Track

GA

Tuesday, May 18, 2010

Risk Management

What is Risk Management?

Risk management is activity directed towards the assessing, mitigating (to an acceptable level) and monitoring of risk. In some cases the acceptable risk may be near zero. Risks can come from accidents, natural causes and disasters as well as deliberate attacks from an enemy. Risk is a concept that signifies the precise probability of specific eventualities. Technically, the notion of risk is independent from the notion of value and, as such, possible occurrences may have both good and bad consequences.


Establishing where risk resides

1. Identification of risk in a selected area of interest

2. Planning the process. Process Flow Diagrams

3. Mapping out the following:

o the social scope of risk management

o the identity and objectives of stakeholders

o the basis upon which risks will be evaluated, constraints.

4. Defining a framework for the activity and an agenda for identification.

5. Developing an analysis of risks involved in the process.

6. Mitigation of risks using available technological, human and organizational resources.

Identification

After establishing the areas in your process were risk may reside, the next step in the process of managing risk is to identify potential risks. Risks are about events that, when triggered, cause problems. Hence, risk identification can start with the source of problems, or with the problem itself.

• Source analysis Risk sources may be internal or external to the system that is the target of risk management. Examples of risk sources are: stakeholders of a project, employees of a company or the weather over an airport.

• Problem analysis Risks are related to identified threats. For example: the threat of losing money, the threat of abuse of privacy information or the threat of accidents and casualties. The threats may exist with various entities, most important with shareholders, customers and legislative bodies such as the government.

The chosen method of identifying risks may depend on culture, industry practice and compliance.



source

No comments:

Post a Comment