Free Risk Management Strategies Essay Sample
Salmonella is a bacterium that can cause infection to humans through food, domestic animals and animals. In the year 1995, the government of Finland set up the National Salmonella Control Programme tasked with reducing the number of human salmonella infections, especially from food. This programme was supposed to remove salmonella infected poultry from the production chain and study heat treatment of meat of already infected flocks. It was thought that the two interventions would contain salmonella prevalence.
The poster in the next page summarizes the risk evaluation process that was applicable in the risk management process of Salmonella. The risk evaluation follows through five stages; scientific knowledge, regulations, process understanding, risk assessment and patient protection.
The National Salmonella Control Programme had to understand first and foremost how salmonella is transmitted. They had to research extensively so that they get the basic understanding and knowledge of the disease and transmission mechanism.
Finland’s Ministry of Agriculture and Forestry was the regulating body, under the supervision of the government and the EU. This was necessitated by the fact that the interventions were stricter than the EU laws at the time. Interested parties like farmers and consumers were incorporated in the programme.
The fact that the programme was to work on two interventions only provided the basis of its activities. It had to stick to its core mandate. It had to find out if the interventions were appropriate.
The risk assessment was the most important part. This is because the programme had to come up with adequate interventions that would indeed reduce the prevalence rates of salmonella. They had to assess if the interventions were appropriate and justifiable. Quantitative assessment was applied, using simulation.
The last stage in the evaluation was patient protection. This was the main purpose of the process. The programme had to evaluate if the interventions would eventually protect the people, and especially the farmers. This paper discusses risk management and will be referring to the salmonella practice. All the information pertaining to this case was provided by Markus Porthin 2004.
Risk management can be defined as the process whereby an individual, company or business identifies, tries to quantify and tries to find a solution to a possible loss that may be incurred in the near future. The outcomes of most business and company activities tend to be uncertain and, hence may have some risks which may affect the functioning of a business or company. Risks can range from strategic and/or operational failures on the part of the business, financial failures, external factors such as political instabilities and recession, environmental and natural disasters, and government policies (Lexicon). This paper will demonstrate and analyze core risk, safety and governance issues in relation to a single case study.
Application of Risk Management
Risk management is applied in almost all sectors of the society and economy. This is because risks arise almost all activities of both individuals and businesses. It is common practice for homes to also take on risk management that may arise due to the economic uncertainties like price changes and inflation. This underscores the importance of risk management in the day to day running of a company. The following section analyses some sectors where risk management is of a paramount concern.
Many commercial banks derive a large portion of their revenues from lending loans to the people or organizations. Loans to customers represent the basic significant asset of almost all commercial banks. However, credit risk has always been the main risk that banks have had to face in their functioning. These banks always run the risk of experiencing bad debts, where the loanees simply don’t pay up, disappear or lose all their assets and, hence can’t manage to service their loans. It is important for all banks to factor in such cases in all their activities and expect that some loans won’t be repaid. A bad debt simply means that the bank has incurred a loss. Therefore, most banks take pre-emptive measures against bad debts so that such losses are minimized and they are not affected that much by them.
Oil production faces a lot of risks. For example, many oil producing regions are always prone to terrorist (especially in the Middle East) and criminal activities (Nigeria). Oil companies in these areas have to prepare themselves for these eventualities. Other risk factors that they encounter in the course of their activities are the possible depletion of oil or gas resources, political instabilities, oil price constant fluctuations, natural hazards like storms, employee revolts, government policies and interference in the supply chain. Risk management for these companies becomes even more important as they can incur massive losses if these risk factors indeed happen while they were unprepared (Al-Thani, 2008).
Plantation agriculturalists always run the risk of unfavorable weather conditions, pests and diseases and human-animal conflicts. Additionally, they can experience low harvests. For farmers specializing in animal husbandry, their animals can be attacked by diseases or insects that will drastically reduce their productivity. Therefore, it is crucial that all these farmers take up risk management before deciding their next move so as to avoid or minimize losses.
