RISK MANAGEMENT OF COMPANIES
Page | 1
CHAPTER 1
INTRODUCTION
Risk management is the identification, assessment, and prioritization
of risks (defined in ISO 31000 as the effect of uncertainty on objectives,
whether positive or negative) followed by coordinated and economical
application of resources to minimize, monitor, and control the probability
and/or impact of unfortunate events or to maximize the realization of
opportunities. Risks can come from uncertainty in financial markets, project
failures, legal liabilities, credit risk, accidents, natural causes and disasters as
well as deliberate attacks from an adversary. Several risk management
standards have been developed including the Project Management Institute,
the National Institute of Science and Technology, actuarial societies, and ISO
standards. Methods, definitions and goals vary widely according to whether the
risk management method is in the context of project management,
security, engineering, industrial processes, financial portfolios, actuarial
assessments, or public health and safety.
The strategies to manage risk include transferring the risk to another party,
avoiding the risk, reducing the negative effect of the risk, and accepting some
or all of the consequences of a particular risk.
Certain aspects of many of the risk management standards have come under
criticism for having no measurable improvement on risk even though the
confidence in estimates and decisions increase.
Risk management, a prioritization process is followed whereby the risks with
the greatest loss and the greatest probability of occurring are handled first, and
risks with lower probability of occurrence and lower loss are handled in
descending order. In practice the process can be very difficult, and balancing
RISK MANAGEMENT OF COMPANIES
Page | 2
between risks with a high probability of occurrence but lower loss versus a risk
with high loss but lower probability of occurrence can often be mishandled.
Intangible risk management identifies a new type of a risk that has a 100%
probability of occurring but is ignored by the organization due to a lack of
identification ability. For example, when deficient knowledge is applied to a
situation, a knowledge risk materializes. Relationship risk appears when
ineffective collaboration occurs. Process-engagement risk may be an issue
when ineffective operational procedures are applied. These risks directly
reduce the productivity of knowledge workers, decrease cost effectiveness,
profitability, service, quality, reputation, brand value, and earnings quality.
Intangible risk management allows risk management to create immediate value
from the identification and reduction of risks that reduce productivity.
Risk management also faces difficulties in allocating resources. This is the idea
of opportunity cost. Resources spent on risk management could have been
spent on more profitable activities. Again, ideal risk management minimizes
spending and minimizes the negative effects of risks.
In the current volatile markets at the beginning of the new millennium, where
newspaper headlines inform us how much money has been wiped off the stock
market in a bad day or lost in the bankruptcy of a company, risk management is
a key phrase. But what do we mean by risk management and why are
regulators so concerned with this topic? Risk management is the application of
analysis techniques and the definition of measures to quantify the amount of
financial loss (or gain) an organization is exposed to, when certain unexpected
and random changes and events occur. These events range from changes in
observable or derivable market data (such as prices, or price volatility), process
related failures, or credit (payment default type) events. Risk is therefore all
about uncertain rather than definite outcomes. This uncertainty is not an
undesirable thing. It is, however, important that the organization is aware of the
RISK MANAGEMENT OF COMPANIES
Page | 3
impact of any outcomes that may occur and their implication for its
profitability. For these risk measures or metrics to be of use, the calculated
risks and actual losses arising should correlate. If this is not the case, the
information on which the risk analysis is based, or the analysis itself, is either
incorrect or inac- curate and must be rectified for the information to be of use.
Even where it is thought that the risks are well understood, the risk manager
needs to be constantly looking for previously unidentified risks, or inherent
assumptions and failings in the calculation and management of those risks.
This is especially true when these risks may only become
Evident in extreme market conditions. If these risks are not identified and
controlled, the organization is likely to suffer the same fate as that of Long
Term Capital Management (LTCM), the US hedge fund that came close to
financial collapse due to unexpected market events and behaviour in 1998.1
Financial markets enable participants to raise capital and exchange risks, so
that one participant’s risk becomes another’s potential reward or offsets a risk
they already have. Market participants then structure and trade these risks so as
to either remove (that is, hedge) or take on additional risk in return for a given
benefit or expected return; this latter activity is known as speculating. Risk may
also be retained or additional risk taken on if there is a belief that the market is
mispricing the cost of taking on this risk. This activity is known as relative
value or richness/cheapness analysis and can have varying levels of
sophistication. The aim of this trading strategy is to try to benefit from any
mispricing by buying or selling the instruments involved on the assumption
that the market will correctly price them in the future (resulting in a greater
than expected return). If these mispricing result in a transaction which leaves
no residual risk but rather a guaranteed return or profit, then this is called
arbitraging. Arbitraging can also cause (through variations in supply and
demand resulting in changes in prices) the mispricing to disappear and so plays
RISK MANAGEMENT OF COMPANIES
Page | 4
a vital role in the financial markets in ensuring different financial instruments
are fairly priced. The brokers or intermediaries in this process earn commission
by linking the two sides of a transaction together, exposing themselves to the
minimum level of indirect risk while participating in the process. Market
makers, where they exist in certain financial markets, add liquidity to the
market by always being willing to either buy or sell a given financial
instrument. These market participants are all taking different risks and making
profits based on their unique business model. For example, market makers will
try to maintain a relatively flat trading book with limited downside risk, but
will make their profit from the bid/ask spread (the difference between the price
financial instruments are bought and sold at). As a result, the participants in
financial markets all have unique definitions and appetites for risk and require
different tools to manage it. This explains why asset managers, hedge funds,
corporate treasury departments and investment banks all require different tools
and information to manage and control their risk profile while supporting their
business model. It is therefore difficult to provide a ‘one size fits all’ approach
to risk management. In particular, even within investment banks, each trading
style results in its own unique risks that may differ greatly from those of its
competitors.
RISK MANAGEMENT OF COMPANIES
Page | 5
RISK MANAGEMENT SYSTEMS
Directly or indirectly, people will only take on additional risk if they
believe they can profit from it. However, no one will knowingly take on risks
that could (in the event of probable market events) result in the destruction of
the organization. It is this systematic risk that regulatory authorities focus on,
ensuring that the failure of any one financial institution does not result in a
domino effect that causes the entire financial system to collapse. The
importance of risk measurement in this process cannot be underestimated. It is
only once risks can be measured that they can be managed and controlled. The
role of technology in risk management cannot be overstated. More complex
organizational processes and financial instruments, together with rapidly
changing external market conditions, have led to the requirement for more
advanced models and faster computers to ensure all the risks are captured,
modelled and understood in a timely manner. Even when trading simple
financial instruments, the number of positions (or net transactions) and their
different characteristics require complex visualization and reporting tools in
order to ensure that there are no excessive concentrations or unexpected
correlated exposures. In the past, the unique requirements of an organization,
its IT environment and source of competitive advantage have led to the
assumption that unique solutions and sets of tools are required to manage risk.
