Abstract of The Sample
What are risk management and the function of risk management in a business organization? What are the different roles, actions, or functions performed by the management in order to perform efficient risk management for any business organization? What is the risk assessment process, and what approaches can be used to perform successful risk management in an organization? Know the answers for more questions like these by just
Risk is an aspect which has dual outlook positive and negative. It is impossible to find any activity or work which is not surrounded by risk. Risk is involved in each and every aspect of human and organization activities and for this reason it is said risk is inevitable in nature. It is true that the risk cannot be avoided, but it can be reduced to a certain level to minimize the losses. These losses will be minimized with the help of implementation of proper risk management process which includes identification of risk, Assessment of risk, and prioritization of risk (Friedlob and Schleifer, 2003). In this viewpoint, this report is made to give the best understanding of how risk management is implemented in the organization by considering various factors and drivers that affect the business enterprise activities. Further, the report will also discuss the management strategies and approaches for risk management.
1.1 Role of risk management function in business organization
Management of risk is a primary part that the business organization considered before framing any strategies related to survival and growth of the enterprise. The purpose of risk management is to identify the future uncertainty and its assessment to what extent it can affect the organization activities. On the basis of this assessment, business enterprise prioritizes the identified risk. Prioritization of risk will be done on the basis of its impact on the organization activities (Davis and Jarvis, 2007). A High risk aspect will be considered first and then the attempts will be made to overcome from lower risk facet. The basic idea behind the management of risk is to identify and reduce the impact of unforeseen events which can have a negative impact on the organization activities.
Risk can be arising from uncertainty of financial markets, threats from society or trade union, threat from failure of the project, legal liabilities, loan repayment, and other natural causes. Efficient management of risk is only possible when the organization accurately assessed its internal environment and external environment of the business which include employees, managers, workers, trade unions, competitor's strategy, organization policies, law and order, technological change, global economic conditions, societal issues, and natural environment activities (Conrow, 2003). After identification and assessment of these factors, well manner objectives of the organization should be set which is in line with the above mentioned factors. With the help of these set objectives, a firm can monitor and control its actual outcome (Frenkel and et.al., 2005).
1.2 Role of business function in the management of risk
The management of the organization has a significant role in the management of risk. Following are the actions or functions performed by the management for efficient risk management of the organization:
Strategic Planning- It helps the organization to focus its all functional department energy towards the common goals of the company. Organization make changes in the existing activities with the changing environment conditions with the help of strategic planning (McNeil, Frey and Embrechts, 2010). Hence strategic planning enables business enterprise for efficient risk management by adopting strategic planning process that includes setting of goals and objectives after internal and external environment analysis, framing of strategies, and effective implementation and monitoring of the defined strategies.
Marketing- Marketing includes activities which help in the overall increment in the revenue of the firm. A good marketing plan will help to create the demand of the product and will also bring new customers for the business. This will reduce the risk of loosening of customer market share (Garvey, 2008).
Assigning Authorities and Responsibilities to The Individuals- The alternative method which management adopts in the management of risk is assigning authorities and responsibilities to the individuals as per his capabilities and also holds him accountable for his task or wok done.
Proper Legal and Accounting Work- There is much complication which arises in the organization due to the improper legal and accounting work. So, management appoints veteran people who have ample of knowledge relating to legal and accounting work so that no complexities can arise in the future (Fight, 2004).
Insurance Against Uncertain Activities- Insurance is the beautiful hedging product which helps in the minimization of uncertain risk which can bring a huge amount of losses to the organization.
Quality Management- Many of times it happens that the whole batch or lot of goods rejected due to unmatched in the quality of the product prescribed and actual production. This risk can be eliminated by implementing quality control equipment’s and inspection department in the organization (Cervone, 2006).
Safety And Health of Workers- This risk can be minimized by giving medical and life insurance to the workers so that their dependents cannot be affected if any accident occurs in a factory or plant.
2.1 Analyzing risk Assessment Process
Today's organizations are constantly changing and due to continuous change in the market conditions. This changing environment makes it essential for a business organization to assess the risk involved in the changed condition. Risk assessment provides a mechanism for identifying which risk can bring opportunity and which risk can prove to be threats for the organization (Schroeder, 2014). It gives the clear picture of those variables which can have significant influence on business activities.
