The Australian Standard for Risk Management AS/NZS 4360:2004 defines risk management as: “the culture, processes and structures that are directed towards realizing potential opportunities whilst managing adverse effects”.
Risk management is not just about completing an (often suggested) risk management plans, then forgetting about it by putting it in your bottom drawer. Ongoing risk management is an important activity for all organizations – government and private. Organizations that effectively manage project risk achieve their objectives and desired outcomes. Well, it minimizes the damage caused by negative results and identifies opportunities to improve project results.
No matter what the size, every project will be put at risk at some point. Risks can be direct, physical problems such as illness, flood or fire damage, theft or vandalism. But the risk can also be less clear and obvious such as poor decision making, poor recruitment process or investment in inappropriate technology.
Risk treatment plans for organizations
Business risk is related to exposure to certain events that will negatively impact the company’s strategies and objectives. Occupational risk, therefore, occurs due to two factors: the probability of the event as well as the severity of the outcome (Bowden, Lane and Martin, 2001). There are several risks that are more specific to my organization, and are shown below:
- Strategic risks
Strategic risks resulting from poor planning, such as poor marketing strategy and poor acquisition strategy (Bowden et al., 2001). Poor marketing and the acquisition of various grades of steel and agricultural products may prove to be the downfall of the organization.
- Financial risks
Lack of inventory management as a result of economic risks, such as debt appraisal and poor receivables and poor financial control (Bowden et al. 2001). Inadequate debt appraisal of potential business and other debtors, as well as low debtor business, can be a poor reflection of a company’s strategy and objectives.
- Operational risks
Poor operational hazards, such as poor behaviour and routine actions, result from poor human actions (Bowden et al., 2001). Non-compliance with safe practices of the organization by employees or even voluntary actions can create potential operational and financial losses for the company.
- Technical risks
Technical hazards as a result of physical property failures, such as equipment and structural breakdowns and fires (Bowden et al., 2001). Such risks may be present in my organization if appropriate steps are not taken to prevent these technologies. Unfortunately, many organizations focus more on the performance and cost parameters of technical risk and manage it more (Smith and Reinertsen, years unknown).
- Market risks
Market risk, such as inadequate market research, the risk of not meeting market needs, assuming the specification is satisfied (Smith and Reinertsen, year unknown). This risk may be more significant than others, although it is managed due to less risk and is quantitative compared to the reported risk.
As a result of such risks mentioned above, with advances in technology and competitive pressures, risk management processes have played a more important role in the survival of businesses today (Bowden et al., 2001). Risk management is a logical and systematic way of determining context, identifying risks, analysing risks, evaluating risks and, ultimately, treating risks. This approach includes monitoring and reviewing the treatment of risks as well as the findings of communication and advice. This approach to risk management is known as the AS 4360 method (Bowden et al. 2001).