Anda di halaman 1dari 34


 Risk can be considered as uncertainty of

outcomes based on probabilities.
 It can create both problems and opportunities for
businesses and individuals.
 Risk regarding the possibility of loss can be
especially problematic.
 When there is uncertainty about the occurrence
of a loss, then risk becomes an important
 The risk surrounding potential losses creates
significant economic burdens for businesses,
government and individuals.
 Millions of shillings are spent each year on
strategies for financing potential losses. But
when losses are not planned for in advance, they
may cost even more.
 Therefore the cost of risk is the sum of:-
1) Expenses of strategies to finance potential
2) The cost of unreimbursed losses
3) Outlays to reduce risks
4) The opportunity cost of activities forgone due to
risk considerations.
 Property Risks. All organizations and
individuals are exposed to risks that the property
may be damaged, destroyed or stolen.
 Liability Risks. Liability judgment may result in
payments made to compensate injured parties
as well as punish those responsible for the
 Even in situations when an individual is absolved
of liability, there are expenses involved in
defending a case which could be substantial.
 Consequently, both individuals and businesses
must be careful to identify all sources of liability
risk that may affect them and then make suitable
arrangements for dealing with such exposures to
 Life Risks. Potential losses associated with the
life of an employee. The immediate impact to
loss of life is the pre mature death of the
 The possibility of an untimely death of an
employee exposes the employer to potential loss
if the replacement of the skills and experience is
not readily available.
 The death of an employee can be disruptive for
other workers and may result to temporary
reduced productivity. This is especially true if the
death is due to job related conditions.
 Compensation due to death may involve
payments of substantial lump sum to the next of
 Health Risks. These are risks that affect
employees due to unfavourable working
 This affect the workers and the employers in the
sense that, the workers will be weak and
therefore affect their productivity. On the other
hand it may be the responsibility of the employer
to cater for their medical expenses. This will
make the organization incur losses associated to
health care.
 Financial Risks. These include credit risks and
interest rates.
 Technical Risks. These are risks to do with the
introduction of new technologies at work place.
This occurs when new equipment are procured
and the staff may be lacking skills to operate
 Execution Risks. These are risks that may
occur in the implementation of decisions. For
example poor project management skills,
diversion of initial projections etc.
 Commercial Risks. These are risks that are
incurred in trade and other commercial activities.
For example in procurement, sale of treasury
bills and treasury bonds etc.
What is risk management?
 Risk management is the systematic ongoing
process by which an organization identifies,
prioritizes and implements programs to reduce
risk exposure in an organization. The process
therefore focuses on management of potential
adverse outcomes.
 Many businesses have a special department for
instance Risk or Disaster Management
Department that are charged with overseeing the
firm’s Risk Management activities. The head of
such a department often has the title of Risk
 Some other firms have formed Risk Management
Committees or have positions for Chief Risk
Officer(CRO) who coordinates the firms risk
management activities.
 The Risk Manager or the CRO are involved in many
aspects of a firm’s activities e.g.
 Developing employee safety programs
 Examining planned mergers and acquisitions
 Analyzing investment opportunities
 Purchasing insurance to protect against some types of
 Setting up pensions and health plans for employees.
 The above are coordinated in a firm in order to meet
strategic goals. This is so because risk management is
an integral part of business planning.
 Whether the concern is with the government, an
individual or a business situation, the same general
steps can be used to systematically analyze and
deal with risk. Risk Management Process
1. Establish the context
2. Identify the risk
3. Analyze the risk
4. Evaluate the risk
5. Treat the risk
6. Monitoring and review
7. Communication and consultation
Establish the context

 The strategic and organizational context in which

risk management will take place.
 For example, the nature of your business, the
risks inherent in your business and your
Identify the risks

 There are many potential risks and its important

to identify relevant exposures to risks
 Firms exposure can be from a variety of sources
including operational, financial and strategic
 Thus define types of risk, for instance, ‘Strategic’
risks to the goals and objectives of the
 Past events, future developments.
Analyze the risks
 How likely is the risk event to happen?
(Probability and frequency?)
 What would be the impact, cost or consequences
of that event occurring? (Economic, political,
Evaluate the risks

 Rank the risks according to management

priorities, by risk category and rated by likelihood
and possible cost or consequence.
 Determine inherent levels of risk.
 Considerations should be given to the most
probable size of any losses that may occur and
to the maximum possible losses that might
Treat the risks

 Develop and implement a plan with specific

counter-measures to address the identified risks.
 Consider:
 Priorities (Strategic and operational)
 Resources (human, financial and technical)
 Risk acceptance, (i.e., low risks)
Treat the risks

 Document your risk management plan and

describe the reasons behind selecting the risk
and for the treatment chosen.
 Record allocated responsibilities, monitoring or
evaluation processes, and assumptions on
residual risk.
 A best way of treating risks is by way of
 Risk Mitigation. These are measures that are
put in place in order to reduce the impact of risks
in the event of occurrence.
Risk Mitigation Techniques
Accepting Risks. If the probability of occurring
is low and the likely consequences minimal
then, the organization can ignore the risk.
Minimize Risk. Risk minimization can be
realized by taking precautionary measures that
would reduce potential risks e.g auditing,
meeting standards, following procedures,
respect of law etc.
Share Risks. Risks may be proportionately be
shared among the workers or organisations. For
example the medical insurance for the civil
servants. The medical expenses for civil servants
are catered by the individual, government and
the National Hospital Insurance Fund.
Transfer risk. In some circumstances when it is
not possible to change the nature of risk either
through elimination or minimization, it may be
possible to shift the risk to another party.
Insurance premiums.
Use of contingency reserve. These are specific
provisions for unforeseen elements of costs in
any activity. While planning for activities it is
necessary to set aside a certain percentage of
the total cost to cater for uncertainties. This is
derived from documentations of the past risk
events which would have required the need for
such contingencies.
Mentoring. In mentoring programme junior or
inexperienced officers are paired with senior officers
in order to help them to learn the best practices. The
experienced officers help the inexperienced
personnel clarify problems, suggest solutions and
monitor them as they develop skills.
Monitor and review
 In identifying, prioritising and treating risks,
organisations make assumptions and decisions
based on situations that are subject to change,
(e.g., the business environment, trading patterns,
or government policies).
 Risk Managers must monitor activities and
processes to determine the accuracy of planning
assumptions and the effectiveness of the
measures taken to treat the risk.
 Risk management therefore should be an
ongoing process in which prior decisions are
reviewed regularly. Sometimes new risk
exposures arise or significant changes in
expected loss/frequency occur.
 The dynamic nature of many risks requires a
continual scrutiny of past analysis and decisions.
How to Identify risks at Work Place
 Brainstorming. This is done by bringing all
members of staff together for a meeting in order
to generate good list of potential risk factors.
 Expert opinion. The organization can consult
experts either within the organization or seek for
consultancy services from other professionals.
 Alternatively the organization may consult form
other organizations which have had similar
 History. In most cases the best source of
information on future risks is history. The
management should be able to know the risks
that have been frequently occurring over a period
of time.
 Team based assessment. Using single – case
sources to identify risks in an organization is
itself a risky proposition. This due to the potential
bias in any one person’s viewpoint. Risk
management process can only be achieved if the
organization involves people with different
capacities in handling risk situations.
1. Identify risk prone areas in your organization
and ways in which an organization can mitigate
against such risks.
2. What challenges do organizations face in
managing risks?