Risk Management is the name given to a logical and systematic method of identifying, analyzing, treating and monitoring the risks

involved in any activity or process.

What is Risk Management?What is Risk Management?What is Risk Management?What is Risk Management?

The Risk Management process:

Establish the contextEstablish the context

Identify the risksIdentify the risks

Analyse the risksAnalyse the risks

Evaluate the risksEvaluate the risks

Treat the risksTreat the risks

Mon

itori

ng

an

d r

evi

ew

Mon

itori

ng

an

d r

evi

ew

Com

munic

ati

on &

consu

ltati

on

Com

munic

ati

on &

consu

ltati

on

‘Risk’ is dynamic and subject to constant change, so the process includes continuing:

Communication & consultationCommunication & consultation

Monitoring and reviewMonitoring and review

and

The Risk Management process:

The strategic and organisational context in which risk management will take place.

For example, the nature of your business, the risks inherent in your business and your priorities.

Communicate & consultCommunicate & consult

Establish the contextEstablish the context

The Risk Management process:

Communicate & consultCommunicate & consultMonitor and reviewMonitor and review

Analyse the risksAnalyse the risks

How likely is the risk event to happen? (Probability and frequency?)

What would be the impact, cost or consequences of that event occurring? (Economic, political, social?)

NextNextNextNext

The Risk Management process:

Communicate & consultCommunicate & consultMonitor and reviewMonitor and review

Evaluate the risksEvaluate the risks

Rank the risks according to management priorities, by risk category and rated by likelihood and possible cost or consequence.

Determine inherent levels of risk.

NextNextNextNext

The Risk Management process:

Communicate & consultCommunicate & consultMonitor and reviewMonitor and review

Defining types of risk, for instance, ‘Strategic’ risks to the goals and objectives of the organisation.

• Identifying the stakeholders, (i.e.,who is involved or affected).

• Past events, future developments.

Identify the risksIdentify the risks

NextNextNextNext

The Risk Management process:

Treat the risksTreat the risks

Develop and implement a plan with specific counter-measures to address the identified risks.

Consider:

• Priorities (Strategic and operational)

• Resources (human, financial and technical)

• Risk acceptance, (i.e., low risks)

The Risk Management process:

Document your risk management plan and describe the reasons behind selecting the risk and for the treatment chosen.

Record allocated responsibilities, monitoring or evaluation processes, and assumptions on residual risk.

Communicate & consultCommunicate & consultMonitor and reviewMonitor and review

Treat the risksTreat the risks

NextNextNextNext

The Risk Management process:

Communicate & consultCommunicate & consult

Risk Management policies and decisions must be regularly reviewed.

Risk Management policies and decisions must be regularly reviewed.

Monitor and reviewMonitor and review

In identifying, prioritising and treating risks, organisations make assumptions and decisions based on situations that are subject to change, (e.g., the business environment, trading patterns, or government policies).

Risk Management OptionAvoidanceControlAssumptionRisk TransferKnowledge & Research

AvoidanceUse an alternate approach that does not have the risk. This

mode is not always an option. There are programmes that deliberately involve high risks in the expectation of high gains. However, this is the most effective risk management technique if it can be applied.

ControlControlling risks involves the development of a risk reduction

plan and then tracking to the plan. The key aspect is the planning by experienced persons. The plan itself may involve parallel development programmes, etc.

AssumptionSimply accepting the risk and proceeding. However, there

can be a tendency within organisations to gradually let the assumption of a risk take on the aura of a controlled risk.

Risk TransferMeans causing another party to accept the risk, typically by

contract or by hedging. Liability among construction or other contractors is often transferred this way.

Knowledge & ResearchThis mode is not "true" risk handling, but rather a technique

for strengthening other techniques.

The Principles of Risk Management

Every project manager and business leader needs to be aware of the practices and principles of effective risk management. Understanding how to identify and treat risks to an organisation, a programme or a project can save unnecessary difficulties later on, and will prepare managers and team members for any unavoidable

Organisational ContextStakeholder InvolvementOrganisational ObjectivesM_o_R ApproachReportingRoles and ResponsibilitiesSupport StructureEarly Warning IndicatorsReview CycleOvercoming Barriers to M_o_RSupportive CultureContinual Improvement

A fundamental principle of all generic management methods is that all organisations are different. Project managers, programme managers and risk managers need to consider the specific context of the organisation in order to ensure thorough identification of risks and appropriate risk treatment procedures.

Organisational Context

•It is easy for a management team to become internalised and forget that stakeholders are also key participants in everyday business procedures, short-term projects and business-wide change programmes.

•Understanding the roles of individual stakeholders and managing stakeholder involvement is crucial to successful. Stakeholders should, as far as is appropriate, be made aware of risks to a project or programme.

Stakeholder Involvement

•Risks exist only in relation to the activities and objectives of an organisation.

Example :- Rain is a negative risk for a picnic, a positive risk for drought-ridden farmland and a non-risk for the occupants of a submarine.•It is imperative that the individual responsible for risk management understands the objectives of the organisation, in order to ensure a tailored approach.

Organisational Objectives

The processes, policies, strategies and plans within the M_o_R framework provide generic guidelines and templates within a particular organisation.These guidelines are based on the experience and research of professional risk managers from a wide range of organisations and management backgrounds.Following best practices ensures that individuals involved in managing the risks associated with an organisation's activity are able to learn from the mistakes, experiments and lessons of others.

M_o_R Approach

Accurately and clearly representing data, and the transmission of this data to the appropriate staff members, managers and stakeholders, is crucial to successful risk management.

