UNIT 1 : Introduction to Risk Management

A] The Concept of Risk Identification of Risk faced by Organisation

Risk is the chance that actual returns will differ from their expected values. i.e Volatility.
More volatile the returns ,higher the risk.
Though it is a fact that risk includes both , the upside and the downside, generally, the
upside is acceptable and desirable.[ i.e when actual returns are higher than the expected
returns ]
Hence, corporate Risk Management generally tries to manage the downside risk.
The aim of RM is to maintain the overall and specific risks at the desired levels at minimum
costs . RM is the practice of identifying the potential risks in advance ,analyzing them and
taking precautionary steps so that it can be made sure that the organization achieves its
goals.
Identification of Risks Faced by Organisation
-Risk Identification is the process of determining risks that could potentially prevent the
company from achieving its goals.
-Risk Identification is a systematic effort to identify and document the organisation’s key
risks.The objective of risk identification is to understand what is at risk with context of
organisation’s goals and thus identify threats and events that may prevent ,delay or
degrade achieving its goals.
-A Risk which is not identified may have a critical impact.
-In order to manage risks effectively, organization needs to know the risks which the
company may face. It should cover all risks, irrespective of whether or not such risks are
within the company’s control or not .
-Risk Identification is an on-going process and new and emerging risks should be identified
on timely basis.
-Risk Identification should not excessively rely on the inputs of a few senior officials.It
should also take into consideration the unbiased independent sources
-Risk Identification can be done with the help of following internal and external sources
such as :
i]Financial Analysis
ii]Historical Analysis
Iii] Actual Loss Data
Iv] Interogation of Management and Other Staff
v] Comparison and Benchmarking against Peers
vi] Forecasting
B] Risk & Uncertainty, Strategic and Operational Risk
An important difference between Risk and Uncertainty is that the variability that can be
quantified is called Risk whereas the variability that cannot be quantified is called
Uncertainty.
Though we cannot measure uncertainties ,we can still assess and manage them.
Risk is the chance of loss or exposure to danger [due to internal or external factors] that can
be minimized thru preventive measures.
Uncertainty is something which is not known . It may be due to insufficient information or
knowledge about the present condition , hence it is difficult to predict its future outcome.
Risk Uncertainty
1.Definition: Probability of winning or It is a situation where the future
Losing something of value events are unknown
2.Measure: Can be measured Cannot be measured
3.Outcome: Chances of outcome are Outcome is unknown
Known
4.Control: Controllable Uncontrollable
5.Reduction: Possible Not Possible
6.Probabilities: Assigned Not Assigned
Strategic & Operational Risk
Strategic Risk
-Strategic Risk is a loss which may arise when an organization changes its business strategy
compared to its competitors for eg. Making poor business decisions, Inadequate
Resources, Failure to respond well to changes in business environment,.
- Strategic Risk may result due to wrong /faulty business strategies
-Many times ,large investments are required which carry large risk and uncertainty and
these investments may prove to be non-profitable and unsuccessful .Hence , such
investments carry this Strategic Risk.
-Egs of Strategic Risks are : Competition , Market Changes, IT Systems, Regulations
Strategic Risk can be classified as Business Risks and Non Business Risks.
Business Risks – These risks arise from the decisions which the management takes eg
Marketing Strategy ,Products & Services , Sales & Costs, Technology.
Non Business Risks- Products & Technology becoming obsolete , Competition & the actions
of rivals
Operational Risks
-Operational Risk arises from the functioning of an organization
-Operational risk considers a wide range of non-financial problems such as inadequate
computer systems , insufficient internal controls ,incompetent management , frauds
,pending legal issues , etc.
-Legal Risk is the most common Operational Risk. It arises due to regulations .It can be
avoided by conducting legal audit ,good and clear communication by parties involved,
strong compliance policies , employing qualified staff.
-Operational Risks can also be reduced if business operations are properly insured.
-Poor Operational RM can damage an organisation’s reputation and also cause financial
damage.
-Operational Management [People who are actually involved in operations ] may
consider following aspects to minimise operational risk:
i] Operate within relevant levels of authority ,procedures, policies
ii] Obtain sufficient information about market and customers before entering into
transactions
iii] Assess funding requirements and arrange for raising the required funds.
Iv] Preparing regular, accurate ,and timely income statements and ensure that the controls
are in place
v] Ensure controls to safeguard organisation’s assets and their appropriate usage.
Operational Risk Sub –Categories
i] People – Fraud , Inadequate Training /Supervision , Unauthorised activity
ii] Process – Payment Failures, Improper Documentation ,Valuation and Pricing Errors
,Reporting Errors
iii] Systems – System Failures ,Inadequate Resources
iv] External Events – Regulations , Political , Competition
C] Dynamic Nature of Risks
-Risk is not static or fix in nature. It is constantly influenced by changes , both internal and
external, hence keeps on fluctuating.
-Thus, most risks identified by RM Process are dynamic in nature egs of factors which create
high uncertainty and thus risk are Technology ,Competition , Economic Policies
-By adopting various techniques to identify risk ,and adapting methods to minimize them,
risk can be managed
-Thus ,the process of Risk Identification should be dynamic and continuous .
D] Business Risk
Business Risk revolves around the uncertainty regarding the entity’s Income Statement.
Revenues and Profits may be uncertain because of the uncertainty surrounding the demand
for the products and the price that should be set. Production costs and administration costs
may also be uncertain.
It refers to the risk of a particular business failing and thereby losing its investment. Poor
business performance may be caused by a variety of factors such as higher competition ,
new technology , wrong choices of distribution and marketing channels etc.
Every company operates within a particular operating environment .This environment
comprises of both , internal environment and external environment outside the firm. The
impact of these operating conditions is reflected in the operating costs of the company.
Operating Costs can be separated into fixed costs and variable costs. A larger portion of
fixed cost is a disadvantage to the company. This is because if in any year, company’s
revenues/profits decline , the company will not be able to recover its fixed costs also.
Thus, business risk is the variability in operating income caused by the operating conditions
of the company.
Business Risk depends on a number of factors .Hence , some of the Sources of Business Risk
are:
i] Competition
ii] Changes in demand ,technology , Govt. Policies , Obsolescence
iii] Mismanagement ,Employee Related Issues and Problems
iv] Operating Profit , Fixed Costs, Selling Price
v] Regulatory Risk ,Legal Risk
E] Financial Risk Faced By Organisations
Financial Risk is a result of over-dependence on borrowed funds. If a company uses a large
amount of debt , then it has to pay a relatively large amount of fixed interest.
These compulsory fixed interest payments have to be made whether the company makes
profit or loss. As a result , it creates fluctuations /variations in shareholder’s profits.
During recession , due to lower revenue ,risk of non-payment of fixed interest increases
and exposes the company to financial risk.
Variability in EPS due to presence of debt in Capital Structure of a company is also referred
to as Financial Risk
Financial Risk can be avoided by the company by financing its activities without using
borrowed funds or using it to the minimum level.

