Why RiskManagment is important in Business?

Risk management is a process in which businesses identify, assess and treat risks that could potentially affect their business operations. No business is short on challenges in its quest to further its growth and development, particularly in its early stages. You could in fact argue that there are two sides to a ledger that businesses exist upon: on one sits the small and early-stage businesses, with the odds of long-term survival set against them, and on the other sit big, established companies, with seemingly every advantage to perpetuate their existence. To navigate those long odds, the startup or small business has to navigate carefully through treacherous waters, spotting and steering clear of dangers as the present themselves. Running a business takes hard work, which can reap the rewards of customers, revenue and satisfaction. While success is the ultimate goal, business risk may stop you from achieving the goals you set.

What is a risk?

A risk can be defined as an event or circumstance that has a negative effect on your business, for example, the risk of having equipment or money stolen as a result of poor security procedures. Types of risk vary from business to business. You must decide on how much risk you are prepared to take in your business. Some risks may be critical to your success; however, exposing your business to the wrong types of risk may be harmful.

The most common business risk categories are:

• strategic –decisions concerning your business’ objectives
• compliance –the need to comply with laws, regulations, standards and codes of practice
• financial –financial transactions, systems and structure of your business
• operational –your operational and administrative procedures
• environmental –external events that the business has little control over such unfavourable weather or economic conditions
• reputational –the character or goodwill of the business.

Others include health and safety, project, equipment, security, technology, stakeholder management and service delivery.

Preparing a risk management plan

Your risk management plan should detail strategies for dealing with risks specific to your business. It’s important to allocate time and resources to preparing your plan to reduce the likelihood of an incident affecting your business.

You can develop a risk management plan by following these steps:

• Identify the risk
• Assess the risk
• Manage the risk
• Monitor and review

1. Identify the risk

Undertake a review of your business to identify potential risks. Some useful techniques for identifying risks are:

Evaluate each function in your business and identify anything that could have a negative impact on your business.

Review your records such as safety incidents or complaints to identify previous issues.

Consider any external risks that could impact on your business.

Brainstorm with your staff.

Ask yourself ‘what if’:

• you lost power?
• your premises were damaged or not accessible?
• your suppliers went out of business?
• there was a natural disaster in your area?
• one of your key staff members resigned or was injured at work?
• your computer system was hacked?
• your business documents were destroyed?

2. Assess the risk

You can assess each identified risk by establishing:

• the likelihood (frequency) of it occurring
• the consequence (impact) if it occurred

To determine the likelihood and consequence of each risk it is useful to identify how each risk is currently controlled. Controls may include:

• elimination
• substitution
• engineering controls
• administrative controls
• personal protective equipment.
• A risk analysis matrix can assist you to determine the level of risk.

3. Manage the risk

Managing risks involves developing cost effective options to deal with them including:

• avoiding
• reducing
• transferring
• accepting.

Avoid the risk - change your business process, equipment or material to achieve a similar outcome but with less risk.

Reduce the risk - if a risk can’t be avoided reduce its likelihood and consequence. This could include staff training, documenting procedures and policies, complying with legislation, maintaining equipment, practicing emergency procedures, keeping records safely secured and contingency planning.

Transfer the risk - transfer some or all of the risk to another party through contracting, insurance, partnerships or joint ventures.

Accept the risk – this may be your only option.

4. Monitor and review

You should regularly monitor and review your risk management plan and ensure the control measures and insurance cover is adequate. Discuss your risk management plan with your insurer to check your coverage.

Managing Risks: A New Framework

When Tony Hayward became CEO of BP, in 2007, he vowed to make safety his top priority. Among the new rules he instituted were the requirements that all employees use lids on coffee cups while walking and refrain from texting while driving. Three years later, on Hayward’s watch, the Deepwater Horizon oil rig exploded in the Gulf of Mexico, causing one of the worst man-made disasters in history. A U.S. investigation commission attributed the disaster to management failures that crippled “the ability of individuals involved to identify the risks they faced and to properly evaluate, communicate, and address them.” Hayward’s story reflects a common problem. Despite all the rhetoric and money invested in it, risk management is too often treated as a compliance issue that can be solved by drawing up lots of rules and making sure that all employees follow them. Many such rules, of course, are sensible and do reduce some risks that could severely damage a company. But rules-based risk management will not diminish either the likelihood or the impact of a disaster such as Deepwater Horizon, just as it did not prevent the failure of many financial institutions during the 2007–2008 credit crisis.

Preparing a risk management plan and business impact analysis

The process of identifying risks, assessing risks and developing strategies to manage risks is known as risk management and mitigation. A risk management plan and a business impact analysis are important parts of your business continuity plan. By understanding potential risks to your business and finding ways to minimize their impacts, you will help your business recover quickly if an incident occurs. Types of risk vary from business to business. You won’t be able to prepare for all of them, but preparing a risk management plan involves a common process that you can learn from to respond to any incident. Your risk management plan should detail your strategy for dealing with risks specific to your business. It's important to allocate some time, budget and resources for preparing a risk management plan and a business impact analysis. This will help you meet your legal obligations for providing a safe workplace and can reduce the likelihood of an incident negatively impacting on your business. It may also be required by your insurance company and financer.

Courtesy: Best tax advisory in Australia