In order to determine the degree of risk, you apply the formula:
Risk = Likelihood of something happening × Impact.
- Each risk then needs to be quantified.
- Managing the risk then involves selecting tools from the risk management armoury to prevent or minimise the risk by reducing the likelihood of it happening or it’s impact.
- Insurance is one tool to reduce the impact of a risk.You can always explore from those offered by different insurance service providers and choose the package that most minimises the risk.
- Another option is to accept the risk.This decision should be taken after careful assessment of the risk and the possible consequences of accepting it.
- Although risk management is a responsibility of the Board,every organization should appoint a risk officer to take the lead in risk management.The risk officer should be responsible for preparing and updating a risk register.
- The risk register will form the basis of the risk management strategy that is necessary for good governance.
A sample risk register
|Risk||Likelihood of risk||Potential impact||Control procedure||Monitoring process||Ownership||Further action||Date of review|
|Reduction in funding from government.||Low||High||Setting and achieving required performance.||Using performance indicators.||You,Board||Report on performance to the Board every month.||Every 3 months|
Ways of reducing the risks that affect an organization
- Having a risk management process to avoid some risks and to manage others properly.
- Change the way the organization is governed to mitigate potential risks.When an organization is governed in a transparent and accountable way,many risks associated with public image, funding and stakeholder satisfaction can be avoided.
- Change the strategic direction of the organization if necessary.
- Reduce or expand services and change the way of operating to reduce risks e.g introducing the evaluation and control procedures can assist greatly with the management risk.
- If there are significant risks facing the organization,it may be possible to take out insurance to cover the risk.For example insuring the officials and athletes in a sports organization against injury.
As with governance,the process of risk management should be transparent and communicated throughout the organization.The annual report should include an acknowledgement of the Board responsibilities,the process followed and a confirmation of the systems in place to control areas of major risk.In this we all stakeholders become comfortable with risk management of the organization.
Was this article useful?