Health care issues are fundamental for human survival. However, human beings and animals are prone to many diseases that may be caused by different factors. When an epidemic occurs, loss making is inevitable due to treatment expenses and, in some cases, death. Therefore, health experts always take pre emptive measures to minimize the losses before the disasters occur. It is important for governments and health experts to analyze risks so that the consequences are minimized.
Other sectors where risk management is applied are in the insurance sector, financial institutions, government and public. In fact, all investors have to manage the risks before they invest.
Risk Management Principles
Risk management often involves three steps: risk assessment, risk appetite and risk addressing. In the first step, there are three main principles: a business should ensure that it comes up with a process that analyses the likelihood and impact of each risk, recording of the assessment in such a way that it will make monitoring and identifying risk priorities easier and the business should be clear whether the risk is inherent or residual. Risk assessing evaluates the likelihood of the occurrence of the risk and its possible impact. In most cases, a categorization of the risk factor being high, medium or low is used, in terms of its occurrence and impact.
Risk appetite tends to consider whether the risk is a pure threat or an opportunity. When the risk is a threat, a business compares the cost of limiting the risk to the cost it may incur if the risk occurred without interference. In this case, a business tries to find a balance. If the risk may present an opportunity, a business compares the potential benefits that may be accrued to the potential losses that may be incurred before making a choice.
Addressing the risk is the most crucial part in risk management. In this case, the business will attempt to limit the negative impact of the risk if it is a threat. If the risk presents an opportunity, the business will try to maximize the benefits. Addressing risks is not an easy task and a proper strategy has to be applied. There are five ways in which a risk can be addressed: tolerate, treat, transfer and taking the opportunity.
Tolerating risks means that a business would not take any action as it can cope with the risk or if there is no way that the risk can be tackled. It can also be taken if the cost of averting the risk is disproportionately large. In this case, the business will have to strategize on how it will handle the impact of the risk.
Treating a risk is the commonest way of addressing risks. This involves using strategies that will constrain the risk to a manageable level. The transfer of risks simply means seeking the services of insurance companies or using a third party to take over the risk on the business’ behalf. This is applied mainly when financial or asset risks are concerned or when the third party is more than capable of handling and managing the risk. However, not all risks can be transferred. The salmonella risk management team treated the risk of infection. This was after they came up with a quantitative analysis that showed that the proposed interventions were capable of limiting salmonella infection to humans.
In some cases, a risk can only be constrained or contained if the activity is terminated altogether. This tactic is applied if the impact of the risk is too great for the business. For example, a business can close its activities in an area if a very destructive tsunami has been predicted to hit the area. In such a situation, there are simply no better ways of addressing the risk.
Taking the opportunity can be arrived at if the risk may be having some benefits. Although, the situation may be uncertain and the business can decide to go for more investment as it hopes that the losses will be ably offset by the benefits. However, this strategy can only be applied after a thorough examination of the situation (Orange Book, 2004).
Risk Management Practices
The best and most predominant practice of risk management is where a business promotes a philosophy which stipulates that every employee of the business is a risk manager regardless of his/her rank. This simply means that all employees take responsibility for all their activities and their consequences. This practice is applicable when all the employees fully understand the goals of the business and what is expected of them.
In some businesses, it is always upon the high level management to manage risks. The senior management is charged with providing the guidelines to the other employees regarding risks. The involvement of the other employees is limited.
One of the most effective practices of risk management is where a business opens up all the communication channels so that any information regarding risks is passed up across all the channels: up, down and across. This facilitates the identification and management of risks as information is shared to all employees.
Some businesses have decided to form risk management teams and committees charged with identification and management of risks that may impact on the business. The use of teams is important as, typical with many teams, there is a lot of idea generation and different solution strategies are always proposed. A strategy agreed upon by many people but with the same objective is better if not the best. For instance, in the case of Salmonella, the government had to assign a team to manage the risk of the disease. This proved to be effective as the team concluded that isolation of flock and heat treatment of meat was appropriate. These interventions played a big role in the reduction of prevalence of the disease.
Some businesses have embarked on employing a risk management center specifically charged with managing risks on behalf of the business. Such a task force may be headed by a chief risk officer. The task of the risk management is to provide the leadership, establish and maintain a risk awareness program for the business and all matters that pertain to risk management.
