Risk management has a critical role that all organizations must take seriously to ensure that their operations remain sustainable. Chapman defines risk management as “the practice of identifying potential risks in advance, analyzing them, and taking precautionary steps to curb the risk factor” (34). It is a proactive approach to managing issues that may have adverse effects on a firm. Less successful organizations tend to be reactive when it comes to managing risks. They wait for the risk factor to occur before coming up with ways of managing them. This reactionary approach is potentially dangerous, especially when dealing with serious environmental forces that may have a crippling effect on a firm’s operation. Torben advises that it is necessary to have an effective system that predicts possible risks and proposes ways of identifying and managing them long before they occur (84). Such a system makes it easy to plan for undesirable events so that when they occur, it becomes easy to manage them. Successful businesses and organizations have learned how to use various risk management models to prepare in the most effective way possible. In this paper, the researcher looks at current risk management strategies that companies use in the modern business environment.
Risk Assessment Models
Managing risk is a complex process that requires effective systems and structures within an organization. Scholars have come up with various models that can be used in assessing risks within different settings. Adalsteinsson explains that a model that is used to manage risks by a medical doctor may not be the same as that used by a chief executive officer in a given organization (47). The nature of the business of a given entity defines the most appropriate model for assessing the various issues that may arise. In this section, it will be necessary to discuss the most common risk assessment models in business settings.
According to Bai, knowing when and how a risk factor will occur can be challenging (58). Sometimes the risk factor may be caused by unpredictable natural causes such as earthquakes, floods, and changes in weather patterns. A probability model is often used to assess the likelihood of the occurrence of these risk factors and the consequences they might have. The model uses mathematical calculations to provide the rate at which a given undesirable factor may occur. It starts by identifying a series of independent variables that have a direct impact on the dependent (risk factor) variable. The assessor will then determine the chances that each of these independent variables will occur within a specified duration. The final stage is to determine the magnitude of the occurrence of each of the independent variables. Through this approach, it is possible to have a mathematical value that defines the chances that a given risk will occur.
When this model is used, an assessor will state that the chances of a given risk factor occurring are 75% based on the analyzed factors. However, Chapman warns that one should be careful when using this model (53). Although it is always accurate in predicting the likelihood of occurrence of a risk, it does not mean a lower figure means the risk will not occur. Sometimes the estimation may show that the chances of a risk occurring are 2%, and it actually happens, while that which had a 98% likelihood of occurring fails to occur. It means that the management should always be ready to deal with the identified risk, however low the statistics of its occurrence are (Lam 62). Another one of the main weaknesses of this model is that it does not provide a detailed explanation as to why the risks occur beyond stating the dependent and independent variables.
The empirical model of risk assessment addresses the weaknesses of the probability model. This model uses historical records, combined with new research, to assess risks in great detail. Adalsteinsson states that when using this model, the assessor will look at similar risks that have happened in the past (32). The trends of such risks will be analyzed to understand what caused them and the consequences they had. The assessor will then look at current environmental forces to evaluate if a similar occurrence can be envisaged. The assessor will also be required to look at any new findings made in the field to make an informed decision about the occurrence and nature of a given risk factor. The model is more descriptive in assessing risks. It not only explains the likelihood of occurrence of a given risk but also explains why based on past trends and new findings made in the field. The fact that it describes the nature of the risk in detail makes it easier to have an effective plan to address it (Anderson 53). In many cases, risk management officers often use the two models to gain a comprehensive understanding of the issue at hand.
Risk Management Cycle
Risk management is a continuous process that should embrace a cyclic model. After addressing a given risk, managers should understand that others can occur at any time depending on the internal and external forces in the market. Having a risk management model makes it easy to define the path that should be taken when managing each of the risk factors. Chapman explains that the approach of dealing with each risk factor may vary depending on its nature (79). However, a common pattern may be developed that defines the steps needed when addressing such undesirable events. Figure 1 below shows a model that can be used when managing risks in an organizational setting.