Such ground-up approaches have had a high likelihood of failure, with
everything from process to underlying systems up for redevelopment.
Consolidation in the financial industry, together with convergence in opinions
and approaches, has however shown that this may no longer be the case.
Although the context of this problem (whether technological, business model,
organizational structure or political) is still often unique, the general core
concepts and development approaches are becoming more standardized. As a
result, the time is fast approaching for financial institutions to concentrate on
RISK MANAGEMENT OF COMPANIES
Page | 6
what is unique to them and leverage what is now commonly accepted as
generic or best practice in the industry. Much of the functionality required to
create a risk management solution may already exist within the organization or
can be purchased from external software vendors.
RISK MANAGEMENT OF COMPANIES
Page | 7
CHAPTER 2
TYPES OF RISK
Systematic and Unsystematic Risk
Unsystematic risk, also known as "specific risk," "diversifiable risk" or
"residual risk," is the type of uncertainty that comes with the company or
industry you invest in. Unsystematic risk can be reduced through
diversification. For example, news that is specific to a small number of stocks,
such as a sudden strike by the employees of a company you have shares in, is
considered to be unsystematic risk. Systematic risk, also known as "market
risk" or "un-diversifiable risk", is the uncertainty inherent to the entire market
or entire market segment. Also referred to as volatility, systematic risk consists
of the day-to-day fluctuations in a stock's price. Volatility is a measure of risk
because it refers to the behavior, or "temperament," of your investment rather
than the reason for this behavior. Because market movement is the reason why
people can make money from stocks, volatility is essential for returns, and the
more unstable the investment the more chance there is that it will experience a
dramatic change in either direction.
Interest rates, recession and wars all represent sources of systematic risk
because they affect the entire market and cannot be avoided through
diversification. Systematic risk can be mitigated only by being hedged.
Systematic risk underlies all other investment risks. If there is inflation, you
can invest in securities in inflation-resistant economic sectors. If interest rates
are high, you can sell your utility stocks and move into newly issued bonds.
However, if the entire economy underperforms, then the best you can do is
RISK MANAGEMENT OF COMPANIES
Page | 8
attempt to find investments that will weather the storm better than the broader
market. Popular examples are defensive industry stocks, for example, or
bearish options strategies.
Beta is a measure of the volatility, or systematic risk, of a security or a
portfolio in comparison to the market as a whole. In other words, beta gives a
sense of a stock's market risk compared to the greater market. Beta is also used
to compare a stock's market risk to that of other stocks. Investment analysts use
the Greek letter 'ß' to represent beta. Beta is used in the capital asset pricing
model (CAPM), as we described in the previous section.
Beta is calculated using regression analysis, and you can think of beta as the
tendency of a security's returns to respond to swings in the market. A beta of 1
indicates that the security's price will move with the market. A beta of less than
1 means that the security will be less volatile than the market. A beta of greater
than 1 indicates that the security's price will be more volatile than the market.
For example, if a stock's beta is 1.2, it's theoretically 20% more volatile than
the market.
Many utility stocks have a beta of less than 1. Conversely, most high-tech
Nasdaq-based stocks have a beta greater than 1, offering the possibility of a
higher rate of return, but also posing more risk.
Beta helps us to understand the concepts of passive and active risk. The graph
below shows a time series of returns (each data point labeled "+") for a
particular portfolio R(p) versus the market return R(m). The returns are cash-
adjusted, so the point at which the x and y axes intersect is the cash-equivalent
return. Drawing a line of best fit through the data points allows us to quantify
the passive, or beta, risk and the active risk, which we refer to as alpha.
RISK MANAGEMENT OF COMPANIES
Page | 9
The gradient of the line is its beta. For example, a gradient of 1.0 indicates that
for every unit increase of market return, the portfolio return also increases by
one unit. A manager employing a passive management strategy can attempt to
increase the portfolio return by taking on more market risk (i.e., a beta greater
than 1) or alternatively decrease portfolio risk (and return) by reducing the
portfolio beta below 1. Essentially, beta expresses the fundamental tradeoff
between minimizing risk and maximizing return. Let's give an illustration. Say
a company has a beta of 2. This means it is two times as volatile as the overall
market. Let's say we expect the market to provide a return of 10% on an
investment. We would expect the company to return 20%. On the other hand, if
the market were to decline and provide a return of -6%, investors in that
company could expect a return of -12% (a loss of 12%). If a stock had a beta of
0.5, we would expect it to be half as volatile as the market: a market return of
10% would mean a 5% gain for the company. (For further reading, see Beta:
Know The Risk.)
Investors expecting the market to be bullish may choose funds exhibiting high
betas, which increase investors' chances of beating the market. If an investor
expects the market to be bearish in the near future, the funds that have betas
less than 1 are a good choice because they would be expected to decline less in
value than the index. For example, if a fund had a beta of 0.5 and the S&P 500
declined 6%, the fund would be expected to decline only 3%. (Learn more
about volatility in Understanding Volatility Measurements and Build Diversity
Through Beta.)
RISK MANAGEMENT OF COMPANIES
Page | 10
Credit or Default Risk
Credit risk is the risk that a company or individual will be unable to pay the
contractual interest or principal on its debt obligations. This type of risk is of
particular concern to investors who hold bonds in their portfolios. Government
bonds, especially those issued by the federal government, have the least
amount of default risk and the lowest returns, while corporate bonds tend to
have the highest amount of default risk but also higher interest rates. Bonds
with a lower chance of default are considered to be investment grade, while
bonds with higher chances are considered to be junk bonds. Bond rating
services, such as Moody's, allows investors to determine which bonds are
investment-grade, and which bonds are junk. (To read more, see Junk Bonds:
Everything You Need To Know, What Is A Corporate Credit Rating and
Corporate Bonds: An Introduction To Credit Risk.)
Country Risk
Country risk refers to the risk that a country won't be able to honor its financial
commitments. When a country defaults on its obligations, this can harm the
performance of all other financial instruments in that country as well as other
countries it has relations with. Country risk applies to stocks, bonds, mutual
funds, options and futures that are issued within a particular country. This type
of risk is most often seen in emerging markets or countries that have a severe
deficit. (For related reading, see What Is An Emerging Market Economy?)