Identification of The Relevant Business Objective- The objectives of the business are set after identification of the potential risk that can affect the functioning of the business. Analysis techniques like SWOT analysis is applied for the identification of the possible risk within the firm and industry (Kutsch, 2008). After identification of the objectives, different strategies are made to achieve these objectives.
Identification of Events That Could Affect the Achievement of Objectives- In this, the owner or management make a preliminary of events which can impact the objectives of the organization. Here, assessment and review of both environment i.e. external environment and environment is done which can influence the organization goals and objectives. The assessment will be done with the help of PESTLE analysis, Value Chain analysis, CATWOE analysis, etc.
Determination of Risk Tolerance- It is the acceptable level of variations in relation to the achievement of particular objective or target. In other words, organization set the extent of acceptability of risk.
Assessing Inherent Likelihood And Impacts of Risk- In this assessment, that risk will be identified which has a higher frequency of occurrence.
Evaluating The Portfolio of Risk And Determining Risk Responses- In this stage, the management determines the ways to effectively deals with the identified risk (Massingham, 2010).
Assessing Residual Likelihood And Impact of Risk- Residual risk are that risk which remains after the identification and evaluation of risk. It provides assurance about the likelihood and negative impact of risk is reduced at the acceptable level by evaluating the effectiveness of the previously done analysis (Caldwell, 2008).
2.2 Approaches to Managing Risk
The approaches that can be used for the management of risk are as follows:
ERM Programmes- ERP Programme is developed for the efficient flow of information and communication across the business enterprise which will help in effective and timely decision making. With the help of this programme, the crucial decision or strategy of the organization can be easily communicate at all level, and the actions performed can easily monitor and controlled. ERP is viewed as a business-driven initiative which has a lasting impact on the operations of the organization (Williams and et.al., 2006). From this approach, risk can be identified at the beginning level and can be controlled at that level only.
COSO- COSO provided the guidance for the effective Enterprise Risk management. It defined and improved the vital elements of enterprise risk management components, key ERM principles and concepts, and suggested a common ERM language which can be understood by any person (Risk Management Process, 2003). COSO approach for risk management provides wide range direction for risk appetite, risk tolerance, portfolio view (Enterprise Risk Management- Integrated Framework, 2004). This framework is highly recognized global organizations.
ISO 31000- ISO 31000 provides principles and guidelines for the framework and processing of management of risk. It helps organizations to increase the probability of achieving objectives and also helps in the allocation and use of the resource effectively by identifying the potential opportunities and threats (ERP Implementation Risk: Identifying, Monitoring, and Remediating Issues Throughout the Project to ensure Success, 2012).
Corporate Governance/Compliance- Ethical and sustainable way of working of the organization also helps the firm for efficient management of risk
Insurance- Insurance always proves to be the best technique for the minimization of losses related to life and non-life aspect like medical and health, safety of plant and machinery, etc.
2.3 Examining the risk management process
Risk Identification- This task is related with the identification of potential risk that can hinder the business activities. Risk can be identified from various sources like change in government policies and any unfavorable change in the market. Some risk is inherent in nature means the risk lies within the organization activities itself like failure of machines and equipment’s (Enterprise Risk Management- Integrated Framework, 2004). The risks which are identified should be properly note down so that the information can be used in future.
Risk Assessment- It is related with the finding out the possibility of occurrence of a risk and its impact on the organization activities. The risk assessment is depicts the cause (occurrence of risk) and effect (impact on organization activity) relationship.
Risk Mitigation- It is related with the systematic reduction in the exposure of risk or the probability of occurrence of an event which involves risk (Frigo and Anderson, 2011). Risk mitigation is concerned with mainly two aspect i.e. Identification of various activities which reduce the impact of risk and creation of situational plan to deal with the probable risk.
Risk Contingency Planning- It involves preparation of plans or series of activities that will help from the adverse effect of the risk. It makes capable the organization to deal with any uncertainties in effective manner (Djebabra and et.al., 2006).
Risk Tracking and Reporting- The probable occurrence of risk throughout the organization risk management activity were tracked and monitored to make the appropriate contingency plan.