As shown in Figure 1, the first step in the risk management process is the identification of the undesirable factors. The responsible officers will have to identify the risks at the earliest stage possible. Torben explains that the earlier risk is identified, the higher the chances are that it will be managed successfully (68). For instance, if it is a leak in an industrial park, the assessment officers should identify it as soon as it starts to occur. The inability to make early detections of such dangers can have serious ripple effects on a firm. A small leak can lead to major explosions that would bring the operations of the plant to a halt. The consequences may be so costly that it may take a long time for the firm to recover from the shock. Some may also lead to loss of life and injury that could leave the affected individuals with lasting bodily harm. The Chernobyl disaster is an example of a serious risk that was not identified in time. It resulted in over 45 deaths (Lam 38). It means that risk management officers should understand that this first stage is one of the most important areas when addressing organizational threats.
Analyze and Evaluate Risks
Once a risk factor is identified, the next step is its analysis and evaluation. The team will look at the nature of the risk, its magnitude, areas within the firm that it will affect directly, and how it should be managed. The Abu Dhabi National Oil Company (ADNOC) is the leading oil and gas company in the United Arab Emirates (Baker et al. 23). When its risk management officers identify a possible fall in international oil prices as the risk that has to be dealt with, the firm will need to evaluate the level of price reduction and how it will affect the revenues of the firm. Unstable oil prices have been a serious issue that ADNOC has had to deal with over the last four years (Baker et al. 38). In the evaluation stage, the firm will explain how the firm will respond to the issue, the stakeholders that will be involved, and how the response will affect the firm. All the stakeholders must be prepared for the new system that will be introduced when dealing with the risk. It should be clear to the top management how the company plans to use various resources to address the risk.
Respond to Risks
The final stage of risk management, as shown in Figure 1 above, is to make appropriate responses. Responding to risks involves taking appropriate actions based on the outcome of the analysis and evaluation. When ADNOC was hit by the major drop in international oil prices, it had to make an appropriate response to help it remain sustainable. The problem became serious in 2015 when the price of a barrel of oil fell to less than half what it was two years earlier (Baker et al. 45). This meant that the company was getting less than half the revenue by maintaining its volume of products in the market. The risk management team came up with a raft of proposals on how to respond to the risk. One of the responses made by the company was to streamline its workforce. Employees whose assignments were considered redundant had to be eliminated from the firm. Adalsteinsson advises that when responding to risks, it is necessary to take into consideration the interests of all stakeholders (53). The response should not be viewed as a threat to the well-being of a section of the stakeholders.
Managing risks is one of the most important activities within an organizational setting. As shown in the discussion above, successful firms have effective systems that enable them to identify risks swiftly, analyze them, and respond within the right timeframe. A firm may face a wide range of risks. The approach that will be taken to respond to each risk depends on the nature of the risk and the magnitude of its impact on the firm. Some risks require an immediate response because any delays may have a crippling effect on the organization. Others require significant investment to achieve the set goals. In some cases, it may be necessary to trim the size of the workforce to help deal with new market forces. The fundamental issue is to ensure that the approach is taken addresses the issue effectively and in a way that does not affect stakeholders negatively.
Adalsteinsson, Gudni. The Liquidity Risk Management Guide: From Policy to Pitfalls. Wiley Publishers, 2014.
Anderson, Edward. Business Risk Management: Models and Analysis. Wiley Publishers, 2014.
Bai, Yong. Subsea Pipeline Integrity and Risk Management. Gulf Professional Publishing, 2014.
Baker, Kent, et al., editors. Commodities: Markets, Performance, and Strategies. Oxford University Press, 2018.
Chapman, Robert. The Rules of Project Risk Management: Implementation Guidelines for Major Projects. Gower Publishing Limited, 2014.
Lam, James. Enterprise Risk Management: From Incentives to Controls. 2nd ed., Wiley Publishers, 2014.
Torben, Andersen. Contemporary Challenges in Risk Management: Dealing with Risk, Uncertainty, and the Unknown. Palgrave Macmillan, 2014.