Page 19 - RMAI July-September 2018
P. 19

July - September 2018






        responsibilities  to  those  who  are  involved  like  “negative  outcomes”.  These  risks  are  “hazard”  or
        colleagues  and  other  co-workers.  It's  also  possible  “pure”  risks  and  these  may  be  thought  of  as
        that risk management procedures or protocols may  ”operational  or  insurable  risks”.  In  general,
        actually  be  incapable  of  delivering  the  required  organizations have built a tolerance for pure (hazard)
        results that may lead to inadequate management of  risks and these need to be managed within the levels
        risks.                                                of tolerance of the organization.

        The consequences of failure to adequately manage  There  are  two  main  aspects  associated  with
        risks  can  be  disastrous  and  result  in  inefficient  “opportunity  risks”.  There  are  risks/dangers
        operations.  Projects  not  completed  on  time  and  associated with  taking the opportunity, but there are
        strategies that are not delivered, or were incorrect in  also risks associated with not taking the opportunity.
        the first place are the major cause of organizational  Opportunity  risks  may  not  be  visible  and  they  are
        failure.  The  hallmarks  of  a  successful  risk  financial  in  nature.  Although  opportunity  risks  are
        management  initiative  should  be  proportionate  to  often taken with the intention of having a positive
        and  aligned  with  the  organization's  mission  and  outcome, this is not guaranteed.
        objectives  and  comprehensive,  embedded  and
                                                              COMPUTER VIRUSES
        dynamic.
                                                              In  order  to  understand  the  distinction  between
        “Proportionate” means that the efforts put into risk
                                                              “hazard  (or  pure)”,  “opportunity  (or  speculative)”,
        management activities should be appropriate to the    and “control (or uncertainty)” risks, the example of
        level  of  risks  that  the  organization  faces.    Risk
                                                              use  of  computers  is  useful.  Virus  infection  is  an
        management activities should be   ”aligned” with all
                                                              operational or hazard risk and there is no benefit to an
        other activities within the organization and will also   organization suffering a virus attack on its software
        need  to  be  “comprehensive”,  so  that  any  risk
                                                              programs. When an organization installs or upgrades
        management  initiative  covers  all  the  aspects  and
                                                              a software package, control (or uncertainty) risks will
        facets of the risks the organization faces. Finally, risk   be associated with the upgraded project.
        management activities have to be “dynamic” (moving
        with the times) and be “responsive” to the changing   The selection of new software is also an opportunity
        times  and  business  environment  faced  by  the     (or speculative) risk, where the intention is to achieve
        organization.                                         better results by installing the new software, but it is
                                                              possible the new software may fail to deliver all of the
        TYPES OF RISKS
                                                              functionality that was intended and the opportunity
        Risks may have positive or negative outcomes or may   benefits may not be delivered. In fact, the failure of
        simply result in uncertainty.Therefore “risks” may be   the  new  software  system  may  substantially
        considered  to  be  related  to  an  “opportunity”  or  a
                                                              undermine the operations of the organization.
        “loss”  or  the  presence  of  “uncertainty”for
        anorganization. Every risk has its own characteristics   Organizations  can  no  longer  find  themselves  in  a
                                                              position  whereby  unexpected  events  can  cause
        that require appropriate analysis and management.
        As in ISO Guide 73 definition, risks are divided into   financial  loss,  disruption  to  normal  operations,
        three  categories;  (a)  Hazard  or  Pure  Risks;  (b)   damage to reputation and loss of market presence.
        Opportunity or Speculative Risks and (c) Control or   Stakeholders  expect  that  organizations  take  full
        Uncertainty Risks.                                    account of the risks that may cause disruption within
                                                              the operations, late delivery of projects or failure to
        It  is  important  to  note  that  there  is  no  'right'  or
        'wrong'  sub-division  of  risks.  The  most  important   deliver strategy.
        issue  is  that  an  organization  adopts  a  risk    FUTURE  BENEFITS  OF  RISK  MANAGEMENT  AND
        classification system that is most suitable for its own  LOSS  CONTROL
        circumstances, business processes and its personnel.  Operations will be impacted by the hazard risks and so

        There  are  certain  events  that  can  result  only  in  the  focus  of  the  risk  management  in  relation  to

        18                                             RISK MANAGEMENT ASSOCIATION OF INDIA
   14   15   16   17   18   19   20   21   22   23   24