Risk Management Training Objectives

RISK
MANAGEMENT
TRAINING

Risk Management Training Objectives
To train Project Managers & Staff in:
1. The Risk Management process:
establish the risk context;
assess risks;
manage or treat risks;
Monitoring risks and risk treatments.
2. To introduce ISO 31000:2009 (International Risk
Management Standard)
What is risk ?
Risk: the effect of uncertainty
on objectives.

(ISO 31000:2009)
What is Risk Management ?
Risk Management: coordinated
activities to direct and control and
organisation with regard to risk

(ISO 31000:2009)
Risk Management Principles
1. Risk management creates & protects value

2. Risk management is an integral part of all
organizational processes

3. Risk management is part of decision making

4. Risk management explicitly addresses
uncertainty

5. Risk management is systematic, structured
and timely

6. Risk management is based on the best
available information

7. Risk management is tailored
8. Risk management takes human & cultural
values into account
9. Risk management is transparent and inclusive.

10. Risk management dynamic, inter-active and
responsive to change

11. Risk management facilitates continual
improvement of the organisation.

Risk Management Framework
Risk Management Framework: a set of
components that provide the foundations and
organizational arrangements for designing,
implementing, monitoring, reviewing and
continually improving risk management
throughout the organization.
From ISO 31000:2009
Mandate & Commitment
Design of framework for managing risks
Continual improvement of
the framework
Implementing Risk
Management
Monitoring & review of
the framework
Continual Improvement &
PDCA Cycle
by Walter A. Shewhart
(1891 -1967)
Design of framework for managing risks
Understand the organisation & its context
Establish risk management policy
Accountability
Integration into organisational processes
Resources
Establish internal communication & reporting
Establish external communication & reporting

Risk Management Notes 1
Risk Management involves thinking as the
answers are not in books, and not available
via Google.

The answers / decisions are only available by
one or more people thinking, eg. in a Risk
Management Workshop.
When implementing the Risk Management
process -
In which time direction are we primarily
looking?
Historical records enable some companies to
better predict the future by looking at the
past as stored in their records.
History provides some guide to the future
based on the idea: history repeats itself
Establish the context
Risk identification
Risk analysis
Risk evaluation
Manage / treat the risks
Monitor
&
Review
Communicate
&
Consult
Risk acceptable?
Yes
No
Establish the external context;
Establish the internal context;
Establish the risk management context;
Develop risk criteria
Define the structure for the rest of the process

Establish the external context;
Establish the internal context;
Establish the risk management context;
Develop risk criteria
Define the structure for the rest of the process

Identify Risks
Identify all risks, including those risks not
controlled by the organisation.
Tools and techniques for Risk Identification

Risk Identification
Sources of risk

Key questions in
identifying risk

Risk Identification & Risk Analysis
Risk Identification and Analysis is like looking
into the crystal ball
Risk Analysis
In conducing a risk analysis we:
Put a value on Likelihood; and
Put a value on Consequence.

Likelihood & Consequence
Likelihood: The chance of something
happening

Consequence: The outcome of an event
affecting objectives

From: ISO 31000:2009

Risk Analysis
Putting values on Likelihood & Consequence
is predicting the future.
There is no right or wrong value for
Likelihood nor Consequence, because
We are looking into the future, and
No-one knows the future, except maybe
the

CONSEQUENCE
L
I
K
E
L
I
H
O
O
D

1 2 3 4 5
Insignificant Minor Moderate Major Catastrophic
5 Almost Certain 5 10 15 20 25
4 Above Average 4 8 12 16 20
3 Moderate 3 6 9 12 15
2 Rare 2 4 6 8 10
1 Very Rare 1 2 3 4 5
Risk Analysis
The objectives of risk analysis are to:
separate the minor acceptable risks from the
major risks; and
provide information to assist the evaluation
and management of risks.
Key Questions related to Risk Analysis
Risk Analysis
The consequences of risks, and the likelihood
that the risks may occur, are combined to
produce:
a level of risk
(or risk rating).
Possible methods of risk analysis
Qualitative methods; and

Quantitative methods.

Risk Evaluation
Risk evaluation involves:
comparing the level of risk found during the risk
analysis process,
with previously established risk criteria.

Risk Evaluation
The output of risk evaluation is:
1. determination of which risks are
significant, and therefore require treatment;
and
2. a prioritised list of significant risks for
treatment.

Risk evaluation should take into account:
the existing controls over the risk;

the cost impacts of the risk;

the benefits and opportunities presented by the
risk.

Risk Treatment / Risk Management
Risk treatment: process to modify risk.

Risk Acceptable ?
Identify treatment options
Assess treatment options
Prepare treatment plans
Implement treatment plans
Residual Risk Acceptable ?
No
Monitor
&
Review
Communicate
&
Consult
Yes
No
Yes
Residual Risk
Definition: The risk remaining after risk
treatment
From: ISO 31000:2009

Risk treatment options for risks with
positive outcomes
Actively seek an opportunity;

positive outcomes
Change the likelihood of the opportunity (for
increased beneficial outcomes);

positive outcomes
Change the consequences of the
opportunity (for increased beneficial
outcomes);
positive outcomes
Share the opportunity

positive outcomes
Retain the residual opportunity.
negative outcomes
Avoid the risk;
Reduce the likelihood of the risk causing
negative outcomes;
negative outcomes
Reduce the consequences of the risk
causing negative outcomes;

negative outcomes
Reduce the consequences of the risk
causing additional negative outcomes;

negative outcomes
Share the risk;

negative outcomes
Retain the residual risk.

Risk Treatment

1. Identify risk treatment
options

2. Assess risk treatment options

3. Prepare Risk Treatment Plans

4. Implement Risk Treatment
Plans

Funding Risk Treatment
Organisations should:
try to retain as much risk as possible; and
only fund through insurance those risks which
might adversely affect operating results, or risks of
a catastrophic nature.
Escalation in Risk Management
Risk rating escalation
- Is critical to ensure
risks are known &
accepted at the
appropriate
management level
Escalation in Risk Management
Risk rating escalation
- Is critical to ensure
risks are known &
accepted at the
appropriate
management level
Reputation
Penalties
new projects
existing work
viability of
BP
Monitor & Review
It is essential to continually monitor and
review:
the identified risks;
the effectiveness of the Risk Management
Plan; and
the outcomes of the Risk Management
Plans.

Recording Risk Treatment
1. List the feasible and cost
effective risk treatment options in
a Risk Management Plan (RMP).
2. Record monitoring of the
implementation of risk
management actions (in RMP)
including their effectiveness.

Did we achieve the objectives?
Do you understand:
1. The Risk Management process?
Establish the risk context;
Assess risks;
Manage / treat risks;
Monitor risks & risk management actions.
2. ISO 31000:2009

RISK MANAGEMENT

The End

Thank you &
remember Risk
Management is as
important as your
own life

Risk Management Training Objectives

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Risk Management Training Objectives

Diunggah oleh

Hak Cipta:

Format Tersedia

RISK

Anda mungkin juga menyukai