Scribd Logo
Upload

Welcome to Scribd!

  • Assessing Risk Systematically

    Uploaded by

    John Arthur
    21 views4 pages
    academic

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    academic

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views4 pages

    Assessing Risk Systematically

    Uploaded by

    John Arthur
    academic

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Assessing risk systematically Author: Leonard, J Barry Source: Risk Management v42n1, (Jan 1995): p.12 1!

    (Lengt": 5 pages) ISSN: ##$5 559$ Number: ##9%2#54 Copyright: &opyrig"t Risk Management 'o(iety )*+,is"ing -n( 1995 .oot+a,, (oa("es (a,, it mapping o*t a game p,an/ +*sinesses re0er to it as mitigating risk. Like a (oa(" s"re1d,y ("e(king o*t t"e opposing team, risk managers seek o*t potentia, pro+,ems, ana,y2e and st*dy t"e imp,i(ations, anti(ipate a,, potentia, o*t(omes and t"e ,ike,i"ood o0 o((*rren(e and (reate p,ans to prevent dire (onse3*en(es. 4t -,,inois )o1er, t"is is done t"ro*g" t"e 5Risk Register,5 a (ompre"ensive risk assessment system deve,oped and imp,emented in 1966. 7"e Risk Register is a 0orma, pro(ess t"at identi0ies, 3*anti0ies and (ategori2es t"e risks 0a(ing -,,inois )o1er, deve,ops (ost e00e(tive met"ods to (ontro, t"em and positions t"e (ompany to a("ieve its stated goa,s. 7"e pro(ess, app,i(a+,e to any +*siness operation, (ontin*a,,y assesses ne1 risks, generates in0ormation 0or de(ision making and ed*(ates emp,oyees at a,, ,eve,s. 7"e Risk Register is an e00e(tive met"od 0or 0or(ing a (ons(io*s eva,*ation o0 risk as part o0 t"e de(ision making pro(ess. -t "eig"tens *nderstanding o0 risk at a,, ,eve,s o0 management, 0osters a greater a((eptan(e o0 in0ormed risk and, most important, provides a so,id +ase 0or 0*t*re risk management a(tions. 7"e risk management sta00 (oordinates t"e Risk Register and serves as a te("ni(a, reso*r(e. Be(a*se o0 its ro,e in t"e pro(ess, t"e risk management sta00 at -,,inois )o1er "as greater (orporate visi+i,ity t"an it ever did +e0ore and is part o0 t"e ,oop in many departments8 management de(isions. 7"e Risk Register a,so ,aid t"e gro*nd1ork 0or -,,inois )o1er8s &orporate 9isaster Re(overy ),an, initiated in 1991. 7"ro*g" t"e Risk Register, t"e (ompany +e(ame a1are o0 t"e (atastrop"i( risks it 0a(es (s*(" as eart"3*ake and 0ire) and o0 t"e 0a(t t"at t"e pre disaster mitigation te("ni3*es in p,a(e to address t"em 1o*,d not +e s*00i(ient to get t"e (ompany +a(k into +*siness 3*i(k,y a0ter a (atastrop"i( ,oss. 7"anks to t"e kno1,edge gained t"ro*g" t"e Risk Register, -,,inois )o1er today "as a program in p,a(e to save ,ives, preserve property and ret*rn to a norma, state o0 +*siness in t"e s"ortest possi+,e time at t"e ,east possi+,e (ost a0ter a (atastrop"i( ,oss. 7"ro*g" t"e &orporate 9isaster Re(overy ),an, t"e (ompany o+tains in0ormation on ,eve,s o0 damage, reso*r(e avai,a+i,ity and t"e stat*s o0 restoration a(tivities/ provides time,y and a((*rate in0ormation to t"e media, government o00i(ia,s, reg*,atory a*t"orities, emp,oyees and t"e genera, p*+,i(/ gives g*idan(e on restoration a(tivities/ (oordinates a(3*isition and a,,o(ation o0 reso*r(es and (oordinates operations 1it" (ity, (o*nty, state and 0edera, emergen(y servi(e organi2ations.

