Risk management process: stages, purpose and methods

2024 Author: Howard Calhoun | [email protected]. Last modified: 2024-01-17 18:37

The level of development of engineering and technology, the introduction of a large amount of information dictates high standards for the quality of services and products to businesses. If such requirements exist, it is necessary to take into account all critical factors in the design, development and implementation of processes, including the risk factor. The entrepreneur needs to use all possible methods in the arsenal of risk management in order to minimize them.

Concept

The risk management process is the decision-making and implementation of actions that contribute to the achievement of an acceptable level of safety by the enterprise. In practice, this action is identified with the processes of diagnostics and risk minimization, the purpose of which is to ensure stable financial results and create conditions for further development.

Target

The objectives of the risk management process are:

• organisation's chances of survival;
• going concern;
• maintaining profitability;
• stability of indicators;
• growth continues.

These goals must be formulated even beforehow the risks begin to emerge. Thanks to the tasks set, it is possible to determine the measures to prevent the impact of threats on the company's activities.

Organizational basis of the process

Let's consider the main risk management processes in enterprises.

It is not possible to implement a single top-down framework that takes every situation into account when making and implementing business decisions. The repeatability of the risk management process does not mean that the actions at the individual stages will be identical. They apply statistical methods, which, combined with knowledge of financial instruments, can manage risks and allow effective preventive measures to be taken.

The organization of the risk management process is associated with the creation of control procedures that continuously monitor the impact of previously identified hazards on the activities of the entrepreneur. By paying active attention to risk, he can determine one of the alternative approaches to the problem, choosing between physical risk control and financial control.

Steps

Let's consider the main stages of the risk management process in companies in the form of a plan that should be part of any project. It must identify all potential and actual hazards, determine the likelihood and weight of each risk, and propose mechanisms for resolving problems. The plan defines the persons responsible for the implementation of crisis measures. Actions required for risk planning,include: risk identification, risk assessment and creation of a risk management table.

In this case, the plan is a set of actions whose purpose is to force the manager to create and organize a risk management process. It should also lead to the formation of a certain infrastructure. Its tasks include actions aimed at preparing alternative ways to solve the problem, isolating, reducing and eliminating risk, if possible, determining temporary and monetary reserves for safety against threats that may arise during the planning of project goals.

In the planning process, the necessary inputs are the organization's risk management policy, plan template, work breakdown structure, register of duties and roles of employees, project card, risk management guide.

The above inputs should be used when creating a risk management plan. It should include a methodology that defines the tools, methods and sources of data that are important for process control. When creating a plan, a description of the roles and responsibilities of employees and organizational groups is carried out. In addition, it should contain the total budget of the project, a list of deadlines. Risk management activities should be described in detail at all stages. It is necessary to reflect the system for assessing undesirable events of the project and the criteria that determine the timing of the procedures in relation to the emerging risk. The final step to include in your risk management plan is to create documentation andrisk monitoring during project implementation.

Example table

Steps of the risk management process are presented in a specific example in the form of a table.

Stage	Characteristics of work
Description	target; action; · required performance properties; · required technical properties; needed support (based on commitment/responsibility matrix).
Action summary	· summary of requirements; management; Integrated chart.
Risk management issues	risk management strategy; · Tolerance of interest groups in relation to risk; Diagram of an organization's risk management plan.
Risk management framework	Definitions; Solutions; · time synchronization; Reference levels; · execution.
Problems related to implementation	· risk identification; classification; · measurement; risk planning; planning risk response methods; Supervision and risk control.
Other important plans	other conditions
Summary of methodology	basic evaluation methods
Conclusion	final conclusions

Creating a table

The risk management process system can be represented by the formation of a special table with a risk management plan.

The source for creating a table in the form of a plan is a list of individual risks, where each of them is described on a specific line. Next, they set the weight of a specific risk, the probability of its occurrence, determine the level of risk tolerance, calculate its impact on the project and determine the magnitude of the risk.

The table below shows an example of a risk management plan.

risk	Risk weight	Probability of Appearance	Level of tolerance	The impact of risk on the project	Risk value
1. Project size	5	50 %	2-4	10	15
2. Technical difficulties	6	15 %	1-3	7	10

Other actions to follow in the process of implementing the plan:

• Formation of preventive measures: definition and description of actions to prevent this type of risk. Of course, avoid it oftenimpossible, but in some cases it can be prevented.
• Identification of persons responsible for carrying out preventive measures. Such a person must be described in detail.
• Identification of a crisis scenario: if there is a risk, it is necessary to minimize its consequences. That's why it's important to always have a script of what needs to be done to get the risk under control.
• Determine the employee responsible for compliance with the crisis scenario.

Below is the risk table.

Number	Threat Related to:	Probability of Appearance	Weight	Degree of danger	Possible losses in the project (thousand rubles)
1.	Project size	50 %	5	2.5	15, 0
2.	Technical difficulties	15 %	6	0.9	10, 0
3.	Degree of integration	30%	7	2, 1	15, 0
4.	Organizational difficulties	75 %	2	1, 5	2, 0
5.	Introduced changes	60 %	5	3.0	20, 0
6.	Team variability	20 %	3	0.6	5.0

Rating

The processes of risk assessment and management characterize the main methods.

