Scribd
Upload
99 views26 pages

Risk Management

The document outlines a comprehensive risk management approach, detailing objectives, processes, and basic concepts essential for understanding risk management. It covers risk treatment, assessment, and evaluation, along with relevant standards such as ISO 31000. The training emphasizes the importance of identifying and analyzing risks to ensure effective management within organizations.

Uploaded by

adiogie78
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
99 views26 pages

Risk Management

The document outlines a comprehensive risk management approach, detailing objectives, processes, and basic concepts essential for understanding risk management. It covers risk treatment, assessment, and evaluation, along with relevant standards such as ISO 31000. The training emphasizes the importance of identifying and analyzing risks to ensure effective management within organizations.

Uploaded by

adiogie78
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 26

RISK MANAGEMENT APPROACH

1
RISK MANAGEMENT APPROACH

I.Objectives
II.Instructions
III.Basic Concepts of Risk Management
IV.Understanding Risk Treatment
V.Processes Involved in Risk Management
VI.Basic Model of Risk Management
VII.Risk Management Standards
VIII.Self Assessment

2
RISK MANAGEMENT APPROACH

1. Objectives

3
RISK MANAGEMENT APPROACH

Objectives:
Understand the basic concepts and principles of risk
management.

Understand processes involved in risk management

Understand the basic model of risk management

Understand risk treatment

4
RISK MANAGEMENT APPROACH

2. Intructions

5
RISK MANAGEMENT APPROACH

Intructions
There are important details and comments voiced over in this
course. Please enable sound, turn on volume and use headphones
or computer loudspeaker.
If you can’t hear the voice-over or a soft background music with
this first page, then you need to change your set-up.
To support a successful training, we strongly recommend you take
notes during the course. Use your trainee booklet or download it
and print it before taking the course.
The course is interactive and not necessarily linear, but all
pages can be accessed directly when needed.
The course is deemed completed once the last training page is
reached.
6
RISK MANAGEMENT APPROACH

3. Basic Concepts of Risk Management

7
RISK MANAGEMENT APPROACH

3. Basic Concepts of Risk Management


Risk-based thinking in management system
Annex SL – High-level structure requirement:
Actions to address risks and opportunities

Impact on auditors
Need to understand risk management concepts
Need to understand risk different methodologies for:
Risk analysis

Risk assessment

Risk treatment

8
RISK MANAGEMENT APPROACH

3. Basic Concepts of Risk Management


Tolerable Risk
Fundamental concept of tolerable
risk:
Risk cannot be
“Risk which is accepted in a given justified except in
context based on the current Unacceptable
extraordinary
values of the society” circumstances
Organization is
prepared to accept
“Risk that has been reduced to a risk in order to
Tolerable
level that can be endured by the secure benefits
organisation, having regard to
its legal obligations and own Risk regarded as
risk management policy” Broadly insignificant – Further
acceptable efforts to reduce risk
not required

9
RISK MANAGEMENT APPROACH

3. Basic Concepts of Risk Management


Risk Source

Risk source:
“Element which, alone or in combination, has
the intrinsic potential to give rise to risk”.

Hazard:
“Source of potential harm”

10
RISK MANAGEMENT APPROACH

3. Basic Concepts of Risk Management


Risk

Risk :
“Effect of uncertainty on objectives”.

Uncertainty:
“State or condition that involves a
deficiency of information”

Risk is understood as:


“Combination of the likelihood and
consequences of a specific hazardous event
occurring”

11
RISK MANAGEMENT APPROACH

3. Basic Concepts of Risk Management


Likelihood or Probability
Likelihood = Probability
Likelihood is usually estimated on
assumptions
Probability is more likely to be subject
to calculations
Likelihood can be expressed
qualitatively or quantitatively
Probability is usually expressed
quantitatively
PROBABILIT

Probability: Y
“Relation between the population of
conducive events and all events”
12
RISK MANAGEMENT APPROACH

4. Understanding Risk Management

13
RISK MANAGEMENT APPROACH

4. Understanding Risk Treatment


Risk Treatment

Risk treatment:
Process to modify risk

Manipulating of likelihood or
consequences

14
RISK MANAGEMENT APPROACH

4. Understanding Risk Treatment


Inherent Risk and Residual Risk

Inherent risk:
“Risk that is inherently associated with a
source of risk”

Residual risk:
“Risk remaining after risk treatment”

15
RISK MANAGEMENT APPROACH

4. Understanding Risk Treatment


Risk Treatment
Risk treatment:
Process to modify risk

Treatment options:
Reduce the risk
Remove source of the risk
Modify the consequences
Change the probabilities
Share the risk with others
Retain the risk to pursue an opportunity

16
RISK MANAGEMENT APPROACH

5. Processes Involved in Risk


Management

17
RISK MANAGEMENT APPROACH

5. Processes Involved in Risk


Management
Risk Assessment

Process to identify, analyze and evaluate risks

18
RISK MANAGEMENT APPROACH

5. Processes Involved in Risk


Management
Risk Identification
Risk identification is a process that involves
finding, recognizing, and describing the risks that
could affect the achievement of an organization’s
objectives. It is used to identify possible sources of
risk in addition to the events and circumstances
that could affect the achievement of objectives. It
also includes the identification of possible causes
and potential consequences.

The organization can use historical data,


theoretical analysis, informed opinions, expert
advice, and stakeholder input to identify its risks.

19
RISK MANAGEMENT APPROACH

5. Processes Involved in Risk


Management
Risk Analysis
Risk analysis is a process that is used to
understand the nature, sources and causes 2 1
of the risks that the organization has
identified and to estimate the level of risk. It
is also used to study impacts and
consequences and to examine the controls
that currently exist.
4 3

How detailed the organization’s risk


analysis ought to be will depend upon the
LIKELIHOOD
risk, the purpose of the analysis, the
information they have and the resources
available.
20
RISK MANAGEMENT APPROACH

5. Processes Involved in Risk


Management
Risk Evaluation
Risk evaluation is a process that is used to compare risk
analysis results with risk criteria in order to determine whether
or not a specified level of risk is acceptable or tolerable.

21
RISK MANAGEMENT APPROACH

6. Basic Model of Risk Management


Risk Management Process

22
RISK MANAGEMENT APPROACH

7. Risk Management Standards


Available Risk Management Standards

ISO 31000:2009 – Risk Management –


Principles and guidelines

ISO Guide 73:2009 – Risk management –


Vocabulary

ISO 31010:2009 – Risk management – Risk


assessment techniques

23
RISK MANAGEMENT APPROACH

Tip for the Auditor


Typical Flaws in Risk Management

Focusing on spectacular risks

Focusing only on core business


processes

24
RISK MANAGEMENT APPROACH

8. Self Assessment

Now it's time to practice!

25
RISK MANAGEMENT APPROACH

Thank
You…..

26

You might also like