Role of Manager in Risk Management
Importance of risk Management in an Organization
Modern Risk Management Methods
Impact of Modern Risk Management on an Organization
Centre Point Systems is a large organization involved in the manufacture and distribution of computer hardware and other accessories. Center Point Systems manufactures networking switches, computer systems, printers among other products. Centre Point Systems has a huge employee base of over 1000 dedicated professions spread across five department i.e. administration, sales, human resource, logistics and finance department. Each department has a departmental chief and several operational managers under him or her. This company has an annual turnover of $7,950,000 accrued during the sales of their products around the world.
This report outlines the need to have a risk manager and the importance of risk management in Center Point Systems. The report further outlines tenets of the new international standard which has to be applied to mitigate risks in the organization. Finally, the report will discuss the benefits of adopting modern risk management approaches inn an organization.
A Risk can be defined as probability of an unforeseen catastrophe and its consequences. For established businesses like Centerpoint systems, risk can bring a devastating disaster if left unchecked. Because of the services it offers to its client around the world and the focus it places on growth and expansion, a risk manager is a necessity. The need for systematic risk management grows with the increase in organizational size. Further, type of business also may warranty keenness on systematic risk management and this has helped centrepoint to value the need of a risk manager.
Systematic risk management helps against any threat to the organization’s operations. Risk managers are an essential resource in an organization as they coordinate risk management related functions in an organization. A risk manager has enormous roles. The first role of a risk manager is to monitor, capture and analyze risks related information (Khatta, 2008, p.3). The capacity to monitor, capture and analyze risk related information makes the risk manager better positioned as spokesperson for organization. Therefore, the second responsibility of a risk manager consists in being a spokesman for an organization or program where major reviews and reporting is of essence (Khatta, 2008, p.5).
The next role of risk manager is planning for risk mitigation. The information gathered by risk managers is used in planning for risk mitigation. It means that from the data collected and analyzed, forecasts into possible risks and their characteristics are made. The risk forecasts help in planning for risk management or mitigation.
The final role of the risk manager is to ably apply his or her expertise and implement systems that ensure organizational or operational safety. This involves working closely with other departmental heads to ensure that all systems are working to the required standards and where there is a problem the risk manager applies expertise and models to devise remedies (Khatta, 2008, p.7).
The risk manager also ensures awareness about risks is enhanced in an organization. These can be done through formal training or organizing meetings at which risks are discussed. Such measures help to ensure that there is continuous improvement of safety measures in an organization. Furthermore, it also ensures all employees are involved in risk management thus yielding good results in the organization.
Risk management is an important issue that has to be looked into by each organization’s management. Risk Management utilizes the right procedures and processes to manage the occurrence of risks. An organization can be safeguarded and increase its survival rate by having in place an elaborate and efficient risk management policy to guide operations. By prompt identification of risks, prior to occurrence, organizations have an opportunity and space to adjust and to instigate solutions.
Risk management encompasses a number of actions. The concern in risk management is risk identification (Khatta, 2008, p.10). Risk identification involves the process of locating, recognizing and analyzing risks. It encompasses factors such as identifying risk sources, events associate with it, the causes and the consequences the risks might have on an organization. Risks can be clearly identified by using forecasting bases such as historical data, informed or expert opinions, theoretical analysis and involving stakeholders e.g. employees in brainstorming sessions.
The second aspect of risk management is risk analysis. Risk management helps in documenting all possible risks that an organization can face or has faced. Such risks may be strategic, financial, safety related or operational, among others. Through analyzing the causes or sources of risks, an organization can apply prompt measures to protect itself hence improving its survival mechanisms and ensuring success is achieved. In the long run, risk management plays an integral responsibility of facilitating strategic planning and change management.
Once risks have been analyzed, ways of dealing with them are instituted. Risk management clarifies the essence of how to tackle the risks that are prevalent in an organization. Each risk is evaluated and possible ways of dealing with it advanced. From the different possible management ways, the best is chosen and implemented.
Further, proper risk management, helps an organization to make informed decisions and choices and prioritize the courses of action incase instituted measures or process do not work (Khatta, 2008, p.13). Having alternative courses of action is critical towards ensuring business recovery is guaranteed. Therefore, risk management is very important because it assists organization in business recovery planning. Risk management stipulates and outlines the framework of disaster planning and helps to minimize the effect of disaster in an organization. Policies and equipment are very important in an organization and hence when a disaster strikes, a devastating impact can be felt. Risk management helps to prevent this scenario from happening by having clear and elaborate policies and frameworks in place (Khatta, 2008, p.18).
In this information age, data security is of critical concern in organizations. Risk management helps organization avoid information security related risks such as scam. Risk management focuses and discusses more to do with scams and the effect that it would have on an organization. It provides an elaborate framework which can be used by an organization to avoid incidences of scams. This involves providing mechanisms to investigate the scam source, filtering the information and maintaining records of the filtered information to keep track of the same in the future.
Risk management is not just about threats from the external environment. It also ensures internal sources of risks are well looked into. One example of internal risk is shop theft. Risk management looks into effects of internal customer misconduct on an organization and devises ways of dealing with such. For example, insurance can be taken against internal theft.
To effectively handle risk management, new risk management standards have evolved to keep track of modern technological changes. New methods to aid in risk management have been developed to facilitate effective risk management in organizations. These standards have simplified work and made project and organization risk management simple.