3.1 Main drivers of business risk
Business entities are surrounded by internal and exteranal environment and these are the environment which brings different types of risk to the business organization. From the secondary analysis, it was found that there are different internal and external drivers which brings risk like startegic risk, financial risk, information risk, operational risk and hazard risk to the chosen firm Vodafone. The information about the different identified drivers are detailed in underneath points:
Change in interest rates and foreign exhange rates- The change in interest rates and foreign exhanage rates occurs due to economic condition of the country and change inn global currency market. Thus, it happens due to external factors. Whenever interest rates are increased in the market then it increases the financial cost of Vodafone and also makes difficult condition for the firm to raise finance from the banks (Davidsson, 2010). On the other side, when high fluctuation comes in foreign exchange market then it deepenn down the value of foreign currency with the firm. Thus, these changes brings financial risk for the firm.
Competition in the market- The stiff competition in the global telecommunication industry driving startegic risk for the company vodafone. The startegic risk in the sense like the customer market share of the firm is decreasing in the market due to the competitors pricing and product and service strategy (Cervone, 2006). In addition to that new firm are enetring into the market.
Change in consumer buying behavior- The high switching cost of consumer due to fast change in their buying behavior and awareness about the new products and services in the market also increasing the strategic risk for the company Vodafone.
Failure in product development- Failure in product development creats operational risk for the business firm. As Vodafone is dealing in service segment, so the failure in providing of appropriate quality of network service to the customer also arise the situation of operational risk for the firm (Conrow, 2003).
Natural calamities- Occurence of natural calamities like cyclone and eathquack arises hazard risk to the organization. This is mostly seen with the telecommunication and power generation and distribution companies as whenever any natural calamities comes then it decimate mobile towwers, electric polls and etc.
Computer Hacking- Computer hacking could be done by the internal staff or outside people in order to get some undue advantage of the firm (Day and Barksdale, 2000). Computer hacking is done to acquire some confidential data or information related to the firm. It can be done by th rivalry firms of Vodafone to get data about the company's customers. Thus, this will create information risk for the Vodafone.
3.2 Assessing the impact of different types of risk on the business activities of Vodafone
It is known that a risk brings many complexities and fluctions in the business activities whn it arise. In the given below points, the impact of different types of risk on organizational activities of Vodafone is assessed.
It is known that a risk brings many complexities and fluctions in the business activities whn it arise. In the given below points, the impact of different types of risk on organizational activities of Vodafone is assessed.
Financial Risk- In the above task it was understood that financial risk occurs firm due to the resultant of change in interest rates and foreign exchange rates (Dey and Ogunlana, 2004). Now, the way it affects the organzizational activities would be explaind in forthcoming sentence. When the central banks increases the bank rates then banks increases their lending interest rates and also increase the interest rates of the loan which the aleady given. Thus, this hikes in interest rates increases rthe financialm cost to the company like Vodafone if they already had taken a loan from the bank. The increment in financial cost decreases the net income of the firm.
Strategic Risk- The telecommunication industry is operating under high competitive environment and this increasing the startegic risk to the firm like Vodafone to sustain and grow in the industry (Djebabra and et.al., 2006). The high competition in the telecommunication industry is steeping down the customer market share as well as the sales revenue of Vodafone company which ultimately affecting the business performance of Vodafone (Kagaari, Munene, and Ntayi, 2010).
Operational Risk- This risk makes a negative impact on the customer's mind when the product or service is not offered according to their needs and requirements. The customers of telecommunication industry gets highly dissatisfied when the could not get proper network from the service provider (Garvey, 2008). Vodafone always believes in providing of high quality network service to the consumers and thus it is not having any operational risk.
Hazard Risk- This risk can boot-out the Vodafone from the market when the losses are not bearable to the organization after the occurrence of some major natural calamity or other accidents (Williams and et.al., 2006). It gives heavy financial and non-financial losses to the firm.
Information Risk- Vodafone keeps huge data and information related to its customers, clients, suppliers, blueprint of new service and other confidential documents. But when this data would be theft or hacked illicitly then it would create huge loss for the Vodafone (Massingham, 2010).
