MANAGING RISK

It is a truism that no human activity is undertaken without some degree of risk. Over the last 25 years, a series of processes has been developed to support organizations with the identification and containment of risks affecting their operations. Risk management is of obvious importance for organizations carrying out potentially hazardous operations, but it is a discipline now quite widely accepted as a necessary component of strategic management in all organizations.

Whether looking at general risks to the organization or more specifically at risks relating to health, safety and welfare, the generic skills needed to achieve efficient and cost-effective risk management are similar. Of key importance is the need to identify, quantify and recognize risk and then to take measures to manage it. The level of risk management is proportional to the degree of risk and is geared towards risk control ‘as far as is reasonably practicable’ and, where possible, acting to eliminate the risk.

However, in all cases there will be a balance in risk management between risk taking and risk minimization. For example, when setting up a project, when carrying out research and development, when re-engineering a management structure, when making expansion plans, when making a purchase or when recruiting personnel, there is an investment of time and money which is at risk if there is no organizational or strategic benefit gained within the planned time frame. Therefore the level of risk must be justified. Organizational progress is dependent upon a measured degree of risk taking and a cost/benefit or risk/expectation analysis is needed in order to justify the risks.

It is important to appreciate that risk is not purely a negative concept: business activities can contain upside risks (opportunities) as well as downside risks (threats). Upside risk requires equally careful diagnosis and management. For instance, if a development project is running ahead of schedule, an associated upside risk might be a quicker ‘time-to-market’ for the end product. The flipside could be that resources committed to the project will become redundant and difficult to re-deploy.

There have been various useful risk management processes developed since the 1980s. In the UK, notable contributions have come from the MOD (described in Chapman and Ward, 1997) and from Chris Chapman of Southampton University. Latterly, again in the UK, the National Health Service has adopted risk management standards (which were first developed in Australia) under the title Controls Assurance. 

A note of caution should be sounded though to the pressured manager, thinking of introducing such a process into his or her own business operations. The recent trend is for more elaborate (and hence expensive) models which will prove difficult to implement, certainly within a fast-moving commercial environment. A sensible approach would be to examine some recent models and adapt them to individual circumstances

POINTS TO PONDER   

  1. What risk management models apply to your organisation?

  2. Does your organisation have a risk management policy?

  3. Is a risk management policy applied across all operational areas, such as project planning, financial management, human resources, health & safety etc?

In order to help you,  we have published a dossier on this subject called  "Managing Risk"  this dossier along with our well stocked on-line reading room will help you to develop your knowledge in this area as part of our multi-format management development infrastructure.

                

Click here to visit the on-line reading room  

Click here to see our wide range of Dossiers

 

Communications ] Human Resource Planning ] The Learning Organisation ] Managing Customer Relations ] [ Managing Risk ] Projects ] Financial Performance ] Managing Quality ] Business Planning ] Managing for Knowledge ]