Risk Management - J. Samuel Richards

Effective risk management will provides better protection for your business. Effective risk management will also improve business performance, decision making and competitive advantage in your industry. Effective risk management is a team effort between your business and us. We will help you collectively identify and assess the risks facing your business. During this journey, we will facilitate your team to evaluate each risk according to its "likelihood" (that is, the probability that the risk will occur) and its "consequence" (the impact the risk if it did happen) and generate a risk matrix that will be used throughout the business.

Likelihood

Rating

Assessment

Definition

1

Rare

The risk is conceivable but is only likely to occur in extreme circumstances.

2

Unlikely

The risk occurs infrequently and is unlikely to occur within the next one year.

3

Moderate

There is an above average chance that the risk will occur at least once in the next 6 months.

4

Likely

The risk could easily occur, and is likely to occur at least once within the next 3 months.

5

Common

The risk is already occurring, or is likely to occur more than once within the next month.

Consequence- negative outcome or missed opportunities

Rating

Assessment

Definition

1

Insignificant

That are likely to have a negligible impact on ability to meet objectives.

2

Minor

That are likely to have a relatively low impact on ability to meet objectives.

3

Moderate

That are likely to have a relatively moderate impact on ability to meet objectives.

4

Major

That are likely to have a relatively substantial impact on ability to meet objectives.

5

Critical

That are of critical importance to the achievement of objectives.

Risk Evaluation Map

Once such an analysis is done, some risks will require no action, but when a risk has a potentially high likelihood and substantial impact, management will be required to take action to move that risk into an acceptable range or even eliminate it altogether, based on a risk/return analysis of the effects of such action on the entire organization. Having systematically assessed and categorized your risks, we will work with management to determine which risks should be managed at the enterprise level and which ones to cascade down into the structure of the business depending on the nature of the risks in question and the preferences of management and/or the Board. Regardless of whether risks are managed in a centralized or not, your business would need to create Enterprise Risk Management (ERM) officers who are responsible for developing and managing the risk management strategy. As part of the preliminary review, we shall document existing risk management activities in the business.
Approach
Extremely participatory and expect co-operation from the Board and staff to participate in interviews, surveys and workshops as we go through the following cycle.

Deliverables (tailored to your specific needs)

  1. Governance: Risk management policy statement, to be signed by the Board Chairperson
  2. Risk management policy, including the use of the three lines of defense
  3. Risk management framework; typically based on components and consistent with the Australian/New Zealand AS/NZS ISO 31000:2009, Risk Management-Principles and Guidelines
  4. Risk management procedures/manual
  5. Risk register and reporting templates
  6. Risk management strategy implementation plan

Throughout the process, we train the Board, management, risk champions and all staff.