RISK MANAGEMENT OF COMPANIES
Page | 11
Foreign-Exchange Risk
When investing in foreign countries you must consider the fact that currency
exchange rates can change the price of the asset as well. Foreign-exchange risk
applies to all financial instruments that are in a currency other than your
domestic currency. As an example, if you are a resident of America and invest
in some Canadian stock in Canadian dollars, even if the share value
appreciates, you may lose money if the Canadian dollar depreciates in relation
to the American dollar.
Interest Rate Risk
Interest rate risk is the risk that arises for bond owners from fluctuating interest
rates. How much interest rate risk a bond has depends on how sensitive its
price is to interest rate changes in the market. The sensitivity depends on two
things, the bond's time to maturity, and the coupon rate of the bond.
Interest rate risk analysis is almost always based on simulating movements in
one or more yield curves using the Heath-Jarrow-Morton framework to ensure
that the yield curve movements are both consistent with current market yield
curves and such that no riskless arbitrage is possible. The Heath-Jarrow-
Morton framework was developed in the early 1991 by David Heath of Cornell
University, Andrew Morton of Lehman Brothers, and Robert A. Jarrow of
Kamakura Corporation and Cornell University.
There are a number of standard calculations for measuring the impact of
changing interest rates on a portfolio consisting of various assets and liabilities.
The most common techniques include:
RISK MANAGEMENT OF COMPANIES
Page | 12
1. Marking to market, calculating the net market value of the assets and liabilities,
sometimes called the "market value of portfolio equity"
2. Stress testing this market value by shifting the yield curve in a specific way.
3. Calculating the Value at Risk of the portfolio
4. Calculating the multi period cash flow or financial accrual income and expense
for N periods forward in a deterministic set of future yield curves
5. Doing step 4 with random yield curve movements and measuring the
probability distribution of cash flows and financial accrual income over time.
6. Measuring the mismatch of the interest sensitivity gap of assets and liabilities,
by classifying each asset and liability by the timing of interest rate reset or
maturity, whichever comes first.
7. Analyzing Duration, Convexity, DV01 and Key Rate Duration.
Interest rate risk at banks
The assessment of interest rate risk is a very large topic at banks, thrifts, saving
and loans, credit unions, and other finance companies, and among their
regulators. The widely deployed CAMELS rating system assesses a financial
institution's: (C)apital adequacy, (A)ssets, (M)anagement Capability,
(E)arnings, (L)iquidity, and (S)ensitivity to market risk. A large portion of the
(S) ensitivity in CAMELS is interest rate risk. Much of what is known about
assessing interest rate risk has been developed by the interaction of financial
institutions with their regulators since the 1990s. Interest rate risk is
unquestionably the largest part of the (S)ensitivity analysis in the CAMELS
system for most banking institutions. When a bank receives bad CAMELS
rating equity holders, bond holders and creditors are at risk of loss, senior
managers can lose their jobs and the firms are put on the FDIC problem bank
list.
RISK MANAGEMENT OF COMPANIES
Page | 13
See the Sensitivity section of the CAMELS rating system for a substantial list
of links to documents and examiner manuals, issued by financial regulators,
that cover many issues in the analysis of interest rate risk.
In addition to being subject to the CAMELS system, the largest banks are often
subject to prescribed stress testing. The assessment of interest rate risk is
typically informed by some type of stress testing.
Political Risk
Political risk is a type of risk faced by investors, corporations, and
governments. It is a risk that can be understood and managed with reasoned
foresight and investment.
Broadly, political risk refers to the complications businesses and governments
may face as a result of what are commonly referred to as political decisions or
“any political change that alters the expected outcome and value of a given
economic action by changing the probability of achieving business objectives”.
Political risk faced by firms can be defined as “the risk of a strategic, financial,
or personnel loss for a firm because of such nonmarket factors as
macroeconomic and social policies (fiscal, monetary, trade, investment,
industrial, income, labour, and developmental), or events related to political
instability (terrorism, riots, coups, civil war, and insurrection).” Portfolio
investors may face similar financial losses. Moreover, governments may face
complications in their ability to execute diplomatic, military or other initiatives
as a result of political risk.
A low level of political risk in a given country does not necessarily correspond
to a high degree of political freedom. Indeed, some of the more stable states are
RISK MANAGEMENT OF COMPANIES
Page | 14
also the most authoritarian. Long-term assessments of political risk must
account for the danger that a politically oppressive environment is only stable
as long as top-down control is maintained and citizens prevented from a free
exchange of ideas and goods with the outside world.
Understanding risk partly as probability and partly as impact provides insight
into political risk. For a business, the implication for political risk is that there
is a measure of likelihood that political events may complicate its pursuit of
earnings through direct impacts (such as taxes or fees) or indirect impacts (such
as opportunity cost forgone). As a result, political risk is similar to an expected
value such that the likelihood of a political event occurring may reduce the
desirability of that investment by reducing its anticipated returns.
There are both macro- and micro-level political risks. Macro-level political
risks have similar impacts across all foreign actors in a given location. While
these are included in country risk analysis, it would be incorrect to equate
macro-level political risk analysis with country risk as country risk only looks
at national-level risks and also includes financial and economic risks. Micro-
level risks focus on sector, firm, or project specific risk
Market Risk
This is the most familiar of all risks. Also referred to as volatility, market risk
is the day-to-day fluctuation in a stock's price. Market risk applies mainly to
stocks and options. As a whole, stocks tend to perform well during a bull
market and poorly during a bear market - volatility is not so much a cause but
an effect of certain market forces. Volatility is a measure of risk because it
refers to the behavior, or "temperament", of your investment rather than the
reason for this behavior. Because market movement is the reason why people
RISK MANAGEMENT OF COMPANIES
Page | 15
can make money from stocks, volatility is essential for returns, and the more
unstable the investment the more chance there is that it will experience a
dramatic change in either direction.
RISK MANAGEMENT OF COMPANIES
Page | 16
CHAPTER 3
NEED OF RISK MANAGEMENT
Since we need to keep our corporate in the business and have to deal with the
uncertainty in the future so that it is a risky business. Environment always keep
on changing. New things and complex technologies could introduce new risks.
Today we are in the economy-of-speed world. So we cannot get away of risk or
cannot completely get rid of risk. For example, internet has been shrank the
world into a single large market. Banking becomes a 24-hour market places so
business continuity plan is required.
Effective risk management will help us to improve performance in creating
value to the firm by contributing to better service delivery, more effective
manage of change, more efficient use of resources, better project management,
minimizing waste, fraud and poor value for money, supporting innovation.