3.3 Assessing the business areas that have a high degree of risk
In the business organization like Vodafone, risk is the element which is present in each and every activities and functions. However, there are some areas which are considered as high-risk areas. These high risk areas are related to Data, Systems Integrity, Reputation, and financial theft.
Data are the information or key documents of the company with the help of which organization grow and sustained in the highly competitive market. This information can be related to the potential customers, creditors, suppliers, blueprints of new product or service development and future organizational strategy (Caldwell, 2008). This information plays a crucial role in the growth and development of the company (Vodafone). However, when this confedential and important information are leaked or goes in the wrong hands then it creates major complication or problems for the firm.
System Integrity is the intended function of every business organization including Vodafone which is carried out under high supervision and surveillance. This function cannot be changed or done in other way until and unless any specified instructions or approval from higher authority is provided (Kagaari, Munene and Ntayi, 2010). Research and development department of Vodafone is one of the examples of system integrity which has high degree of risk (Tchankova, 2002). Company invest huge amount of funds in R&D to bring innovation in the products and services in highly competitive environment. Research and development department is considered to be as high risk area because in the particular department many activities are conducted which is kept confidential inside as well as outside the organization and when some crucial information about the new product or service of the leaks in the market then large investment of the firm will go in vain (Kutsch, 2008). Moreover, it can even create Osborne effect for the firm.
Reputation again is the key element of the organization. Vodafone always makes efforts to increase its brand image in the market by undertaking right decisions and sustainable strategies. Brand image is the intangible asset of the organizations which helps the firm in increasing the market valuation (Kutsch, 2008). However, often it happens that the brand image of the firm gets highly affected when the news comes related to happening of illicit activities In the organization, fraud in recording of financial transaction and tax evasions and etc in the media and newspapers (Massingham, 2010). This type of situation even affect the firm in such a manner that it breaks the strategic alliance of the firm with other countries business firms.
Financial theft is also one of the biggest high risk areas in the business organization like Vodafone. Financial theft can be done by the internal staff or the outside person like computer hacker. The occuring of financial theft creates big question mark on the security related aspect of the organization. This type of occurrence creates wrong image in the minds of shareholders of the company.
3.4 Analyzing risk management strategies
Management of risk can be efficiently done by adopting good practices and policies in the organization related to employment practices, fraud prevention measures, health and safety policy, protection of physical assets and business continuity, process and product management, bechmarking and disaster management (McNeil, Frey and Embrechts, 2010). The detail description about different risk management startegies which can be used in Vodafone are explained in underneath points:
Employment practices- Vodafone management can adopt good employment practices like adequate remuneration policy, wages policy, promotion and recognition policy which will help the firm in eliminating the risk related to high employee turnover.
Fraud Prevention measures- Vodafone effectively control or eliminate fraud by adopting robust fraud policy and code of conduct (Schroeder, 2014). Fraud can also be eliminated successfully by conducting regular training on fraud awareness in the organization. A 360 degree evaluation of employees can also be done to eliminate fraud in the organization. Further, putting right number of CCTV cameras in different department can also help in eliminating frauds in the organization.
Health and Safety policy- The company can follow Health and Safet at Work Act 1974 of UK government in order to ensure proper care is adopted for health and safety of staff at the work place. In addition to this Vodafone can also make its own health and safety policy in oredr to eliminate accidents and harms at the work place (Williams and et.al., 2006).
Protection of physical assets and business continuity- Vodafone can also make sound policy related to protection of physical assests of the firm which will ultimately help in reducing losses of failure of machinery or equipment. In this regard, company would require to give regular training to the staff about how to operate the equipments with safety and security (Enterprise Risk Management- Integrated Framework, 2004).
Process and Product Management- The policy related to process and product management will also help Vodafone significantly in the management of operational risk which related to product failure. The particular policy will help the firm in indetifying the loopholes and overcoming from the identified problems.
Benchmarking- Benchmarking means setting standards for accomplishing some task in the defined manner. Seeting of benchmarks helps organization in doing assessment or comparison that standard has been achieved or not by the assigned team or department.
Disaster Management- In the contemporary time, it is very important for the business firms to have disaster management policy in order to respond effectively in any emergency situation (Frigo and Anderson, 2011). A disaster management staretgy could be assigning proper roles and responsibilities and developing a quick task force team in the organization to meet any immediate requirements.
