MGT 209 - CH 11 Notes

Download as pdf or txt
Download as pdf or txt
You are on page 1of 7

CHAPTER 11

RISK MANAGEMENT

INTRODUCTION

 Effective corporate governance cannot be attained without the organization mastering the
art of risk management.

DEFINITION

Risk Management

- Process of measuring or assessing risk and developing strategies to manage it


- Systematic approach in identifying, analyzing, and controlling areas or events with a
potential for causing unwanted change
- Act or practice of controlling risk
- Identification, assessment, and prioritization of risks followed by coordinated and
economical application of resources to minimize, monitor, and control the probability
and/or impact of unfortunate events and to maximize the realization of opportunities
(International Organization of Standardization)

BASIC PRINCIPLES OF RISK MANAGEMENT (identified by ISO)

Risk management should

1. Create value
2. Address uncertainty and assumptions
3. Be an integral part of the organizational processes and decision-making
4. Be dynamic, iterative, transparent, tailorable, and responsive to change
5. Create capability of continual improvement and enhancement considering the best
available information and human factors
6. Be systematic, structured, and continually or periodically reassessed

STEPS IN THE PROCESS OF RISK MANAGEMENT

Standard ISO 31000 “Risk Management – Principles and Guidelines on Implementation”

1. Establishing the context

a. Identification of risk in a selected domain of interest


b. Planning the remainder of the process
c. Mapping out the
i. Social scope of risk management
ii. Identity and objectives of stakeholders
iii. Basis upon which risks will be evaluated, constraints
d. Defining a framework for the activity and an agenda for identification

JENIELYN P. TORRES, CPA 1


e. Developing an analysis of risks involved in the process
f. Mitigation or solution of risks using available technological, human, and organizational
resources

2. Identification of potential risks

Common Risk Identification Methods

a. Objective-based risk
b. Scenario-based risk
c. Taxonomy-based risk
d. Common-risk checking
e. Risk charting

3. Risk assessment – assessment of the potential severity of risks and the probability of their
occurrence

a. risk identification
b. risk analysis
c. risk evaluation

ELEMENTS OF RISK MANAGEMENT

 Risks with high probability of occurrence but lower loss v. risks with high loss but lower
probability of occurrence

1. Identification, characterization, and assessment of threats


2. Assessment of the vulnerability of critical assets to specific threats
3. Determination of the risk
4. Identification of ways to reduce those risks
5. Prioritization of risk reduction measures based on a strategy

RELEVANT RISK TERMINOLOGIES

I. Risks Associated with Investments

a. Business Risk – uncertainty about the rate of return caused by the nature of the business
- Causes: uncertainty about the firm’s sales and operating expenses

b. Default Risk – related to the probability that some or all of the initial investment will not
be returned
- Closely related to the financial condition of the company issuing the security and the
security’s rank in claims on assets in the event of default or bankruptcy

c. Financial Risk – determined by the firm’s capital structure or sources of financing

JENIELYN P. TORRES, CPA 2


d. Interest Rate Risk – gives rise to uncertainty about the cost of the debt

e. Liquidity Risk – inability to meet short-term obligations. It is associated with the


uncertainty created by the inability to sell the investment quickly for cash.

f. Management Risk

g. Purchasing Power Risk

II. Risks Associated with Manufacturing, Trading, and Service Concerns

a. Market Risk – risk of gain or loss due to movement in the market value of an asset – a
stock, bond, loan, foreign exchange, or commodity – or a derivative contract linked to these
assets

i. Product Risk
- Complexity
- Obsolescence
- Research and Development
- Packaging
- Delivery of Warranties

ii. Competitor Risk


- Pricing Strategy
- Market Share
- Market Strategy

b. Operations Risk

i. Process Stoppage
ii. Health and Safety
iii. After Sales Service Failure
iv. Environmental
v. Technological Obsolescence
vi. Integrity
- Management Fraud
- Employee Fraud
- Illegal Acts

c. Financial Risk – has some direct financial impact on the entity

i. Interest Rates Volatility


ii. Foreign Currency
iii. Liquidity
iv. Derivative
v. Viability

JENIELYN P. TORRES, CPA 3


d. Business Risk

i. Regulatory Change
ii. Reputation
iii. Political
iv. Regulatory and Legal
v. Shareholder Relations
vi. Credit Rating
vii. Capital Availability
viii. Business Interruptions

