Risk management workshop l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

Risk Management Workshop PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Risk Management Workshop. 21 st May 2008. Definitions. RISK – “events that may prevent achievement of your objectives” RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption”

Download Presentation

Risk Management Workshop

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Risk management workshop l.jpg

Risk Management Workshop

21st May 2008

Definitions l.jpg


RISK – “events that may prevent achievement of your objectives”

RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption”

RISK ASSESSMENT – “The systematic process of identifying and analysing risks”

Slide4 l.jpg

Why Manage Risks?

  • Some Risk Control Failures:

  • Barings Bank

  • Mirror Group Pensions

  • Zeebrugge Ferry

  • Enron

  • Harold Shipman

  • Northern Rock

Slide5 l.jpg

From: The Times

October 10, 2007

Northern Rock had not had a full check-up for 18 months, FSA admits

Patrick Hosking, Banking and Finance Editor

Northern Rock had not been subjected to a thorough supervisory healthcheck for 18 months when it imploded in August, the City’s main regulator admitted to Parliament yesterday.

During two hours of tough questioning by MPs on the Commons Treasury Committee, representatives of the Financial Services Authority (FSA) conceded that it had incorrectly assessed the risk in Northern Rock and admitted that damage had been done to the financial system under its watch.

In a briefing paper given to MPs before the session, the FSA said that the last full risk assessment of Northern Rock bank had been carried out between December 2005 and February 2006.

However, a full risk assessment of Northern Rock, known as an “Arrow” review, was carried out only once every three years. Mr Sants told MPs that in the case of Northern Rock, three years had proved too long.

Slide6 l.jpg

Risk Management is Part of your Internal Control System

  • Policies and Procedures

  • Reporting

  • Business Planning

  • External Audit

  • Self Assurance

  • Third Party Reports

  • Risk Management Process

Slide7 l.jpg

5 Stage Process to Risk Management

  • Risk Policy

  • Risk Identification

  • Risk Evaluation/Assessment

  • Risk Mitigation

  • Risk Recording & Monitoring

Slide8 l.jpg

Risk Policy

  • Vital that NGB’s have a policy for risk management

  • Explains NGB’s approach to risk management

  • Outlines roles and responsibilities

  • Outlines key aspects of the risk management process

  • Identifies the main reporting procedures

  • See Appendix 1 for example policy

Slide9 l.jpg

Risk Identification Areas

  • Objectives

  • Governance/Management

  • Legal

  • External

  • Operational

  • Human Resources

  • Environmental

  • Funding

  • Technological

  • Financial

  • See Appendix B for example risks

Slide10 l.jpg

Risk Evaluation/Assessment

  • Identified risks are evaluated in terms of:

  • Probability of risk occurring

  • Potential impact on objectives

  • Evaluation helps to:

  • Prioritize high risks

  • Filter out low risks

  • Determine which risks need to be managed

  • Method: Risk Evaluation Matrix (Appendix C)

Slide11 l.jpg

Example Risk Evaluation Matrix



Slide12 l.jpg

Risk Mitigation Methods


(e.g. contracts of insurance, outsourcing)


(e.g. introduction of additional controls, operational changes)


(terminate the activity that causes the risk)


(accept risk level but monitor closely)

Responses chosen attempt to reduce risk to an acceptable level

Slide13 l.jpg

Recording Risks

  • All identified risks are recorded in a Risk Register which contains the following:

  • Risk Number/Area/Description

  • Objective in danger

  • Responsible person

  • Risk Likelihood & Impact/Overall Risk Assessment

  • Control Procedure

  • Mitigating Action

  • Residual Risk

  • Monitoring Process

  • Further Action Required

Slide14 l.jpg

Monitoring Current & Future Risks

  • Risk management should not be an annual exercise.

  • Risk management should be ‘embedded’ into all operations

  • Provide risk awareness training

  • Give responsibility to individuals

  • Require all new plans/proposals to assess risk

  • Add risk management issues to agendas

  • Regularly review and update the risk register

Slide15 l.jpg

Business Continuity Plan

  • Objective: To identify the hazards that may affect critical functions or activities and to ensure that these can be reduced or responded to in an effective way

  • See example Appendix D

Slide16 l.jpg

The resources in this presentation will be

available for download at


  • Login