Introduction to Risk Management

How is your risk being managed?
How is your risk being managed?

Risk management has become an integral part of any business model and processes as the organizations are going global and the market situations are increasingly becoming more dynamic. As per the ISO 31000 definition, risk is ‘the effect of uncertainty on objectives’. This ‘effect’ can either be positive or negative. Therefore, risk management can be defined as the process of identification, then assessment, and thereafter, the prioritization of various risks and minimizing, monitoring, and taking control of the probability and impact of such unfortunate events by coordinated application of all the resources, in order to maximize the gains from possible opportunities. Risks can arise from uncertainties which exist in financial markets, legal liabilities, project failures, credit risk, natural accidents, and disasters and even from deliberate attacks.

There are many standards being developed for risk management by the Project Management Institute, National Institute of Science and Technology, ISO standards, and the actuarial societies. The definitions and methods to calculate risk differ from domain to domain. The definition of risk could be different for security and different for an engineering project. It also differs for different sectors. There are different standards established for financial portfolios, public health and safety, project management etc.

There are many strategies to manage risks which may differ from industry to industry. The different strategies include transferring the risk to another company, avoiding anticipated risks, implementing plans to reduce the negative impact which may be caused due to the risk, and finally accepting either some or all the consequences arising out of the risk.

Although there are some brilliant standards established for risk management that have increased the confidence and stability in the estimates and decisions taken to combat risks, some of these are criticized for not being able to show any improvement in either reducing such risks or in preventing them from emerging in the first place.

For more information on risk management and processes, visit Charter4. they offer information on ISO 9001, ISO 14001, ISO 27001, and others.

Author: Jim Johannasen