Difference between Business Risks and Financial Risks

Business Risk Financial Risk
1.Meaning Risk of insufficient profits, Risk due to debt Financing
i.e not able to cover exps
2.Measurement Variability in EBIT Capital Structure,Debt Equity ratio
3.Associated with Economic environment Use of Debt
4.Minimising Difficult to minimize Can be lowered by lower use of debt
5.Types Strategic Risk,Operational Credit Risk,Liquidity Risk,Exchange Rate
Risk,Reputation Risk Risk,Market Risk
6.Identified By Difference in Net operating Difference in return of equity Share
Income & Net Cash Flows holders
F] Objectives of RM
- RM is forecasting and managing risks that could delay the organization to achieve its
objectives.
-RM is an art of managing people ,processes ,and institutions
-RM is not just responding to anticipated events, but it is also to build an organization which
can withstand unanticipated and unexpected events.
- RM considers hazards and operational risks that can affect the organization.
The main objectives of RM are :
i] Detection Of Risks
It involves identifying the threats which can affect the organization
Ii] Communication and Analysis of Risk
It deals with collection and calculation of data regarding risk. Accurate analysis of the risk
helps in implementing effective solutions. It also includes communicating these risks to the
decision makers.
Iii] Control of Risk/ Managing these Risks
It involves making decisions after monitoring the surrounding that the threats /risks are
effectively handled.
Other Objectives of RM are :
Iv] Develop a common understanding of risk across multiple business functions so that risk
can be managed cost-effectively and for competitive advantage.
v] Build safeguards to protect earnings
vi] Improve capacities to handle the risks effectively especially critical risks
vii] Achieve cost savings thru better and efficient resource allocation /capital allocation
G] Process of RM
RM is the systematic application of management policies , procedures , and practices to
identifying ,analyzing ,monitoring and controlling risks.
Following are the steps for RM process:
Step 1: Identify the Risk
To properly identify /recognize the existing risks or the new risks which may arise. Thus
,Risk Identification is a continuous process.
Step 2 : Analyse and Categorise the Risk
Once the risk is identified ,its probability and chances of affecting the company or
department’s goals should be understood
Step 3 : Evaluate and rank the Risk
Evaluate the risk as to whether it is decreasing ,stable or increasing over the next few
months.[i.e decreasing risk is ranked lower and increasing risk is ranked higher]. Ranks can
also be given as per the magnitude of risk.
Step 4 : Treat and Manage the Risks
This is also called Risk Response Planning . The risks with highest ranks need to be assesses
and prevention plans need to be created.
Step 5 : Monitor and Review the Risk
Companies should establish and communicate policies ,procedures that define
responsibility and authority to monitor the levels of risks i.e Risk Limits.
These limits are tools to control the various risks .Corrective actions are also initiatedbased
on this.
===================================================