Page 18 - RMAI July-September 2018
P. 18

July - September 2018






        The  demystification  of  risk  involves  a  new  whole  withdrawn  in  2009  in  preference  for  ISO  3100.  SA
        perspective on a business-wide process that has been  4360  was  first  published  in  1995  and  ISO  3100
        looked at for many years as a separable, quantitative  includes many of the features previously described in
        and work specific exercise.                           AS 4360.
        The  quantification  comes  from  the  attempt  to    BENEFITS OF RISK MANAGEMENT
        replicate  scientific,  mathematical  models  of
                                                              There is a range of benefits arising from successful
        probability but most activities do not need such rigor.
                                                              implementation of risk management. A key benefit is
        The issue of risk management is simple comprising     to enhance the efficiency of operations within the
        awareness  of  risks  and  focused  and  intense
                                                              organization.  Risk  management  helps  ensure  that
        management.
                                                              business processes (including process experiments by
        Setting up for risk management means preparing the  way  of  projects  and  other  change  initiatives)  are
        organization  and  not  the  work  activities  first.  The  effective and that the selected strategy is efficacious.
        issue is establishing first the value of risk analysis as  The  outputs  from  risk  management  activities  can
        part  of  the  normal  planning  process.  Finding  out  benefit organization in three time scales and ensure
        where risks emerge from that make inroads into the  that the organization achieves:
        work breakdown structure and scheduling process.      # efficacious strategy; # effective process;  #  efficient
        We have to bear in mind risk is an input to risk-based   operations.
        scheduling. Dimensioning risk is qualitative, ranking
        and ordering, usually not quantitative.               In  order  to  achieve  a  successful  risk  management
                                                              contribution,  the  intended  benefits  of  any  risk
        The  risk  management  process  is  fairly  well      management initiatives have to be identified, listed
        established,  although  it  may  be  carried  out  in  a   and  prioritized.  If  those  benefits  have  not  been
        number  of  different  ways.  But  the  process  cannot   identified,  there  may  be  no  means  of  evaluating

        take place in isolation. It needs to be supported by a  whether  the  risk  management  initiative  has  been
        framework within the organization and further needs  successful at all.
        to be implemented in different ways appropriate to
                                                              Therefore, good risk management has to have a clear
        the situation in the range of standards, guides and   set of desired indisputable set of outcomes/benefits.
        other publications that are available.                Appropriate attention has to be paid to each stage of
        The key components of a successful risk management  risk management process, as well as to details of the
        framework are the structure which is comprised of     design,  implementation  and  monitoring  of  the
        the  communications  and  reporting  system,  the     framework  that  supports  these  risk  management
        strategy that is set up by the organization and the set   activities. One of the major requirements for a good
                                                              lawyer  is  to  be  up-to-date  with  case  law.  Most
        of guidelines and procedures and protocols that have
                                                              judgements delivered by Superior Courts in India are
        been  established.  The  combination  of  risk
                                                              by the State High Courts and the Supreme Court. As a
        management process together with the description
                                                              matter of fact many a case is won in Superior Courts
        in place for supporting the process constitutes the
                                                              by the citation of Case Law And many a precedent is
        “risk management standard”.
                                                              cited by case law.
        There  are  standards  in  existence,  including  the
                                                              FEATURE OF RISK MANAGEMENT
        Institute of Risk Management (IRM) Standard and the
                                                              Failure  to  adequately  manage  risks  which
        recently published British Standard (BS) 31100. There
                                                              organizations  quite  often  face  can  be  caused  by
        is also American COSO ERM framework.
                                                              inadequate risk recognition, insufficient  analysis  of
        The latest addition to the available risk management   significant risks which need consideration and failure
        standard is  the  International  Standard (ISO)  31000   to  identify  suitable  risk  responsive  activities.  Also,
        published in 2009. The well-established and highly  failure  to  set  a  risk  management  strategy  and
        regarded  Australian  Standard  (AS)  2004  was  communicate  that  strategy  and  the  associated

        RISK MANAGEMENT ASSOCIATION OF INDIA                                                                 17
   13   14   15   16   17   18   19   20   21   22   23