Risk management brings incentives with fair and transparent for staffs,
supports both offensive and defensive strategies for executives and effective
use of risk-based capital allocation.
Risk management has been an important component of hospital administration
in the US since the malpractice insurance crisis of the 1970s. Many thought that
great progress was being made in managing the risks that contributed to patient
harm and error, but important questions have recently been raised about the real
impact of risk management on the risk of patient harm. Many patients continue
to be harmed, often as a result of problems and processes long identified as
being faulty. Recent data published by the insurance industry suggest that
malpractice verdicts and settlements are also, once again, on the rise.
RISK MANAGEMENT OF COMPANIES
Page | 17
The Institute of Medicine's report “To err is human: building a safer health care
system” published in November 1999 has been billed by many as a
breakthrough report, exposing the frailties and the realities of the current US
healthcare delivery system. To many in risk management this report did not
contain new information. It did, however, create a sense of real frustration and
sadness for many.
The purpose of risk management is to:
Identify possible risks.
Reduce or allocate risks.
Provide a rational basis for better decision making in regards to all risks.
Plan.
Assessing and managing risks is the best weapon you have against project
catastrophes. By evaluating your plan for potential problems and developing
strategies to address them, you'll improve your chances of a successful, if not
perfect, project.
Additionally, continuous risk management will:
Ensure that high priority risks are aggressively managed and that all risks
are cost-effectively managed throughout the project.
Provide management at all levels with the information required to make
informed decisions on issues critical to project success.
If you don't actively attack risks, they will actively attack you!!
RISK MANAGEMENT OF COMPANIES
Page | 18
CHAPTER 4
RISK MANAGEMENT PROCESS
1:- Establishing the context
This involves:
1. identification of risk in a selected domain of interest
2. planning the remainder of the process
3. mapping out the following:
o the social scope of risk management
o the identity and objectives of stakeholders
o the basis upon which risks will be evaluated, constraints.
4. defining a framework for the activity and an agenda for identification
5. developing an analysis of risks involved in the process
6. mitigation or solution of risks using available technological, human and
organizational resources
2 :- Identification and assessment
A first step in the process of managing risk is to identify potential risks. The
risks must then be assessed as to their potential severity of loss and to the
probability of occurrence.
After establishing the context, the next step in the process of managing risk is
to identify potential risks. Risks are about events that, when triggered, cause
problems or benefits. Hence, risk identification can start with the source of our
problems and those of our competitors (benefit), or with the problem itself.
RISK MANAGEMENT OF COMPANIES
Page | 19
Source analysis- Risk sources may be internal or external to the system that is
the target of risk management (use mitigation instead of management since by
its own definition risk deals with factors of decision-making that cannot be
managed).
Examples of risk sources are: stakeholders of a project, employees of a
company or the weather over an airport.
Problem analysis- Risks are related to identified threats. For example: the threat
of losing money, the threat of abuse of confidential information or the threat of
human errors, accidents and casualties. The threats may exist with various
entities, most important with shareholders, customers and legislative bodies
such as the government.
When either source or problem is known, the events that a source may trigger
or the events that can lead to a problem can be investigated. For example:
stakeholders withdrawing during a project may endanger funding of the
project; confidential information may be stolen by employees even within a
closed network; lightning striking an aircraft during takeoff may make all
people on board immediate casualties.
The chosen method of identifying risks may depend on culture, industry
practice and compliance. The identification methods are formed by templates
or the development of templates for identifying source, problem or event.
Common risk identification methods are:
Objectives-based risk identification- Organizations and project teams have
objectives. Any event that may endanger achieving an objective partly or
completely is identified as risk.
Scenario-based risk identification - In scenario analysis different scenarios are
created. The scenarios may be the alternative ways to achieve an objective, or
RISK MANAGEMENT OF COMPANIES
Page | 20
an analysis of the interaction of forces in, for example, a market or battle. Any
event that triggers an undesired scenario alternative is identified as risk – see
Futures Studies for methodology used by Futurists.
Taxonomy-based risk identification - The taxonomy in taxonomy-based risk
identification is a breakdown of possible risk sources. Based on the taxonomy
and knowledge of best practices, a questionnaire is compiled. The answers to
the questions reveal risks.
Common-risk checking- In several industries, lists with known risks are
available. Each risk in the list can be checked for application to a particular
situation.
Risk charting - This method combines the above approaches by listing
resources at risk, threats to those resources, modifying factors which may
increase or decrease the risk and consequences it is wished to avoid. Creating a
matrix under these headings enables a variety of approaches. One can begin
with resources and consider the threats they are exposed to and the
consequences of each. Alternatively one can start with the threats and examine
which resources they would affect, or one can begin with the consequences and
determine which combination of threats and resources would be involved to
bring them about
RISK MANAGEMENT OF COMPANIES
Page | 21
Risk Assessment
Once risks have been identified, they must then be assessed as to their potential
severity of impact (generally a negative impact, such as damage or loss) and to
the probability of occurrence. These quantities can be either simple to measure,
in the case of the value of a lost building, or impossible to know for sure in the
case of the probability of an unlikely event occurring. Therefore, in the
assessment process it is critical to make the best educated decisions in order to
properly prioritize the implementation of the risk management plan.
Even a short-term positive improvement can have long-term negative impacts.
Take the "turnpike" example. A highway is widened to allow more traffic.
More traffic capacity leads to greater development in the areas surrounding the
improved traffic capacity. Over time, traffic thereby increases to fill available
capacity. Turnpikes thereby need to be expanded in a seemingly endless cycles.
There are many other engineering examples where expanded capacity (to do
any function) is soon filled by increased demand. Since expansion comes at a
cost, the resulting growth could become unsustainable without forecasting and
management.
The fundamental difficulty in risk assessment is determining the rate of
occurrence since statistical information is not available on all kinds of past
incidents. Furthermore, evaluating the severity of the consequences (impact) is
often quite difficult for intangible assets. Asset valuation is another question
that needs to be addressed. Thus, best educated opinions and available statistics
are the primary sources of information. Nevertheless, risk assessment should
produce such information for the management of the organization that the
primary risks are easy to understand and that the risk management decisions
may be prioritized. Thus, there have been several theories and attempts to
RISK MANAGEMENT OF COMPANIES
Page | 22
quantify risks. Numerous different risk formulae exist, but perhaps the most
widely accepted formula for risk quantification is:
Rate (or probability) of occurrence multiplied by the impact of the event equals
risk magnitude
Create the plan
Decide on the combination of methods to be used for each risk
A business plan is a formal statement of a set of business goals, the reasons
they are believed attainable, and the plan for reaching those goals. It may also
contain background information about the organization or team attempting to
reach those goals.
