640 likes | 1.64k Vues
Risk Management Workshop. 21 st May 2008. Definitions. RISK – “events that may prevent achievement of your objectives” RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption”
E N D
Risk Management Workshop 21st May 2008
Definitions RISK – “events that may prevent achievement of your objectives” RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption” RISK ASSESSMENT – “The systematic process of identifying and analysing risks”
Why Manage Risks? • Some Risk Control Failures: • Barings Bank • Mirror Group Pensions • Zeebrugge Ferry • Enron • Harold Shipman • Northern Rock
From: The Times October 10, 2007 Northern Rock had not had a full check-up for 18 months, FSA admits Patrick Hosking, Banking and Finance Editor Northern Rock had not been subjected to a thorough supervisory healthcheck for 18 months when it imploded in August, the City’s main regulator admitted to Parliament yesterday. During two hours of tough questioning by MPs on the Commons Treasury Committee, representatives of the Financial Services Authority (FSA) conceded that it had incorrectly assessed the risk in Northern Rock and admitted that damage had been done to the financial system under its watch. In a briefing paper given to MPs before the session, the FSA said that the last full risk assessment of Northern Rock bank had been carried out between December 2005 and February 2006. However, a full risk assessment of Northern Rock, known as an “Arrow” review, was carried out only once every three years. Mr Sants told MPs that in the case of Northern Rock, three years had proved too long.
Risk Management is Part of your Internal Control System • Policies and Procedures • Reporting • Business Planning • External Audit • Self Assurance • Third Party Reports • Risk Management Process
5 Stage Process to Risk Management • Risk Policy • Risk Identification • Risk Evaluation/Assessment • Risk Mitigation • Risk Recording & Monitoring
Risk Policy • Vital that NGB’s have a policy for risk management • Explains NGB’s approach to risk management • Outlines roles and responsibilities • Outlines key aspects of the risk management process • Identifies the main reporting procedures • See Appendix 1 for example policy
Risk Identification Areas • Objectives • Governance/Management • Legal • External • Operational • Human Resources • Environmental • Funding • Technological • Financial • See Appendix B for example risks
Risk Evaluation/Assessment • Identified risks are evaluated in terms of: • Probability of risk occurring • Potential impact on objectives • Evaluation helps to: • Prioritize high risks • Filter out low risks • Determine which risks need to be managed • Method: Risk Evaluation Matrix (Appendix C)
Example Risk Evaluation Matrix Impact Probability
Risk Mitigation Methods Transfer (e.g. contracts of insurance, outsourcing) Treat (e.g. introduction of additional controls, operational changes) Terminate (terminate the activity that causes the risk) Tolerate (accept risk level but monitor closely) Responses chosen attempt to reduce risk to an acceptable level
Recording Risks • All identified risks are recorded in a Risk Register which contains the following: • Risk Number/Area/Description • Objective in danger • Responsible person • Risk Likelihood & Impact/Overall Risk Assessment • Control Procedure • Mitigating Action • Residual Risk • Monitoring Process • Further Action Required
Monitoring Current & Future Risks • Risk management should not be an annual exercise. • Risk management should be ‘embedded’ into all operations • Provide risk awareness training • Give responsibility to individuals • Require all new plans/proposals to assess risk • Add risk management issues to agendas • Regularly review and update the risk register
Business Continuity Plan • Objective: To identify the hazards that may affect critical functions or activities and to ensure that these can be reduced or responded to in an effective way • See example Appendix D
The resources in this presentation will be available for download at http://www.welshsports.org.uk