Other popular practices that businesses use are: using internal and external auditors who help in risk management, training all employees about the principles of risk management while some use tools such as business risk maps, workshops, questionnaires, risk scans and assessment templates (TBS).
There are some terminologies that are frequently used in risk management: risk assessment policy, risk profile, credit risk, environmental risk, financial risk, market risk and operational risk. This section defines these terms.
Risk assessment policy is defined as the guidelines for the judging of values and policy choices that would have to be applied at one stage during the risk management process (FAO).
Risk profile is defined as the description of food safety risk and its implications. Credit risk is the economic and monetary loss when a borrower defaults in repaying a loan (FAO).
Environmental risk is the risk arising from the likelihood that a chemical, when exposed to the environment, can cause damage to the health of humans and animals. On the other hand, financial risk is the risk resulting from price changes, liquidity and inflation.
Market risk is the exposure to probable loss arising from fluctuations of market prices or rates. Lastly, operational risk is the risk of loss arising from unsuccessful internal processes, employees and systems. The risk can also arise from external factors (Shinichi et al., 2007).
Risk management is an intertwined complex process that requires the involvement of almost all personnel in the business to participate in. This is because there is no specific pattern that should be followed since every risk is unique and, hence needs its own specific strategy. This section will discuss a conceptual risk management model that is helpful for safety in sports as proposed by Swarbrooke et al. in 2003 and error management models applicable in Aviation.
Swarbrooke suggests that there are four stages in a typical sports safety risk management: risk assessment, risk management strategy, risk address and risk management review. Risk assessment of course evaluates the degree of threat posed by the risk. This can range from being a big threat, a normal threat to an opportunity.
After the risk has been assessed, a proper strategy that conforms to that risk is developed. The strategy should adequately deal with the risk so that its impact is minimized or avoided altogether. In most cases, this is the most challenging part because if the strategy chosen is wrong, the enterprise is bound to make losses. Therefore, the risk management team should take its time at this stage.
After the risk has been assessed and an ideal strategy chosen, the team now embarks on addressing the risk. This is done using the one or a combination of the methods that have already been discussed. This stage is the practical application of the strategy now. If the strategy were chosen correctly, the best decision would be found. Otherwise, the business will run into losses.
Risk management review is the last stage. This is meant to analyze the whole process and review if the risk was indeed averter or minimized. If the objectives were not met, the management knows that it should use a different strategy (Dimitriadi et al., 2007). The NSCP applied this model.
Error Management Model
This model was developed due to the fact that human beings are prone to errors. Errors are normal in day to day life. However, some of these errors may have serious consequences. The threat and error management model attempts to provide a framework that acknowledges the functional context influence on human performance.
The first stage is identifying the latent risks like cultures: national, organizational and professional. They influence the general environment of the company. Another class of threats is solely dependent on the company, environment and crew. These threats directly affect the functioning of the company.
After the identification of threats, the company has to come up with the proper risk management strategies to avert their impact. It should not be forgotten that this is the most important stage in risk management.
The last stage is the proper error management. The errors have to be detected and categorized as being serious, moderate or inconsequential. Once this is complete, the best strategy is applied to manage the error (Aviation knowledge).
Risk Construction and Interpretation
Risk can be magnitude dependant, value based and time dependant. The magnitude arises when there are some benefits associated with the risk. The value associated with the risk may vary from business to business. There are some qualitative ways that can be used to construct and interpret risks. The most basic qualitative is assigning risks as high, medium or low. However, this assessment is subjective and, hence subject to misinterpretations.
The most efficient quantitative way of assessing risks is by assigning probabilities to the various risk factors. For each factor, a business should determine the likelihood of the factor occurring, evaluate the magnitude if the risk factor occurs and determine the overall impact of the factor by multiplying the magnitude and likelihood. This score is then interpreted. A categorization of highly likely (a very high chance of occurring); likely (more than 50% chance); somewhat likely (slightly less than 50% chance); unlikely (a small chance); very unlikely (not expected to happen) and extremely unlikely (very surprising if it happens) can be used. Probabilities and magnitude are assigned categorically.