Business plans may also target changes in perception and branding by the
customer, client, taxpayer, or larger community. When the existing business is
to assume a major change or when planning a new venture, a 3 to 5 year
business plan is required, since investors will look for their annual return in that
timeframe.
Business plans are decision-making tools. There is no fixed content for a
business plan. Rather, the content and format of the business plan is determined
by the goals and audience. A business plan represents all aspects of business
planning process declaring vision and strategy alongside sub-plans to cover
marketing, finance, operations, human resources as well as a legal plan, when
required. A business plan is a summary of those disciplinary plans.
For example, a business plan for a non-profit might discuss the fit between the
business plan and the organization’s mission. Banks are quite concerned about
RISK MANAGEMENT OF COMPANIES
Page | 23
defaults, so a business plan for a bank loan will build a convincing case for the
organization’s ability to repay the loan. Venture capitalists are primarily
concerned about initial investment, feasibility, and exit valuation. A business
plan for a project requiring equity financing will need to explain why current
resources, upcoming growth opportunities, and sustainable competitive
advantage will lead to a high exit valuation.
Preparing a business plan draws on a wide range of knowledge from many
different business disciplines: finance, human resource management, intellectual
property management, supply chain management, operations management, and
marketing, among others. It can be helpful to view the business plan as a
collection of sub-plans, one for each of the main business disciplines.
"A good business plan can help to make a good business credible,
understandable, and attractive to someone who is unfamiliar with the business.
Writing a good business plan can’t guarantee success, but it can go a long way
toward reducing the odds of failure."
A plan defines everything about your build process, including what gets built,
how the build is triggered and what jobs are executed.
This section describes how to:
Create a new plan
Clone an existing plan
RISK MANAGEMENT OF COMPANIES
Page | 24
Implementation
Follow all of the planned methods for mitigating the effect of the risks.
Purchase insurance policies for the risks that have been decided to be
transferred to an insurer, avoid all risks that can be without sacrificing the
entity's goals, reduce others, and retain the rest. .
Review and evaluation of the plan
Initial risk management plans will never be perfect. Practice, experience, and
actual loss results, will necessitate changes in the plan and contribute
information to allow possible different decisions to be made in dealing with the
risks being faced.
RISK MANAGEMENT OF COMPANIES
Page | 25
CHAPTER 5
TOOLS AND TECHNIQUES OF RISK MANAGEMENT
Once risks have been identified and assessed, all techniques to manage the risk
fall into one or more of these four major categories:
Avoidance
Reduction
Retention
Transfer
Ideal use of these strategies may not be possible. Some of them may involve
tradeoffs that are not acceptable to the organization or person making the risk
management decisions.
RISK AVOIDANCE
Includes not performing an activity that could carry risk. An example would be
not buying a property or business in order to not take on the liability that comes
with it. Another would be not flying in order to not take the risk that the plane
were to be hijacked. Avoidance may seem the answer to all risks, but avoiding
risks also means losing out on the potential gain that accepting (retaining) the
risk may have allowed. Not entering a business to avoid the risk of loss also
avoids the possibility of earning the profits.
RISK REDUCTION
Involves methods that reduce the severity of the loss. Examples include
sprinklers designed to put out a fire to reduce the risk of loss by fire. This
RISK MANAGEMENT OF COMPANIES
Page | 26
method may cause a greater loss by water damage and therefore may not be
suitable. Halon fire suppression systems may mitigate that risk, but the cost
may be prohibitive as a strategy.
RISK RETENTION
Involves accepting the loss when it occurs. True self-insurance falls in this
category. All risks that are not avoided or transferred are retained by default.
Every profit-making organization assumes certain business risks every day it is
in operation. Many businesses have begun to realize that they can also
profitably assume some of the risks that they have in the past, transferred to an
insurance company. In fact, there is greater predictability with some insurance
risks than most business risks encountered.
The reasons risk retention can be beneficial are:
There is a charge for risk transfer to an insurance company, which is generally
40% to 50% more than is paid in losses, depending on the type of coverage and
the amount of premium involved.
It is inordinately expensive to document and settle relatively small losses,
particularly when management time is considered. The collection of small
losses can frequently have an adverse effect on future insurance costs.
RISKS ALREADY RETAINED
Most organizations already retain some insurance risks. For example
They have deductibles applicable to portions of your existing property and
income coverages. Have self-insured retention on some of their liability
coverages.They have no insurance coverage on various catastrophes such as
flood and earthquake
RISK MANAGEMENT OF COMPANIES
Page | 27
RISK TRANSFER
Definition of 'Transfer of Risk'
“The underlying tenet behind insurance transactions. The purpose of this action
is to take a specific risk, which is detailed in the insurance contract, and pass it
from one party who does not wish to have this risk (the insured) to a party who
is willing to take on the risk for a fee, or premium (the insurer).
For example, whenever someone purchases home insurance, he or she is
essentially paying an insurance company to take the risk involved with owning
a home. In the event that something does happen to the house, such as property
damage from a fire or natural disaster, the insurance company will be
responsible for dealing with any resulting consequences.
In today's financial marketplace, insurance instruments have grown more and
more intricate and complex, but the transfer of risk is the one requirement that
is always met in any insurance contract.”
Means causing another party to accept the risk, typically by contract. Insurance
is one type of risk transfer. Other times it may involve contract language that
transfers a risk to another party without the payment of an insurance premium.
Liability among construction or other contractors is very often transferred this
way.
Some ways of managing risk fall into multiple categories. Risk retention pools
are technically retaining the risk for the group, but spreading it over the whole
group, involves transfer among individual members of the group. This is
different from traditional insurance, in that no premium is exchanged between
members of the group.
RISK MANAGEMENT OF COMPANIES
Page | 28
CHAPTER 6
CONTROVERSIAL ISSUES IN RISK MANAGEMENT
Risk analysis has become a routine procedure in assessing, evaluating, and
managing harm to humans and the environment. However, there has been fierce
debate over the legitimate role of risk analysis for regulatory decision making.
The debate centers around
Five major themes.
1. Realism versus constructivism.
2. The relevance of public concerns revealed through perception studies as
criteria for risk regulation.
3. The appropriate handling of uncertainty in risk assessments.
4. The legitimate role of
“Science-based”versus“precaution-based “management approaches.