One of the modern international risk management standards is the AS/NZS ISO 31000 standard (Khatta, 2008, p. 39). This is an enhancement of the previous, AS/NZS 4360 standard. It is a standard that has been developed to aid both private and public organization on risk management. This standard has been tailored specifically for risk management. The standard is well structured and is viable for achievement of needed results in any given project. Five important steps are involved in risk management using AS/NZS 31000 standard. The initial step is the establishing of objectives and situations for risk management. The second step is to identify the risks. The third step involves analysis of the possibilities of risk occurrence and their consequences as well as estimating the risk level. The fourth step is evaluating and placing the identified risks according to their levels. Finally, the fifth step consists in dealing with the risks using the most suitable options and measures (Khatta, 2008, p. 47).
This standard has been known to be easy and simple and is used often where the type of project is simple to implement and follow. Moreover, it is used to support different levels of risks. The standard is used with a wide spectrum of organizations globally. The disadvantage of this standard is that its implementation does not accommodate assessment of risks.
AS/NZS 31000 risk management standard specifically handles risks. It is recognized worldwide and used by many organizations. It is a strategy that was developed to be used by private and public organization thus it is flexible and can be used in any organization. The standard involves a small team to conduct risk management. Moreover, inputs to the project are only obtained by the appropriate teams in the project. The method is structured and can be used for any project in an organization. The standard has flexibility that suits the objectives of any organization (Khatta, 2008, p. 53).
Implementation of AS/NZS 31000 standard is very cost effective. The risks and measures taken are attended to basing on priorities. The standard is detailed but suitable for a government organization or agencies which deal with risk control, maintaining of budgets and data security, which is the priority. The standard requires users to be trained because it is comprehensive
The introduction of AS/NZS 31000 within an organization should be included during the planning of the project because it involves change of roles and responsibilities of personnel. Therefore, management has to take a very significant role of communicating continuously to the organization employees. In addition, management constantly plays the role of delivering policies to the staff.AS/NZS 31000 requires input from staff and project managers (Lam, 2003, p. 99).
The introduction of the new methods of risk analysis in organizations impacts positively on the organizations. The new standard has transformed how businesses and organization function and operate. One of the important contributions of the new standard in organizational management is continual improvement. The new system enhances continuous improvement with regard to risk management by outlining and setting an overall picture of an organizations performance. When this standard is adopted, the performance objectives of the organization and individual managers are calculated. It narrates the transparency performance of an organization where goals of the organization are published and communicated to stake holders regularly for review (Khatta, 2008, p.75). The risk management performance assessment is a vital aspect of an organization’s growth and is used to quantify the quality of the system, departments and the individuals involved.
The second impact of the new risk management standard to an organization is full accountability for risks. Full accountability for risks involves an established risk management system that delineates clearly all individuals’ responsibility in relation to identified risks. It also outlines the control actions that ought to be taken by responsible parties. The individuals involved have to liable and accept the responsibility of what happens. They should have appropriate ability, skills and resources to confirm and analyze controls, monitor risks and disseminate information elaborately about the risks and the management required to both external and internal stakeholders (Lam, 2003, p. 48). This can be achieved by members of an organization becoming conscious of the risks, controls and the available tasks for which they can be held responsible.
To achieve accountability in an organization description of job positions, available databases and information systems have to be elaborate and clear. The definitions of risk management responsibilities and accountabilities should be planned early enough as part of inducting new employees in an organization. This ensures that every employee knows his or her role to play in an organization. Accountability in an organization is important because it helps an organization to trust individuals with authority, time, resources and skills which are sufficient to take over their duties with fortitude and integrity (Khatta, 2008, p.93).
The third implication of the modern risk management standard to an organization is decentralizing decision making. Decision making involves taking into account risks and the application of risk management to a certain extent. Instead of decision making being a preserve of top management, lower cadre employees are empowered to make risk related decisions in their daily work.
The fourth implication for modern decision making in an organization is continual communication. Enhanced risk management supports continual communicationboth internally and externally with the stakeholders. This entails constant reporting of risk management performance which enhances good communication arrangement and governance (Khatta, 2008, p.102). This in some cases can involve communicating with stakeholders as an essential opportunity for risk management. Communication has been seen as a two way process, a correct decision is made at the highest level when the correct information is communicated and hence the right remedy is instituted for its treatment under an elaborate and complete framework. Elaborate and efficient internal reporting on significance of risks and risk management performance contributes an important role to effectively manage an organization and ensure that growth and development is achieved (Lam, 2003, p. 6).
The last impact of adapting modern risk management standards in an organization is on integration within the organizational structure. Risk management has been viewed as an integral aspect of an organization management structure. A risk therefore is considered in terms of effects of improbability on objectives. The governance of an organization has to be hinged on risk management. Therefore, effective risk management is the most important and indispensable duty of every manager in order to improve an organizations goals and objectives (Khatta, 2008, p.112).
In conclusion, risk management is an integral part of every organization. For any large organization to realize growth and developments, without having to deal with unanticipated changes or disasters, systematic risk management has to be embraced. Systematic risk management requires that risk management experts are brought on board and risk management teams formed. The risk managers help in development of clear policies to guide the risk management process. The risk managers also help in monitoring, identifying and documenting all risk related facts. This information is later used to improve processes and operations.
Apart from bringing expert risk managers on board, it is imperative on organizations to adopt new international risk management standards. The international risk management standards, as discussed, impact on organizations very positively. For instance, being an international standard, it helps organizations gain international recognition. This recognition helps in making the organization trustworthy in the eyes of other organizations that are risk sensitive. As a result, an organization’s business prospects and survival chances are enhanced enormously.
Khatta, R., S., 2008,Risk Management, Global India Publications, New Delhi.
Lam, J., 2003, Enterprise Risk Management: from Incentives to Controls, John Wiley and Sons, New Jersey.