1 / 16

Risk Management Workshop

Risk Management Workshop. 21 st May 2008. Definitions. RISK – “events that may prevent achievement of your objectives” RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption”

dirk
Download Presentation

Risk Management Workshop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk Management Workshop 21st May 2008

  2. Definitions RISK – “events that may prevent achievement of your objectives” RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption” RISK ASSESSMENT – “The systematic process of identifying and analysing risks”

  3. Why Manage Risks? • Some Risk Control Failures: • Barings Bank • Mirror Group Pensions • Zeebrugge Ferry • Enron • Harold Shipman • Northern Rock

  4. From: The Times October 10, 2007 Northern Rock had not had a full check-up for 18 months, FSA admits Patrick Hosking, Banking and Finance Editor Northern Rock had not been subjected to a thorough supervisory healthcheck for 18 months when it imploded in August, the City’s main regulator admitted to Parliament yesterday. During two hours of tough questioning by MPs on the Commons Treasury Committee, representatives of the Financial Services Authority (FSA) conceded that it had incorrectly assessed the risk in Northern Rock and admitted that damage had been done to the financial system under its watch. In a briefing paper given to MPs before the session, the FSA said that the last full risk assessment of Northern Rock bank had been carried out between December 2005 and February 2006. However, a full risk assessment of Northern Rock, known as an “Arrow” review, was carried out only once every three years. Mr Sants told MPs that in the case of Northern Rock, three years had proved too long.

  5. Risk Management is Part of your Internal Control System • Policies and Procedures • Reporting • Business Planning • External Audit • Self Assurance • Third Party Reports • Risk Management Process

  6. 5 Stage Process to Risk Management • Risk Policy • Risk Identification • Risk Evaluation/Assessment • Risk Mitigation • Risk Recording & Monitoring

  7. Risk Policy • Vital that NGB’s have a policy for risk management • Explains NGB’s approach to risk management • Outlines roles and responsibilities • Outlines key aspects of the risk management process • Identifies the main reporting procedures • See Appendix 1 for example policy

  8. Risk Identification Areas • Objectives • Governance/Management • Legal • External • Operational • Human Resources • Environmental • Funding • Technological • Financial • See Appendix B for example risks

  9. Risk Evaluation/Assessment • Identified risks are evaluated in terms of: • Probability of risk occurring • Potential impact on objectives • Evaluation helps to: • Prioritize high risks • Filter out low risks • Determine which risks need to be managed • Method: Risk Evaluation Matrix (Appendix C)

  10. Example Risk Evaluation Matrix Impact Probability

  11. Risk Mitigation Methods Transfer (e.g. contracts of insurance, outsourcing) Treat (e.g. introduction of additional controls, operational changes) Terminate (terminate the activity that causes the risk) Tolerate (accept risk level but monitor closely) Responses chosen attempt to reduce risk to an acceptable level

  12. Recording Risks • All identified risks are recorded in a Risk Register which contains the following: • Risk Number/Area/Description • Objective in danger • Responsible person • Risk Likelihood & Impact/Overall Risk Assessment • Control Procedure • Mitigating Action • Residual Risk • Monitoring Process • Further Action Required

  13. Monitoring Current & Future Risks • Risk management should not be an annual exercise. • Risk management should be ‘embedded’ into all operations • Provide risk awareness training • Give responsibility to individuals • Require all new plans/proposals to assess risk • Add risk management issues to agendas • Regularly review and update the risk register

  14. Business Continuity Plan • Objective: To identify the hazards that may affect critical functions or activities and to ensure that these can be reduced or responded to in an effective way • See example Appendix D

  15. The resources in this presentation will be available for download at http://www.welshsports.org.uk

More Related