5. The optimal integration of analytic and deliberative processes.
The following sections will first introduce each of these five themes in more
detail and develop some major insights for risk evaluation and management.
These insights will then serve as heuristic tools for the presentation and
explanation of our own approach to risk evaluation and management Realism
Versus Constructivism.
The first major debate in the risk management community touches on the
philosophical question of constructivism versus realism. For a philosophical
review of the two “risk camps,” see Shrader-Frechette (1991), Bradbury (1989),
and Clarke and Short (1993:379–382). Many risk scholars have questioned the
possibility of conducting objective analysis of risk. The issue here is whether
technical risk estimates represent “objective” probabilities of harm or reflect
only conventions of an elite group of professional risk assessors that may claim
no more degree of validity or universality than competing estimates of
stakeholder groups or the lay public. Reviews of the implications of a
RISK MANAGEMENT OF COMPANIES
Page | 29
constructivist versus a realist concept of risk can be found in Bradbury (1989)
and Renn(1992). A pronounced constructivist approach can be found in
Hillgartner (1992), Luhmann (1993), Adams (1995), or in a recent German
book by K. Japp,SoziologischeRisikotheorie(1996). Realist perspectives in the
social sciences on risk and environment can be found in Catton (1980), Dunlap
(1980), Dickens (1992), and Rosa (1998)
Public Concerns as Criteria for Risk Regulation The second major debate is
closely linked to the first. It refers to the issue of inclusion. Many social
scientists, in particular those who claim that risk is a social construction rather
than a representation of real hazards, have argued in favor of integrating public
concerns into the regulatory decision process (e.g. Freudenberg & Pastor, 1992).
The key issue here is public involvement in defining tolerable risk levels
(Lynn, 1990). Since it is the people, so goes the argument, who are affected by
the potential harm of technologies or other risk-inducing activities, it should be
their prerogative to determine the level of risk that they judge tolerable for
themselves and their community (Webler, 1999; Harrison & Hoberg, 1994).
Many technical experts have argued forcefully against this proposition: they
argue that sensational press coverage and intuitive biases may misguide public
perceptions. Ignorance or misperceptions should not govern the priorities of risk
management. Spending large sums of money for reducing minor risks that fuel
public concerns and ignoring risks that fail to attract public attention may lead
to a larger number of fatalties than necessary (cf. Leonard & Zeckhauser, 1986;
Cross, 1992;Okrent, 1996). If one spends a fixed budget in proportion to lives
saved, the public at large would benefit the most.
The debate on the legitimate role of risk perception in evaluating and managing
risks has been going on for the last two or three decades.7 Defining risk as a
combination of hazard and outrage, as Peter Sandman suggested, has been the
RISK MANAGEMENT OF COMPANIES
Page | 30
fragile but prevailing compromise in this debate, at least in the United
States(Sandman, 1988). Although the formula of “risk equals to hazard and
outrage” does not provide any clue of how to combine scientific assessments
with public perceptions, it provides a conceptual, though often ritual, foundation
for the general attitude of risk management agencies. Again, the debate has not
come to an end (and probably will never come to an end), but any reasonable
risk management approach needs to address the question of inclusion
The Appropriate Handling of Uncertainty in Risk Assessments The third debate
in the professional risk community centers around the handling of uncertainty
(van Asselt, 2000). This topic has been one of the most popular themes in the
professional community for many years, but is has reemerged in recent time for
several reasons.
Philosophers of science and risk have pointed out that the term “uncertainty”
implies a portfolio of different aspects that are often ne-elected or amalgamated
in risk analysis (cf.Funtowicz &Rivets, 1990).Advances in mathematics and
modeling have made it possible to be more precise in calculating variability
among humans or other risk targets. The general convention of using safety
factors of 10 or 100 as a means to include inter individual variation can now be
replaced by more precise and adequate modeling tech-inquest (Hattis &
Markowitz, 1997).The new global risks such as climate change or sea-level rise
have turned the attention of many analysts to issues of indeterminacy, stochastic
effects, and nonlinear relationships. Although these topics are not new to the
risk
Community, they have triggered a new debate over the umbrella
term“uncertainty”and how it should be decomposed and handled (Wynne,1992;
Lave & Dowlatabadi, 1993).Several suggestions have been made in the pastures
to distinguish several components of uncertainty. It is obvious that probabilities
themselves rep-resent only an approximation to predict uncertain Events. These
RISK MANAGEMENT OF COMPANIES
Page | 31
predictions are characterized, however, by additional components of
uncertainty. It seems prudent to include these other uncertainty compo-nets in
one’s risk management procedure. Which other components should be
included? There is no established classification of uncertainty in the literal-
true (see von Hasselt, 2000, for a review; cf. Stirling,1998:102). Authors use
different terms and descriptions, such as incertitude, variability, indeterminacy,
ignorance, lack of knowledge, and others. A new risk management approach
should look into these differ-end types of uncertainty and find appropriate ways
of Risk-Based” Versus “Precaution Based” Management Approaches The
fourth debate picks up the question of how to evaluate uncertainties and
transfers this problem into the domain of risk management. As stated in
Section1, the assessment of risks implies a normative man-date. Most people
feel a moral obligation to prevent
harm to human beings and the environment. Risk an-lasts are asked to provide
the necessary scientific in-put to assist risk managers in this task. Since there
are more risks in the world than society could handle at the same time, risk
management always implies the task of setting priorities. The conventional
solution to this problem has been to design risk reduction policies in proportion
to the severity of the potential effects (Crouch & Wilson, 1982; Mazur, 1985).
Severity has been operationalized as a linear combo-nation of magnitude of
harm and probability of occurrence. Risk-risk comparisons constitute the most
appropriate instrument in this perspective for set-ting risk management
priorities (cf. Merkhofer, 1987;Wilson & Crouch, 1987; Cohen, 1991).
The most significant argument against the pro-portioned risk management
approach comes from the analysis of uncertainty (Cooke, 1991; Marcus, 1988).