The results can be interpreted as follows: disastrous (impact is totally unacceptable), severe (serious threat), substantial (considerable cost), moderate, marginal and negligible. A risk that is disastrous should be avoided at all costs. A severe one, on the other hand, should be constrained. However, for the remaining categories, the business should just apply better strategies as the risk can be managed.
Some of the commonest techniques applied in risk management are decision trees, questionnaires, life cycle cost analysis and computer simulation. In each case, the business tries to come up with the best possible way of dealing with the risk. However, objectivity and consistency is the key during the analysis so that the true picture is painted and the best solution is found (Abourizik).
The NSCP used Bayesian inference and Monte Carlo simulation models. The parameters and distributions were assessed with the help of available data and experts. The computations were done with the help of WinBUGS, Matlab and @RISK. The probability distributions were then calculated assuming different scenarios. Quantitative results then proved that the two interventions reduced the prevalence of salmonella.
Risk Management, Strategy and Governance
All businesses have to encounter risk management during the course of their activities. In fact, it is a key part in any business strategic management. In essence, risk management forces businesses to address risks that may impact on their activities so that they achieve sustained benefits for all their activities. A good strategy in risk management will attempt to identify and treat these risks before the company is forced into making losses. This strategy should maximize the values of the business’ activities. It should also lead to the understanding of potential losses or opportunities of all the risk factors that may affect the business. A good strategy strives to raise the probability of success while at the same time lowering the probability of failure. Additionally, it works alongside the goals of a business so that it facilitates their achievement.
Risk management is a never ending and developing phenomenon that runs through a business strategy and it plays a major role during the implementation of the strategy. Therefore, it has to be incorporated into the culture of the business that has an effective policy and strategy. This simply means that the senior management and leaders of a business cannot shy ways from risk management. This is because they are the ones charged with the sole purpose of ensuring that the business is heading in the direction by generating profits. The senior management has to come up with workable and operational strategies. It has also to lead the way during risk management by assigning all employees’ roles such that everyone plays a part in risk management. This simply means that everyone in the business takes risk management has a part and parcel of his/her job. This can only be achieved if the management opens up all communication channels for free sharing of information. When such environment is in place, accountability and performance is enhanced among all the spheres of the business. In such an instance, risk management becomes easier and efficient for the benefit of the business (IRM, 2002).
Hazard and Risk
A hazard can be defined as a potential or actual danger. It can be an item or a process that may lead to a possible danger. On the other hand, a risk is a situation or process involving exposure to a hazard, hence danger. Injury from a risk may vary in gravity. Although these two come with some of injury or loss, they are almost inevitable in the day to day activities of an individual and business.
There are five stages applicable during risk management involving hazards. They are hazard identification, establishing possible casualties, evaluation of risks before setting precautions, implementation of findings and reviewing of these precautions from time to time. These steps ensure that the environment in and around the premises are safe for all employees. It also ensures that the business will not incur losses due to the injuries or work stoppages. The activities of the business will be maximized; hence more benefits (HSN&R).
Effective Management of Risks
It is universally accepted that no one can run away from risks. This simply means that everyone, individuals and businesses alike, are vulnerable to risks. In one or another, any particular business has had to face risks which forced it to change its strategy. Since risks are just here to stay, a resilient company is one that has perfected its risk management strategies so that rather than being crippled, they can constrain, limit or even use them to expand their operations. This is mostly as a result of having accurate risk assessment tools and open communication channels.
Identifying risks is a crucial process in risk management. However, the most important part is its assessment. It is compulsory that businesses assess their risks accurately so that the best solution is found. If a business assigns a misleading probability or magnitude to a risk factor, a wrong analysis may be used which will cause the business to incur losses. For instance, a risk factor may be severe yet it was graded as negligible and, hence no action was taken. This in effect means that the company will make losses due to inaccuracy. This underscores the importance of accurate assessment in all spheres: business, society and environment. Additionally, having an open communication system within the business and society will ensure that proper information is shared among the concerned parties. This will facilitate risk management and make it easier.