Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk Identification Chapter 6.

Published byAlexina McGee Modified over 9 years ago

Similar presentations

Presentation on theme: "Risk Identification Chapter 6."— Presentation transcript:

1 Risk Identification Chapter 6

2 RM Identification Traditional RM - Seeks to employ methods of identifying specific loss exposures that could interfere with achieving an organization’s primary goals. Committee of Sponsoring Organizations (COSO) ERM – calls this step “event identification” defined as management identifying “potential events affecting an entity’s ability to successfully implement strategy and achieve objectives.”

3 Risk Identification Tools
Checklists, questionnaires, surveys Personal Interviews Performance standards checks Process flow analysis – routine inspections and quality control measures Audits – both internal and external Specialized Computer software Team approaches – brainstorming Claims history Insurance records

4 Holistic Risk Identification
Most risks are concentrated in a specific area which makes it difficult to identify how a risk may impact the entire organization. Examples: Financial risks are found in accounting and financial areas Products liability risk are found in manufacturing areas Example, failure to recognize the financial problems of a supplier could cause production problems that lead to product defects loss of revenues Easier said than done.

5 Holistic Risk Identification Quadrants
See p. 6.7 Risks are identified within the quadrants of strategic, financial, operational, and hazard risks After risk has been identified in each quadrant, then the RM must perform a scenario analysis and assign event likelihoods and consequences Eg., a fire risk should be developed in scenarios ranging from a fire in a warehouse that stops production for six weeks vs one that is put out in three hours

6 COSO ERM Identification Approach
Requires categorizing risks; Suggests using a cascading hierarchy, beginning with high-level objectives and cascading down to risks related to the objects of a particular business unit’s function

7 Top-Down and Bottom-Up Approaches
Top-down: Senior Mgmt decides which risks pose the most problematic threat to meeting the organization’s objectives; Depends on reports from middle and senior mgmt Provides limited view of risks that may be in the organization Bottom-up: the views of employees are included Provides a realistic observation of the operational environment Takes time to compile and analyze risk and does not provide holistic approach

8 Use of Teams to Identify Risks
Workshops facilitate discussions to identify potentially negative outcomes Delphi technique uses opinions of a specific group of experts to identify risks by responding to a survey Scenario analysis helps prioritize risks and potential consequences using an internal cross-functional team

9 HAZOP Team approach to Risk ID
Hazard and Operability Study Uses a study team in a facilitated workshop to: Subdivide the project into small components Review each component to identify risks Identify cause and potential outcomes for each risk Develop a solution for each risk

10 SWOT Strengths, weaknesses, opportunities, and threats
Team approach that is useful in analyzing a new project Strengths and weaknesses are internal factors to examine Opportunities and threats are external factors to consider Useful when there is a specific goal, such as the feasibility of launching a new product; if goal is too general, this method is less helpful. (See p. 6.11)

11 Risk Registers A matrix to identify risks according to their likelihood and potential consequences Developed at the risk owner level; designed to link activities, processes, projects, or plans to a list of identified risks and results of risk analysis and evaluation and that is ultimately combined at the enterprise level. Helps identify key risks in order of priority Used mostly with scenario models (eg., page )

12 Risk Maps Uses risks identified in a risk register and provides a matrix of the likelihood and impact of an exposure Different colors represent different levels of risk, secluding the difference in combinations of impact and likelihood. (called heat mapping) Time dimension risk maps help define the urgency or different risks The difference between the residual or (current) level or sisk and the optimum risk (based on organization’s risk appetite) represents the risk treatment opportunity to continue to reduce risk

13 Identifying Loss Exposures – Internal Documents: How may an organization use each one?
Financial statements Accounting records Contracts Insurance policies Policy and procedure manuals Flowcharts and organizational charts and loss histories (E.g., p. 6.27)

14 Identifying Loss Exposures – External Documents: How may an organization use each one?
Questionnaires Checklists and surveys Websites News releases Reports from external organizations

15 Application How can each of these documents be used in your company project?

Download ppt "Risk Identification Chapter 6."

Similar presentations

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Systems Investigation and Analysis

Systems Investigation and Analysis
Planning: Processes and Techniques

Planning: Processes and Techniques
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
TECH Project Company X Documentation Plan Champion/Define Phase

TECH Project Company X Documentation Plan Champion/Define Phase
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
1 Why do we need to change?. Three Stream Model For Change Management Problem Stream Solution Stream Political Stream Change.

1 Why do we need to change?. Three Stream Model For Change Management Problem Stream Solution Stream Political Stream Change.
How to Document A Business Management System

How to Document A Business Management System
Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.

Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.
Risk Management Chapter 7.

Risk Management Chapter 7.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
Project Risk Management

Project Risk Management
Managing Project Risk.

Managing Project Risk.
Risk Assessment Frameworks

Risk Assessment Frameworks
Managing Project Risk.

Managing Project Risk.
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Similar presentations

Ads by Google