4.1 Analyzing the vulnerability of businesses to breaks in continuity
Business organziations always expects and foresee that the business will run smoothly in any environment or any situation for the long run. However this anticcipation doesn't prove to be prolific always as business organizations are surrounded by many things which affects or influence the activities of the business (Risk Management Process, 2003). These factors are known as breaks which creates vulnerability for the continuity of the business. The similar type if things happened with the company Vodafone also. The details about factors and the vulnerable impact which they creates on the organization operations are discussed in underneath points:
Size of business- Size of business signifies the capabilities of the firm with respect to competing in the market and achieving of growth in the indudtry. It is usually seen that a large size organization able to grow and expand quickly as it usually has good financial resource, human resource, technological resource, physical resource, credibility in the market and strong brand image (McNeil, Frey, and Embrechts, 2010). However, it also affected in higher manner if it incurs loss in high numbers. A small size organization grows with slow pace in the market as it do not have that much financial and physical resource through which it can be expanded. It grows with the profit made on year on year basis and get affected with the amount of loss incurred.
Operating environment- Operating environment reflects the working culture and the competence of human resorurce of the organization (Massingham, 2010). If the organization would have staff with competent skills then it would be able to establish core competence in the industry as it would not be able to make profits. Howver, this is not the case with Vodafone firm.
Physical environment- Physical environment depicts the assets and technological resource of the firm. When the firm would have good physical environment then it will successfully grow in the market but when the physical environment will not be prolific for the firm then it would make worse situation for the organization.
4.2 Approaches to crisis management and continuity planning
There are numerours approaches related crisis management which a organization like Vodafone can adopt effectively to resolve issues related to conflicts, grievances, downswing in business, dissatisfaction among the consumers, conflicts with suplliers and etc (Kutsch, 2008). Large organization makes a separate department which deals with the customer and employees grievances and complaints. The approaches which can be used for the successfully management of crisis in Vodafone are business continuity planning, impact assessment, threat assessment, scenario defination, recovery solution design, implementing communication and testing and etc (Kagaari, Munene and Ntayi, 2010). Crisis management approach will help the firm to deal with complex problems that affect Vodafone activities and its stakeholder trust. Crisis management is implemented in the Vodafone after careful assessment of the impacts and threats of the internal and external environmental factors (Frenkel and et.al., 2005).
From this report, it was found that at what extent management of risk is essential in the organization. In this report, risk management and risk assessment process is evaluated and explained by considering various factors and drivers that affect the Vodafone business activities. It has been found that the management plays a crucial role for the effective risk management in the Vodafone by identifying the future uncertainty that can influence the business activity. Management analyzes the internal and external environment of the business by adopting various techniques like SWOT analysis, PESTLE analysis and other (Conrow, 2003). These factors are analyzed because they are drivers of business risk. Further, the report also discussed various approaches for management of risk like ERP programme, COSO, ISO 31000, corporate governance, etc.. last but the not the least, it was found that there are various function areas of the organization which falls in the bracket of high degree of risks such as System Integrity, Data, Financial theft, and reputation.
For more such specimen written by our Australian assignment writing help experts, you can go through our sample section!
- Caldwell, F., 2008. Risk intelligence: applying KM to information risk management. VINE. 38(2).
- Cervone, F. H., 2006. Project risks management. OCLC Systems & Services.
- Conrow, H. E., 2003. Effective Risk Management: Some Keys to Success.
- Davidsson, M., 2010. Risk management in a pure unit root. Journal of Risk Finance.
- Davis, E. A. and Jarvis R. P., 2007. Risk Management: Survival Tools for Law Firms. American Bar Association.
- Day, E. and Barksdale, H. C., 2000. Organizational Purchasing of Professional Services: The Process of Selecting Providers. Journal of Business & Industrial Marketing.
- Dey, K. P., and Ogunlana, O. S., 2004. Selection and application of risk management tools and techniques for build-operate-transfer projects. Industrial Management & Data Systems.
- Djebabra, M., and et.al., 2006. Pollution risk management of a natural medium. Management of Environmental Quality: An International Journal.
- Fight, A., 2004. Credit Risk Management. Butterworth-Heinemann.