Reporting

•Fundamental to risk management best practice is the clear definition of risk management roles and responsibilities.

•Individual functions and accountability must be transparent, both within and outside an organisation

Roles and Responsibilities

A support structure is the provision within an organisation of standardised guidelines, information, training and funding for individuals managing risks that may arise in any specific area or project.This can include

a centralised risk management teamstandard risk management approachbest-practice guidelines for reporting and reviewing organisational risks

Support Structure

This establishes the regular review of identified risks and ensures that risk managers remain sensitive to new risks, and to the effectiveness of current policies.

Review Cycle

A supportive culture is essential for ensuring that everybody with risk management responsibilities feels confident raising, discussing and managing risks.A supportive risk management culture will also include evaluation and reward of risk management competencies for the appropriate individuals.

Supportive Culture

Types of Risk

TYPES OF RISK

Liquidity Risk

Credit Risk

Market RiskIndustry &

Service Risk

Management & Operational

Risk

Political Risk

Legal RiskSystem Risk

Disaster Risk

INDUSTRY AND SERVICE RISK

Economic Risk

Service Risk

Market Structure

Business Dynamics

Competion Risk

Customer Relation Risk

MANAGEMENT AND OPERATIONS RISK

•Risk to property

•Changes in technology

•R&D Risk

•Personal Risk such as Labour Turnover, training risk etc

•Enviromental and Pollution control

MARKET RISK

•Raw material rates

•Quantity,Quality,Interest rates etc

•Elections

•War Risk

•Country and Area Risk

•Insurance Risk like Fire,Strikes etc

•Fiscal/Monetary Policy Risk including Taxation Risk

POLITICAL RISK

•Credit Worthiness risks

•Provisions for doubtful and bad debts

CREDIT RISK

•Financial Solvency and Liquidity Risk

•Tax Risks

•Borrowing limits,delays

LIQUIDITY RISK

•Natural Risks

•Man made Risks

DISASTER RISK

•System Capacity

•System Reliability

•Data Integrity

SYSTEMS RISKS

Operational Risk

Four Principles of ORM

•Accept risk when benefits outweigh the cost.•Accept no unnecessary risk.•Anticipate and manage risk by planning.•Make risk decisions at the right level.

HR Related Risks IntegritySkills- confidence level-difficult to adjust-stress-

change managementRecruitment & Retention-costObsolescence and reskilling Industrial Relations-redeployment- impacting

operationsAgeing profile

LEGAL RISK

Environmental risk

Employee liability

risk

Product liability

risk

Compliance default

risk

Tax compliance

risk

Product liability risk Manufacturing companies are exposed to this risk. The risk is

minimized by outsourcing the work. Employee liability risk This relates to the deduction and payments of employee welfare

statutory dues like provident fund, ESI contribution, bonus, gratuity, wages etc. Further, the obligation to provide equal opportunity to all is a vital area.

Compliance default risk This is one major area where most of the companies are caught in

the wrong foot. A company is required to comply with the provisions of various laws e.g. Companies Act, Income tax Act, Labour legislation and industry specific special legislation such as Banking Regulation Act by banking companies, Electricity Act by electricity companies etc.

Tax compliance risk Tax is a governmental due and timely payment of tax is a must for

a company. Environmental risk The protection of environment is a vital issue and companies are

required not to create environmental hazards. Pollution control measures are prescribed for protecting the environment.

IPR protection risk Intellectual Property Rights protection is a major risk for many

companies especially in the knowledge and R&D sector.

TATA CORUS

Types of RisksIndustry & Services Risks

Business dynamics : Globally the steel manufacture has undergone a major churning by way of M&A resulting in fewer players in the industry.

Economic risks: Corus is very strong in the manufacture of steel for packaging and transportation sectors and the industry demand from these sectors can cause worry.

Services risks: Market structure: Steel Industry is a industry

that is susceptible to cyclical ups and downs in tune with global economic trends.

Competition Risks: Competition from existing steel players like Arcelor Steel, Thyssen Krup Stahl is a risk in this category.

Customer Relation Risk: Tata and Corus enjoy an excellent reputation in the eyes of all stakeholders and there is no CR risk.

Management and Operations Risks: There are no major management and operations risk as there is no:Risk to property Risk because of clear and well defined work

processes Risk due to changes in technology /upgradation as

the Corus plant at Ijumuiden in Netherlands is one of the most energy-efficient plants in the world.

R & D Risks Agency Network Risks Personnel Risks as Tatas have a benevolent image

among their employees.

Environmental and Pollution Control

Regulations Location risk as their plants are located close

to their markets

Market Risks Raw Material Rates: The Steel Industry is

facing spiking of raw material prices viz. availability of good quality iron ore, coking coal etc.

Quantities, quality, suppliers, lead time, interest rates risks and forex risks viz. fluctuation of currency, interest rate risks.

Political risks There are no political risks to Tata Corus as

the acquisition of Corus was expected to get regulatory approval.

Credit riskThere is no credit risk likely to be encountered by the merged entity.

Disaster risksThere are no disaster risks likely to be encountered as the plants located in Europe are fully equipped to cope with any eventuality.

System risks The system risks that are being encountered are

that the system capacities are dedicated towards a narrow segment of the market which requires specialized needs.

Legal risks Legal risks like contractual risk arising out to

employee security benefits will be a major legal risk.Financial Risk The takeover was done at a higher price (of 608

Pence per Share) and this can be drag on the balance sheet of Tata Steel .