risk management workshop l.
Skip this Video
Download Presentation
Risk Management Workshop

Loading in 2 Seconds...

play fullscreen
1 / 16

Risk Management Workshop - PowerPoint PPT Presentation

  • Uploaded on

Risk Management Workshop. 21 st May 2008. Definitions. RISK – “events that may prevent achievement of your objectives” RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption”

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Risk Management Workshop' - dirk

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript


RISK – “events that may prevent achievement of your objectives”

RISK MANAGEMENT – “a systematic way of protecting your organisation so that your objectives can be achieved without unnecessary interruption”

RISK ASSESSMENT – “The systematic process of identifying and analysing risks”


Why Manage Risks?

  • Some Risk Control Failures:
  • Barings Bank
  • Mirror Group Pensions
  • Zeebrugge Ferry
  • Enron
  • Harold Shipman
  • Northern Rock

From: The Times

October 10, 2007

Northern Rock had not had a full check-up for 18 months, FSA admits

Patrick Hosking, Banking and Finance Editor

Northern Rock had not been subjected to a thorough supervisory healthcheck for 18 months when it imploded in August, the City’s main regulator admitted to Parliament yesterday.

During two hours of tough questioning by MPs on the Commons Treasury Committee, representatives of the Financial Services Authority (FSA) conceded that it had incorrectly assessed the risk in Northern Rock and admitted that damage had been done to the financial system under its watch.

In a briefing paper given to MPs before the session, the FSA said that the last full risk assessment of Northern Rock bank had been carried out between December 2005 and February 2006.

However, a full risk assessment of Northern Rock, known as an “Arrow” review, was carried out only once every three years. Mr Sants told MPs that in the case of Northern Rock, three years had proved too long.


Risk Management is Part of your Internal Control System

  • Policies and Procedures
  • Reporting
  • Business Planning
  • External Audit
  • Self Assurance
  • Third Party Reports
  • Risk Management Process

5 Stage Process to Risk Management

  • Risk Policy
  • Risk Identification
  • Risk Evaluation/Assessment
  • Risk Mitigation
  • Risk Recording & Monitoring

Risk Policy

  • Vital that NGB’s have a policy for risk management
  • Explains NGB’s approach to risk management
  • Outlines roles and responsibilities
  • Outlines key aspects of the risk management process
  • Identifies the main reporting procedures
  • See Appendix 1 for example policy

Risk Identification Areas

  • Objectives
  • Governance/Management
  • Legal
  • External
  • Operational
  • Human Resources
  • Environmental
  • Funding
  • Technological
  • Financial
  • See Appendix B for example risks

Risk Evaluation/Assessment

  • Identified risks are evaluated in terms of:
  • Probability of risk occurring
  • Potential impact on objectives
  • Evaluation helps to:
  • Prioritize high risks
  • Filter out low risks
  • Determine which risks need to be managed
  • Method: Risk Evaluation Matrix (Appendix C)

Risk Mitigation Methods


(e.g. contracts of insurance, outsourcing)


(e.g. introduction of additional controls, operational changes)


(terminate the activity that causes the risk)


(accept risk level but monitor closely)

Responses chosen attempt to reduce risk to an acceptable level


Recording Risks

  • All identified risks are recorded in a Risk Register which contains the following:
  • Risk Number/Area/Description
  • Objective in danger
  • Responsible person
  • Risk Likelihood & Impact/Overall Risk Assessment
  • Control Procedure
  • Mitigating Action
  • Residual Risk
  • Monitoring Process
  • Further Action Required

Monitoring Current & Future Risks

  • Risk management should not be an annual exercise.
  • Risk management should be ‘embedded’ into all operations
  • Provide risk awareness training
  • Give responsibility to individuals
  • Require all new plans/proposals to assess risk
  • Add risk management issues to agendas
  • Regularly review and update the risk register

Business Continuity Plan

  • Objective: To identify the hazards that may affect critical functions or activities and to ensure that these can be reduced or responded to in an effective way
  • See example Appendix D

The resources in this presentation will be

available for download at