Most risk data constitute aggregate results over large segments of the population
and long-time duration (Funtowicz&Rivets, 1987). In addition, there are
problems of extrapolation and dealing with random events and ignorance. The
risk community has been
RISK MANAGEMENT OF COMPANIES
Page | 32
trying to respond to this challenge by sharpening its analytical tools, particularly
with respect to character-sizing and expressing uncertainties. Progress has been
made, particularly in modeling variability, but some issues, such as the
treatment of indeterminacies, re-main unresolved. An alternative approach has
been to change man-agreement strategies and add new perspectives to the way
of coping with uncertainties. Rather than in-vesting all efforts to gain more
knowledge about the different components of uncertainty, one can try to
develop better ways to live or co-exist with un-certainties and ignorance. The
new key words here
are: resilience, vulnerability management, robust re-sponge strategies, and
similar concepts (Collingridge,1996; WBGU, 2000). According to these
concepts, risk management is driven by making the social sys-tem more
adaptive to surprises and, at the same time, allowing only those human activities
or inter-
venations that can be managed even in extreme situations (regardless of the
probability of such extremes to occur).In the risk management literature these
two approaches have been labeled science-based and precaution-based
strategies (cf. O’Riordan &Cameron, 1994; Sterling, 1999; Klink &
Renn,2001). This labelingis rather problematic since the second approach,
which rests on precaution and resilience, needs at least as much scientific input
asthefirst approach (cf. Charnley& Elliott, 2000). We prefer the term “risk-
based strategy “for the first approach. With the denotation of “risk” it becomes
clear that management relies on the numerical assessment of probabilities and
potential damages, while the denotation of “precaution” implies prudent
handling of uncertain or highly vulnerable situations. Over the last few years,
advocates of risk-based and precaution-based approaches have launched a fierce
debate over the legitimacy of each of their approaches. Advocates of the risk-
based approach argue that precautionary strategies ignore scientific resultsand
RISK MANAGEMENT OF COMPANIES
Page | 33
lead to arbitrary regulatory decisions(Cross, 1996). The advocates of the
precautionary approach have argued that precaution does no
RISK MANAGEMENT OF COMPANIES
Page | 34
CHAPTER 7
ADVANTAGES OF THE RISK MANAGEMENT
The benefits of implementing a systematic risk management process are both
long-term and short-term. In fact, each phase of the risk management effort,
right from identifying risks, assessing risks to coming up with mitigation
strategies, has its own benefits and they are listed as follows.
Risk Identification Benefits: Identifying risks is by far the most crucial phase
of the risk management process. The most obvious benefit is that all the risks
that are identified at the start of a project are considered in the mitigation
strategies. This in turn, implies all risks that are identified are most likely to be
potentially resolved in a planned manner without affecting the objectives of the
project and the end result. Another benefit of risk identification is that all
assumptions are listed down and analyzed. Analysis of assumptions is an
important step in removing potential inaccuracies and inconsistencies at the
start of the process itself. Now, risks need not always be negative. Positive
risks (opportunities that were not a part of the original project plan) are often
stumbled upon during the identification phase and you can carry out
appropriate actions to make the most of the occurrence of these "opportunity"
risks. This will in turn have a positive impact on the entire project or business.
Risk Assessment Benefits:
This phase entails focusing on each identified risk and assessing its impact on
the project or business. The measures planned to eliminate or minimize the
risks assessed, are a result of a constructive debate or discussion among the
various stakeholders. The greatest advantage of this process is that it serves to
bring the various views onto the table and in the process of finalizing potential
RISK MANAGEMENT OF COMPANIES
Page | 35
solutions, everyone is brought to the same page. This in turn brings forth a
sense of accountability in all stakeholders (including external vendors,
contractors, etc.),which is one of the goals of risk management. Participation in
the risk assessment activity also serves to promote an organizational culture
where everyone is "risk aware" and able to appreciate how their performance is
going to be measured and rewarded. In addition, as a result of the cost-benefit
analysis, contractual procedures can be revised for pricing terms, deadlines
etc., based on the assessed risk factors.
Risk Analysis and Evaluation Benefits:
It is a subset of the risk assessment process, where each risk is described along
with its attributes such as significance and likelihood of occurrence,
recommendation to minimize risks and stakeholder profiles, etc. Each risk is
mapped to a business function or process which results in allocation of
ownership of the risk. Changes to policy, setting up contingencies etc., are the
benefits of a successful analysis and evaluation exercise.
Risk Treatment Benefits.
Once the risk profiles have been finalized, graded, prioritized and evaluated,
the next step is to implement the plan. Through internal controls (including
policy decisions) and compliance regulations the mitigation strategies are
brought into action. Negative risks or "threats" are not met with shock or
surprise and opportunity risks are not forsaken due to lack of preparation and
planning. The important benefits of operational efficiencies and profitability
are realized upon successful treatment of risks in this phase.
RISK MANAGEMENT OF COMPANIES
Page | 36
Risk Monitoring and Review Benefits
Risk management is not a one-time activity. Continuous risk monitoring and
review of risk treatment plans underpin a successful business strategy. This
activity provides long-term benefits in terms of lessons learned for better risk
management strategies in future and the effectiveness of the risk treatment
measures, which will undoubtedly come in handy for subsequent projects.
In comparison to not having a risk strategy at all, the benefits of risk
management to businesses are, in summary, as below.
Awareness of Significant Risks:
The most significant threat to a business i.e., total failure can be avoided by
identifying and planning for the most significant risks and communicating
them across the board to all stakeholders. Saving on Cost and Time: A
preemptive approach to the threats in a project or business through risk
management, always results in significant cost savings and prevents wastage of
time and effort in firefighting.
Discovering Opportunities
Instead of being unprepared for the opportunities that unravel during the
course of a project or business, risk management can help plan and prepare for
them.
Harvesting Reusable Knowledge
Risk management is an exhaustive effort with inputs from various stakeholders
and their experiences and insights. This collective know-how, or at least
RISK MANAGEMENT OF COMPANIES
Page | 37
significant parts of it, can be reused for future endeavors. A single risk
management plan can provide ready templates for successive plans to start
from, instead of reinventing the wheel. This is probably the single most useful
long-term benefit.
Risk management helps in making better decisions by forecasting important
threats and opportunities of a project or business. While some benefits are
realized from the initial phases of a project, the "hidden" benefits often surface
much later. There's no doubt that a good risk management plan is the
cornerstone of successful enterprises.
RISK MANAGEMENT OF COMPANIES
Page | 38
CHAPTER 8
DISADVANTAGES OF RISK MANAGEMENT
Talking out a team-mate into something he strongly believes is a waste of time
can be tricky. He is showing signs of cynicism which may not be healthy if
you’re an idealist whose goal is to smooth sail a dream project into reality as
possible. Let’s first break down the possible reasons why he just can’t bear
giving risk management a chance.
Disadvantages of Risk Management:
Cost
This module will shell out cash from the company funds. Companies will
have to improve their cash generating tactics in order to provide means
for training and maintenance for something that hasn’t happened yet.