Each method includes common elements. These include: identification of danger, assessment of the likelihood of potential threats and losses that it can bring. This applies to both business and the social sphere. Regardless of which method or strategy a company chooses, information should always be collected to help identify and develop the optimal risk management methodology. Each of the risk management processes consists of four successive steps:

• risk identification;
• risk measurement;
• risk control;
• monitoring and auditing risks.

The following methods are used for risk assessment:

• Sensitivity analysis is a simple tool that examines the impact of changes in the benefits and cost of the project, discount rate. This analysis is used to determine the sensitivity of cost-benefit results to changes in various variables. It is an important tool for reducingthe risk of decisions taken in a market economy, in particular, it can affect the profitability of investments. The future cannot be predicted accurately. The cost of each change included in the investment plan will deviate from these assumptions. The main characteristic of this analysis is the calculation of the turning point, which means that the value of the product sold will become equal to the income.
• Risk analysis based on the so-called decision tree, which determines the interdependencies and possible outcomes depending on the choice of procedure. For example, buying a very expensive device at a price that allows you to complete work several days faster or doubles the rate for overtime work. We start with the original event and, in turn, imagine possible sequences of events. We will get the probability as a result of the product of the probabilities of all events created on the tree.
• SWOT-analysis, that is, an analysis of the strengths, weaknesses, threats and opportunities for working on a project. It is especially useful in situations of change in the project environment. The name of the method comes from English words (strengths, weaknesses, opportunities, threats). It is used as a universal tool for the first stage of strategic analysis. It allows you to use the collected information to develop a strategy based on strengths and opportunities, eliminating or reducing weaknesses and threats. This is a very old and primitive technique in relation to the possibilities of analysis today.

Every risk is inextricably linked with knowledgethe specifics of this event. The analysis indicates the specific causes of the threat and the losses associated with it. This allows you to determine whether this catastrophe is a consequence of certain patterns. As a result, it is possible to limit the amount of losses or maximize profits if the benefits from such events can be obtained (for example, profit from the sale of individual insured instruments). Based on what, financing methods are determined, where economic losses are possible, and risk management methods are selected.

Analysis of the risk management process

It is carried out in three key areas:

• Can the risk assessment process be improved to better predict and recognize risks.
• How to adapt risk management activities to changing business goals.
• Is it possible to improve the coordination and control of risk teams.

How to drive

Project risk management processes are often considered in project management concepts. In recent years, the concept of project management has been widely developed. Many companies today operate based on this concept. Therefore, PMI (Project Management Institute) carried out a detailed analysis and divided risk management in the project into six stages:

• Preparing a risk study plan for a specific project. It is recommended to carry out the appropriate procedures: select the necessary documentation and methods.
• Identificationrisk - determination of the actual state and factors characterizing the risk of the project.
• Qualitative risk analysis - includes an assessment of the significance of threats that may arise during the implementation of the project. Factor surveys can also be used, although they are usually included in the next step.
• Quantitative risk analysis - focuses on making probabilistic measurements in the area of occurrence of individual risk factors. This probability can be considered as objective or subjective.
• Planning measures to prevent risk. The main goal is to create a plan aimed at preventing or limiting potential risk. The focus is on the development of appropriate methods and material means of protection against risk factors.
• Monitoring and control of risks. It consists of two aspects: forms and implements a risk management system; is to carry out preventive and supervisory activities covering this project.

Financial risk considerations

Let's consider the process of managing financial risks in an enterprise.

This is the area of management that is dedicated to creating value through the appropriate use of certain financial instruments to reduce the company's risk.

Working with financial risks is part of the activity in the field of risk management at the enterprise, which consists in its definition, assessment, as well as in planning activities related to itsdecline. Risk managers focus on using financial instruments in a certain way and at certain times to limit an enterprise's exposure to risk that can be very costly to the enterprise.

The financial risk management team is made up of experts in financial markets, quantitative methods and financial engineering. They have extensive knowledge of accounting for financial instruments as well as international norms and standards.

Control procedures

The risk management process implies the existence of control procedures that are based on the decisions and actions of people within the organization, supported by the measurement of specific risk factors. Using statistical methods, the probability of damage is completely eliminated. There are two methods:

• a way to avoid risk: it has a preventive function;
• risk mitigation work - undertaken to try to reduce the frequency and size of potential losses.

The first method is the main one that can reduce potential losses caused by the impact of risk. For this purpose, long-term strategies are used, which are passive, but require huge costs.

Risk mitigation finds its application in the implementation of the latest solutions and the creation of more durable technologies.

Financial risk control allows for risk management within the enterprise (holding) or its transfer outside. The simplest solution- stop the risk in the enterprise - does not involve additional initial costs, so the temptation to widely use the method is very strong.

Conclusion

Elements of risk can be observed in almost all areas of the company. It is not a random value and depends on the action of many factors on the firm. For its development and stabilization, it is necessary to properly organize the risk management process in order to maintain profitability and increase profitability in the market, as well as to form competitive advantages.