Upload
andrei-craciun
View
1.009
Download
2
Embed Size (px)
Citation preview
An Introduction ToRisk Management
Andrei Crăciunan IV CTI
What is risk?Risk is virtually anything that threatens or limits the ability of a group, community or non-profit organisation to achieve its mission.
What is risk management?Risk management is a process of thinking systematically about all possible risks, problems or disasters before they happen and setting up procedures that will avoid the risk, or minimise its impact, or cope with its impact.
Risk management begins with three basic questions:
1. What can go wrong?2. What will we do to prevent it?3. What will we do if it happens?
Why should we bother with risk management?
1. To ease our job2. For the safety of the people we are “coding” for3. The threat of possible litigation
Risk management systems
Setting up risk management systems is about preparing some written procedures to be put in place to ensure what, how, and when action has been undertaken or is to be undertaken – and by whom.While it is important that our risk management plan takes as many possibilities as possible, it is also important to have system easily understood by the management team.To be effective, it has to be workable.This can be done in three steps:
- step one: making someone responsible for the risk management (risk manager)
-step two: review the group and identify the risks (make him work)
Identifying risk
Risks come in two kinds: risks that apply to every workplace or organisation, and risks that come from doing the particular work you do (the particular project we are dealing with).
Standard risks are:
Occupational health and safety (very important)Financial and administrative risks
We can meet unique risks
Step three (Fix what you can fix)
Change the attitude, the system, the procedures at hazards. “Bugs happen”. It is however important to have a system that minimizes potential damage. Evaluate the effect of the changes. Review them regularly and modify if needed.
obs.! We can’t foresee all possible risks; we must keep in mind that we can face the unexpected. That’s why we need structures that deal with possible errors (try, catch, default – for example). People SUE when they get harmed (physically, or economically).
Evaluating and prioritizing risk
That needs a lot of estimation, but guessing shouldn’t be avoided (it’s better that waiting for something bad to happen in order to be sure of it).
Draw a simple grid.
High probability
Low impact
High probability
High impact
Low probability
Low impact
Low probability
High impact
Managing risk
When we have the table, we should resolve the issues that have the high probability and high impact first. While eliminating, we should constantly keep the reviewing the formed table. We must see which risks can be avoided altogether or eliminated, and we must minimize the loss of those who can’t be eliminated.
We must keep in mind the balance between risk and benefit (if we eliminate a risk, but also an objective – no good) and the balance between risk and cost or convenience (if the task costs more than it damages – no good either).
Insuring against risk
Risk has to be avoided or minimized. If we can’t treat every case scenario (theft, meteorite shower, zombie apocalypse), we can have an insurance. However, insurance is not a substitute for risk management, since it should be done only after we have done everything else.