    -9:;7-.<-;= 7>: R-'?' 7"e Risk Register pro(ess (onsists o0 0ive p"ases: risk ana,ysis, mitigation deve,opment, mitigation se,e(tion, imp,ementation and monitoring. -n t"e risk ana,ysis p"ase, risks are identi0ied +ot" traditiona, ,ia+i,ities and spe(*,ative or +*siness risks, regard,ess o0 ins*ra+i,ity. 7"e risk management sta00 intervie1s (ompany o00i(ers and department "eads to as(ertain 1"at risks t"ey t"ink t"e +*siness 0a(es 1it"in t"eir individ*a, areas o0 responsi+i,ity as 1e,, as t"ro*g"o*t t"e (ompany. >istori( (,aims e@perien(e in t"e risk management in0ormation system (RM-') is a,so e@amined. 7"e risk management sta00 t"en (ompi,es t"e risks and assigns t"em to t"e departments t"at 1o*,d "ave dire(t responsi+i,ity 0or t"em. 7"e departments ana,y2e t"e assigned risks as 1e,, as any ot"er risks t"at mig"t +e identi0ied d*ring t"e pro(ess. 7"e ana,ysis en(ompasses de0ining ea(" risk, in(,*ding a pro+a+,e s(enario/ 3*anti0ying t"e pro+a+i,ity and severity o0 its o((*rren(e and (ategori2ing ea(" risk as a +*siness, property, ,ia+i,ity, environmenta, or n*(,ear risk. 7"e risk management sta00 gives t"e departments g*ide,ines 0or proAe(ting ,oss ,imits and a (ontin**m 0or pro+a+i,ity (e.g., #.# B (annot "appen/ 1.# B 1i,, o((*r). 7"e departments (onvert ,oss ,imits to n*meri( (odes (e.g., C1mm B 1/ DB C1#mm B 2), and risk DB management (om+ines severity and pro+a+i,ity 0a(tors to prioriti2e a,, (ompany risks. 7"e pro+a+i,ity (ontin**m permits *s, a,+eit s*+Ae(tive,y, to 3*anti0y potentia, risks 0rom events t"at "ave rare,y or never o((*rred eit"er in -,,inois )o1er8s e@perien(e or t"at o0 ind*stry in genera,. Later p"ases o0 t"e pro(ess a,,o1 0or more o+Ae(tive pro+a+i,ity (a,(*,ations. 7"e risk ana,ysis p"ase (on(,*des 1it" t"e risk management sta00 revie1ing t"e departments8 data and iss*ing reports to senior management and department "eads. &E;'-9:R-;= &E;7REL 7:&>;-FG:' En(e t"e risks 0a(ing t"e (ompany "ave +een identi0ied, t"e departments are en(o*raged to *se +rainstorming, story+oarding or any ot"er idea generating met"ods disregarding momentari,y t"e (ost or appropriateness o0 any met"od to (ome *p 1it" a 1ide se,e(tion o0 mitigation te("ni3*es t"at mig"t +e s*ita+,e 0or t"e identi0ied risks. 9epartments are a,so asked to identi0y risks 1it" ade3*ate mitigation pro(ed*res in p,a(e. -0 t"e vi(e president responsi+,e 0or t"e 0*n(tion t"at 5o1ns5 a parti(*,ar risk agrees t"at t"e risk is ade3*ate,y (ontro,,ed, no 0*rt"er a(tion is ne(essary *nti, t"e monitoring p"ase. >o1ever, de(isions a+o*t t"e ade3*a(y o0 e@isting mitigation te("ni3*es are de0erred *nti, t"e idea generating pro(ess is (omp,eted and potentia, ne1 te("ni3*es are revie1ed. -denti0ying 5(ontro,,ed risks5 red*(es t"e n*m+er o0 risks to +e pro(essed in t"e mitigation se,e(tion and imp,ementation p"ases.

    Risk s"arers departments t"at 1o*,d +e a00e(ted +y a risk +*t 1o*,d not "ave dire(t responsi+i,ity 0or it are a,so identi0ied. .or e@amp,e, ,oss o0 (omm*ni(ation 0a(i,ities (risk) +y t"e :nergy Management 9epartment (risk o1ner) (o*,d pre(,*de t"e =as '*pp,y 9epartment (risk s"arer) 0rom monitoring its nat*ra, gas storage 0ie,ds. 7"is p"ase e,iminates d*p,i(ate risks and risks t"at are more appropriate,y de0ined as s*pervisory ("a,,enges (s*(" as ,ate reporting) and, +ased on ne1 in0ormation, (an do1ngrade risks previo*s,y (,assi0ied as maAor. 7"e responsi+,e vi(e president is asked to state 0or ea(" risk a post ,oss goa,: t"e (ompany8s or department8s minim*m a((epta+,e (apa+i,ities 0o,,o1ing t"e o((*rren(e o0 an event. 7"e goa, g*ides departments in deve,oping and se,e(ting appropriate mitigation te("ni3*es and "e,ps ens*re (ontin*ity o0 operations and sta+i,ity o0 (as" 0,o1s. ':L:&7-;= R-'? &E;7REL' )roposed mitigation te("ni3*es are s*+Ae(ted to a reasona+,eness test and a t"oro*g" e(onomi( eva,*ation. 7"e reasona+,eness test re3*ires t"at 1e ans1er pragmati( 3*estions s*(" as: 4re t"e reso*r(es avai,a+,eH Ii,, t"e te("ni3*e 1orkH 7"e e(onomi( ana,ysis in(,*des (omp*ting an interna, rate o0 ret*rn and a net present va,*e 0or ea(" te("ni3*e, (omparing t"ese to t"e *nmitigated ,oss ,imits and prioriti2ing t"e te("ni3*es +ased on t"eir prod*(tive va,*e to t"e entire mitigation pro(ess. 7"e ana,ysis serves to A*sti0y +*dget re3*ests, 0*rt"er va,idate te("ni3*e se,e(tions and en(o*rage greater risk taking. 7"e reasona+,eness test and t"e e(onomi( eva,*ation a,so make it possi+,e to identi0y *nmitiga+,e risks. 7"e (ompany may e,e(t not to mitigate a risk 0or a variety o0 reasons. -n some (ases t"ere may not +e s*00i(ient reso*r(es (i.e., sta00ing, do,,ars or ins*ran(e), 1"i,e in ot"ers mitigation may +e r*,ed o*t 0or pra(ti(a, or e(onomi( reasons (i.e., a mitigation p,an t"at (a,,s 0or terminating a re3*ired servi(e or 1"ose (ost e@(eeds t"e ,oss ,imits 1o*,d +e deemed impra(ti(a,). 9eve,oping a response p,an is a pra(ti(a, a,ternative 0or dea,ing 1it" many *nmitiga+,e risks. -n a +road sense t"is (an +e (onsidered mitigation in t"at it "e,ps ,imit additiona, damage. Gnmitigated sit*ations 0or(e t"e (ompany to ass*me greater risk, +*t a0ter (ond*(ting t"e ana,yses in t"is step, 1e engage in in0ormed risk taking. -M)L:M:;747-E; 7"e departments a,,o(ate reso*r(es, (ommit to an imp,ementation timeta+,e and deve,op meas*rement standards 0or eva,*ating t"e mitigation te("ni3*es +eing imp,emented. Be(a*se re3*ests 0or mitigation 0*nding (ompete 1it" re3*ests 0or operating 0*nds, management8s (om0ort ,eve, 1it" risk taking is revea,ed at t"is point. Reso*r(es (an +e (ommitted at t"e (orporate or departmenta, ,eve,, depending on t"e (orporate (*,t*re.