Training
The time spent for development and research will have to be allocated for
training to ensure proper execution of risk management.
Motivation.
Employees that are already accustomed to their mundane activities need to
adjust to new measures.
Underestimating Risk
Risk analyses can provide insight into potential liabilities, but no
assessment is entirely accurate. A company’s estimates could be far off
the mark. For example, a company might decide to put aside money to
RISK MANAGEMENT OF COMPANIES
Page | 39
cover its losses in the event of an earthquake. It might have financial
predictions for how much damage an earthquake would do, but a record-
breaking earthquake could cause damage that greatly exceeds those
estimates. As a result of its underestimation, the company might not have
the funds to cover the losses.
Overestimating Risk
Risk can also be overestimated, resulting in steep opportunity costs. For
instance, suppose the company puts aside large sums of money to cover
losses due to an earthquake. If no earthquakes occur, or a quake causes
much less damage than predicted, those reserved funds represent missed
opportunities. Instead of reserving the money, the company could have
invested it in research and development or in opening new locations to
reach more customers. Overestimating risk can cause a company to
overcompensate, thus losing money that could go into business
opportunities.
No Clear Path
Risk retention is often appropriate when the cost of insuring against a
potential problem outweighs the financial burden the problem itself
would impose. For example, it usually doesn’t make sense to buy
insurance for a small risk. But that's another disadvantage of risk
retention: It’s not always clear whether it’s better to buy insurance or
retain risk. A company might lose money because it bought insurance, or
it might lose money because it didn't buy insurance.
RISK MANAGEMENT OF COMPANIES
Page | 40
Considerations
Insurance companies use advanced statistical analyses to guide their
decisions, but small businesses don’t have their resources. As a result,
sometimes retaining risk is just a guessing game. There’s just no simple
recipe for deciding which risks you should transfer and which you should
retain. If you’re not sure, the most effective approach is to ask experts in
your industry to assess your risk profile and design a risk management
plan.
RISK MANAGEMENT OF COMPANIES
Page | 41
CHAPTER 9
NESTLÉ (FOOD/BEVERAGE) NESTLÉ CHOOSE ACTIVE RISK
MANAGER TO MANAGE ENTERPRISE RISK ACROSS ITS
OPERATIONS WORLDWIDE AFTER IT EVALUATED 14
DIFFERENT RISK MANAGEMENT SOLUTIONS.
Overview
Nestlé was looking for a consistent method to manage risk across the multi-
national operation. The fact that Active Risk Manager is web-based means that
countries will be able to share information, update and monitor risk
information in an effective and efficient way.
Marc Schaedeli, Head of Risk Management at Nestlé explained, “Of all those
products evaluated, Active Risk Manager best suited our requirements. Other
products could provide part of what was needed but not everything and many
of them were also too complex. Active Risk Manager gave us what we were
looking for.”
“We also felt that Active Risk Manager would be able to reflect the way we
work. We did not want to change our process just to fit with a new system.”
Marc Schaedeli continued, “We plan to use Active Risk Manager for both
project risk assessment and business risk management. Nestlé products grow
through innovation and renovation and Active Risk Manager will help us to
manage many different types of project. Consolidating data will also enable us
to get a better overview of the business processes and their potential risks.”
Charles Long ridge, Director of Business Development for EMEA at Sword
Active Risk said, “We are very excited to be working with such a leading
global manufacturer and will look to Nestlé as a key sector influencer in the
supply-chain risk management and Sarbanes Oxley compliance. We look
RISK MANAGEMENT OF COMPANIES
Page | 42
forward to providing a positive return to Nestlé with improved risk mitigation
strategies and increasing profit margins.”
Marc Schaedeli concluded, “We believe Active Risk Manager will provide the
right information to the right people at the right time which will help Nestlé to
fulfill its company priority – to bring highest quality products to people,
wherever they are, whatever their needs, throughout their lives.”
About Nestlé
Nestlé, with headquarters in Vevey, Switzerland was founded in 1866 by Henri
Nestlé and is today the world’s biggest food and beverage company with
factories or operations in practically every country in the world.
Active Risk Manager
Active Risk Manager (ARM) is the world’s leading Enterprise Risk
Management solution covering corporate, strategic, process, product, project,
supply chain, business continuity, reputation, health and safety, incident
management risks and opportunities, corporate governance and compliance.
ARM is widely used for risk management on major complex projects and by
some of the world’s largest and most respected organizations across a range of
industries.
Sword Active Risk, formerly Strategic Thought Group was founded in 1987
and has offices in the UK, USA, Australia and the Middle East, servicing
customers worldwide directly and through a growing network of partners.
RISK MANAGEMENT OF COMPANIES
Page | 43
CHAPTER 10
RECOMMENDATION
1. Nestle can manage its market risk by introducing more innovative &
diversifiable product. Currently Nestle is more focused in premium milk
products like condense milk, curd, milk powder. Company can do so by going
deeper in milk products which has good profit margins such as butter milk,
Ghee, paneer, milk based drinks
2. Nestle can manage its financial risk by properly diversifying the funds in
different sectors for example: by investing in Derivate instruments, Hedging
products, Gold, Forex etc.
3. Nestle can transfer its risk related to assets, operations, products etc. by
taking insurance products. For example Nestle can insured its assets by taking
general insurance of the various assets, transit insurance of goods/products, key
man insurance.
RISK MANAGEMENT OF COMPANIES
Page | 44
CHAPTER 11
CONCLUSION
The Risk Management Index is the first systematic and consistent international
technique developed to measure risk management performance. The conceptual
and technical bases of this index are robust, despite the fact that it is inherently
subjective. The RMI permits a systematic and quantitative bench-marking of
each country during different periods, as well as comparisons across countries.
This index enables the depiction of disaster risk management at the national
level, but also at the subnational and urban level, allowing the creation of risk
management performance benchmarks in order to establish performance targets
for improving management effectiveness.
The RMI is novel and far more wide-reaching in its scope than other similar
attempts in the past. It is certainly the one that can show the fastest rate of
change given improvements in political will or deterioration of governance.
This index has the advantage of being composed of measures that directly map
sets specific decisions/actions onto sets of desirable outcomes. Al-though the
method may be refined or simplified in the future, its approach is quite
innovative because it allows the measurement of risk management and its
feasible effectiveness.
RISK MANAGEMENT OF COMPANIES
Page | 45
CHAPTER 12
BIBLIOGRAPHY
1. Strategic Risk Management - Goel publication.
2. Financial Risk Management - Pranana chanrda.
3. Risk Management – Financial Markets, Semester 6