Professional Documents
Culture Documents
Unec 1695844500
Unec 1695844500
Unec 1695844500
is important
Lecturer: Fatima Rustamova
1. Definitions of risk
2. Types of risks
3. Risk description
4. Levels of risk
5. Classification systems
Content 6.
7.
Risk likelihood and impact
Why understanding risk is important
8. Impact of hazard risks
9. Attachment of risks
10. Risk and reward
11. Attitudes to risk
12. Risk and triggers
Whatever we think of as ‘risk’, it is changing in the digital age.
Organizations of all types – government, local and health authorities,
manufacturers and service providers, financiers and criminals – now use
computers and are digitally processing immense amounts of data. Almost
half of all households worldwide have a computer at home, and, whilst it is
estimated that number is a third of households in developing countries, the
Introduction impact on everyday lives and activity cannot be underestimated.
As our everyday activity is changing, so should our attitude to risk. Mark
Zuckerberg famously said that ‘in a world that is changing really quickly, the
only strategy that is guaranteed to fail is not taking risks’.
Definitions of
risk
Risk is often perceived as being
undesirable: The Oxford
English Dictionary defines risk
in terms of hazard, danger, loss
or adverse consequence.
Risk may have positive or negative outcomes and may be considered to be
related to an opportunity or a threat, or simply to uncertainty of outcome for
an organization. Every risk has its own characteristics that require particular
management or analysis. In this book, risks are divided into four categories:
● Inherent level of risk: The level of risk before any actions have
been taken to change the likelihood or magnitude of the risk.
● Current or residual level of risk: The level of risk after initial
Levels of risk control measures have been put in place.
● Target level of risk: The level of risk that is desired or will be
obtained with the application of further control measures.
understanding Strategy: Because the risks associated with different strategic options will be
fully analysed, better strategic decisions will be reached.
risk is Tactics: Because consideration will have been given to selection of the tactics
and the associated risks involved, available alternatives can be evaluated.
important Operations: Because events that can cause disruption will be identified in
advance and actions taken to reduce their likelihood of occurring, the damage
caused by these events will be limited and the costs contained.
Compliance: This will be enhanced because the risks associated with failure to
achieve compliance with statutory and customer obligations will be addressed.
Hazard risks are often insurable as they can only have a negative outcome.
Hazard risk management is concerned with issues such as health and safety at
work, re prevention and avoiding the consequences of defective products.
Hazard risks can cause disruption to normal operations, as well as resulting
Impact of in increased costs and poor publicity associated with disruptive events.
If a hazard risk materializes, it may have a very large impact. For example, a
hazard risks re could destroy the main distribution warehouse of an organization, but the
risks can be reduced by putting in place controls to minimize nancial impact
(by insurance) or reduce the extent of damage to reputation (through crisis
management).
The organization will need to
ask what features or
components are key to success.
This will result in the identi
cation of the strengths,
weaknesses, opportunities and
threats facing the organization.
This is often referred to as a
SWOT analysis. Having identi
ed key dependencies, the
organization can then consider
Attitudes to Risk attitude indicates the way the organization perceives the likelihood
and impact of uncertainty (including what it can do about the uncertainty).
risk Risk appetite indicates the amount of risk an organization is willing to
seek or accept in pursuit of its long-term objectives.
The purpose of using the
bow-tie illustration is to
demonstrate the risk
classification systems
used by the organization
and the potential range
of impacts should a risk
materialize. Controls
can be put in place to
Risk and
optimize the risk
occurring (preventing
downside or, if it’s an
triggers opportunity, controls
can make it more likely
to happen and impact
bigger) and these can be
represented by vertical
lines on the left-hand
side of the bow-tie. In a
similar manner,
recovery controls can be
represented on the right-
hand side of the bow-tie.
Risk and
triggers
THANKS!ANY
QUESTIONS?