III. Risks Associated with Financial Institutions

i. Financial
ii. Non-Financial

CATEGORIES OF POTENTIAL RISK TREATMENTS

1. Risk Avoidance – includes not performing an activity that could carry risk
2. Risk Reduction or Optimization – involves reducing the severity of the loss or the
likelihood of the loss from occurring
3. Risk Sharing – sharing with another party the burden of loss or the benefit of gain, from a
risk, and the measures to reduce a risk
4. Risk Retention – accepting the loss or benefit of gain from a risk when it occurs

AREAS OF RISK MANAGEMENT

1. Enterprise Risk Management


2. RM activities as applied to project management
3. RM for megaprojects
4. RM for information technology
5. RM techniques in petroleum and natural gas

SIMPLIFIED FRAMEWORK FOR AN ENTERPRISE-WIDE RISK MANAGEMENT


PROCESS

SEC REQUIREMENT

 SEC Code of Governance Recommendations 2.11 and 3.4 and their corresponding
explanations

RISK MANAGEMENT FRAMEWORK

 SEC Code of Governance Principle 12

JENIELYN P. TORRES, CPA 4


STEPS IN THE RISK MANAGEMENT PROCESS

1. Set up a separate risk management committee chaired by a board member.

- To demonstrate the firm’s commitment to adopt an integrated company-wide risk


management system

2. Ensure that a formal comprehensive risk management system is in place.

- To provide a clear vision of the board’s desire for an effective company-wide risk
management

3. Assess whether the formal system possesses the necessary elements.

KEY ELEMENTS

a. Goals and objectives


b. Risk language identification
c. Organization structure – should include formal charters, levels of authorization
reporting lines, and job description
d. Risk management process documentation

4. Evaluate the effectiveness of the various steps in the assessment of the comprehensive risks
faced by the business firm.

5. Assess if management has developed and implemented the suitable risk management
strategies and evaluate their effectiveness.

- Strategies may include avoidance, reduction, transfer, exploitation and retention of risks.

6. Evaluate if management has designed and implemented risk management capabilities.

7. Assess management’s efforts to monitor overall company risk management performance


and to improve continuously the firm’s capabilities.

- Must be monitored on a continuing basis

8. See to it that best practices as well as mistakes are shared by all.

- Regular communication of results and feedback to all concerned


- Open communication channel

9. Assess regularly the level of sophistication of the firm’s risk management system.

10. Hire experts when needed.

JENIELYN P. TORRES, CPA 5


Additional Information

Risk
- effect of uncertainty in objectives
- combination of the probability of occurrence of harm and the severity of that harm

 Risk is not the harm itself. It is merely a possibility that harm will occur. What causes harm
is hazard.

Example: COVID-19 virus – hazard; probability that a certain person may be infected –
risk

 The concept of risk does not always relate to harm. Risk can likewise create opportunities.

Example: investing in stocks

 The concept of risk must be distinguished from uncertainty. Risk can be measured. You
may be able to tell possible outcomes and the chances that each outcome will occur. All
that is unknown is the actual outcome. Uncertainty means that you do not know all the
possible outcomes and/or the chances of each outcome occurring.

Impact of Risk on Stakeholders

On Shareholders
When the company’s risk profile changes, shareholders may sell their shares, resulting to
a lower share price.

On Creditors
They are concerned on whether the company can fulfill its obligations and limit the risk of
default. Otherwise, they can deny credit, charge higher interest, file actions in court that could lead
the company into liquidations, or ask for collateral.

On Employees
They are concerned about the threats to their job- salary, promotion, benefits, satisfaction,
job itself. If the business fails, employees may lose their jobs.

On Customers and Suppliers


Suppliers are concerned about the risk of making unprofitable sales. Customers are
concerned on getting the value from the goods or services that they expect.

On the Public
In general, the community is concerned with risks that the company does not act a good
corporate citizen. Otherwise, pressure groups tactic can include publicity, direct action, sabotage,
or pressure on the government.

JENIELYN P. TORRES, CPA 6


Other Risks

Credit risk – occurs when a counter party is unable or unwilling to fulfill its contractual obligation

Currency risk – the possibility of gain or loss due to future changes in exchange rates

Political risk – risk that political action will affect the position and value of an organization

Technological risk – failure of system due to tampering of data access to critical information,
nonavailability of data, and lack of controls

Internet risk – numerous security dangers brought by internet connectivity

Denial of service attack – characterized by an attempt by attackers to prevent legitimate users of


a service from using that service

Probity risk – risk of unethical behavior by one or more participants in a particular process

JENIELYN P. TORRES, CPA 7

You might also like