    9eve,oping meas*rement standards re3*ires parti(*,ar attention 0rom t"e risk management sta00 +e(a*se managers, eager to take a(tion a0ter mont"s o0 st*dy and ana,ysis, may 0o(*s more on imp,ementing mitigation te("ni3*es t"an on ga*ging t"eir e00e(tiveness. Meas*rement standards s"o*,d eva,*ate t"e degree to 1"i(" a mitigation te("ni3*e red*(es a risk8s severity andJor pro+a+i,ity. :va,*ating mitigation 0or risk events t"at "ave never o((*rred 1i,, a,1ays present a parti(*,ar ("a,,enge, +e(a*se t"ere is no e@perien(e on 1"i(" to +ase A*dgments. 4,so, t"e 0a(t t"at a risk event "as not o((*rred s"o*,d not +e *nderstood to mean t"at t"e mitigation te("ni3*e in p,a(e to (ontro, it is e00e(tive. .or e@amp,e, t"e 0a(t t"at a gas *ti,ity "as not e@perien(ed a maAor e@p,osion 0or many years s"o*,d not ne(essari,y ,ead t"e *ti,ity to in0er t"at its mitigation p,an "as prevented s*(" an e@p,osion. ME;-7ER-;= 7"e 0ina, p"ase o0 t"e pro(ess *nder,ines 1"y t"e Risk Register is an ongoing and dynami( pro(ess. Monitoring m*st +e (ontin*a,/ risks t"at are *nmitigated and t"ose designated as 5maAor5 are revie1ed ann*a,,y. .or ot"er risks, departments designate a revie1 period, eit"er ann*a, or +iennia,. 'it*ations designated 5(ontro,,ed risks5 are a,so revie1ed periodi(a,,y to determine 1"et"er t"e mitigation met"ods are sti,, e00e(tive. -n some (ases, ("anges in operations may rede0ine t"e risk, t"*s re3*iring di00erent mitigation te("ni3*es. 7"e risk management sta00 provides t"e departments 1it" risk overvie1s in(,*ding insig"ts gained 0rom -,,inois )o1er8s vario*s departments, ot"er *ti,ities andJor ind*stry in genera,. -n t"e overvie1, t"e sta00 (an raise 3*estions a+o*t emerging or ("anging risks, s*ggest possi+,e mitigation te("ni3*es andJor re(ommend de,eting a risk 0rom t"e pro(ess. 7"e monitoring pro(ess e3*ips t"e sta00 to ga*ge mitigation e00e(tiveness and oversee t"e imp,ementation s("ed*,e. -t a,so ena+,es t"e risk management sta00 to "e,p +a,an(e t"e (ompeting 0*nding needs o0 mitigation and operations. -,,inois )o1er8s e@perien(e 1it" t"e Risk Register so 0ar a00irms t"e importan(e o0 invo,ving department "eads 0rom t"e o*tset and "aving t"e vi(e presidents de0ine t"eir risk to,eran(e +y designating post ,oss goa,s. 7"e pro(ess is +ene0i(ia, even 0or t"ose 1"o parti(ipate "a,0 "earted,y. 4*@i,iary re1ards in(,*de improved (omm*ni(ations among departments, in(reased disaster re(overy p,anning, management ski,, deve,opment and +etter +*dget p,anning. J. Barry Leonard, 4RM, is administrator, ,oss (ontro,, 0or -,,inois )o1er &ompany, an investor o1ned gas and e,e(tri( *ti,ity +ased in 9e(at*r, -L.

    You might also like