM books make it sound complicated really is not.

First, we must identify the existence of a risk; evaluate how serious risk we are dealing with, doing something about it, and finally ensure that what we did helped.

Then over time we repeat the steps 2, 3 and 4 to ensure that situation hasn’t changed and that our mitigation efforts are still suitable.

silver bullet risk - blog - risk management process

All this being said, there are number of fine details in each of the steps that one should be carefully. And in our article series we’ll bring additional insights into each step.

RISK IDENTIFICATION
-Create a collection of all the risks that the company faces → Risk register
-How to know which risk exists? Use out of the box thinking & imagination
-Avoid identifying difficulties as risk; avoiding double counting the same risks; start with the major risk and don’t think that large number of risks means that identification was done well
RISK ASSESMENT
-“Deciding how serious risk is”
-Quantify in monetary units based on cash flow, profitability, and firm value impact
-Advanced: Take into account the interdependencies → risk aggregation
RISK TRAETMENT
-Strategies to reduce risk: Assume; mitigate; hedge; transfer
-Cost benefit analysis: Does it pay off to mitigate risk (requires monetary risk quantification!!!)
-Assign risk owners and organize risk treatment tasks
RISK CONTROL
-Track risk realization and near misses → Data
-Keep track and record underlying risk drivers, such as price fluctuations and interest rates (KRI – Key Risk Indicators)
-Control that risk treatment is functioning well

***

Contact our team if you want to manage risks systematically.

For more information about risk management follow our LinkedIn & Twitter account. You can join the debate in Linkedin group ERM – ENTERPRISE RISK MANAGEMENT.