Introduction to Risk Management

Risk Analysis and Management

2024
 This presentation is based on content from the book
“Simple Tools and Techniques for Enterprise Risk Management”
by Robert J. Chapman (Wiley, 2011)

2
Few Recent Examples
● Covid shock → complete halt of economic activities.
● Covid-aftermath → supply-chain disruptions (Indian automotive industry)
● Geopolitical conflicts - Israel-Palestine issue (along with sudden surge in
Chinese exports) → Impact on shipping cost
● Regulation → Corporate Average Fuel Economy (CAFE)
● Innovation → Shift to Electric cars
● Subsidies → Faster Adoption and Manufacturing of Electric Vehicles
(FAME) / UP govt reducing road tax
● Auto Industry → mis-judging the growth in demand (post-covid)

3
Business Risk - Introduction
● Basic tenet of business: create value to the stakeholders.
● Value Creation and Destruction
● Risk Comprehension
● Risk Judgement and Acceptance
● Adaptability and Competition

4
Business Risk - Introduction Contd.

● Increasing Risk Complexity

● Internal vs. External Risks
● Expansion and Risk Exposure
● Evolving Risk Management
● Broader Risk Perspective
● Stakeholder and Regulatory Pressure

5
Risk Management - evolution:
● Historical Segmentation
● Reasons for Compartmentalization
● Compartmentalization Tendencies
● Interrelated Risks
● Integrated Risk Management
● Strategic Business Risk Management
● Maturing Discipline
● Understanding Interdependencies
● Holistic Risk Mitigation
6
Business Growth & Risk Taking
● Risk is inevitable.
● Risk-free business is impossible.
● Embracing risk boosts performance.
● Rational risk decisions.
● Effective risk management offers an edge.

7
Risk & Opportunity
● Board evaluates opportunities and risks
● Effective risk management reveals opportunities
● Innovative risk policy for value growth
● ERM supports strategy and maximizes opportunities

8
Role of Boards
● Board accountability
● Risk control
● Entrepreneurial prudence
● Company knowledge
● Balance short-term/long-term
● Competitive awareness
● C-level risk leader

9
 Role of Boards & Integration of Risk Management
● Four main functions:
○ Policy formulation
○ Strategic thinking
○ Supervisory management
○ Accountability

10
 Primary Objective of a Business
● Business’s primary objective:
○ Maximize shareholder wealth in the long-term
○ NOT maximizing profits in the short-term.
○ Because, at times short-term profit maximization could be harming
the long-term wealth maximization.
● Boards guide towards a good-learning environment.

11
The Bad-learning organizations

12
The Good-learning organizations

13
Enterprise Risk Management
● Integrate ERM into internal controls
● Align ERM with internal controls
● Multifaceted ERM addresses all aspects of the business plan:

• Strategic plan • Forecasts and financial data

• Marketing plan • Financing
• Operations plan • Risk management processes
• Research and development • Business controls
• Management and organisation

14
Benefits of ERM
● Important to keep in mind:
○ No risk management process can create a risk-free environment.
○ An organisation’s risk exposure profile is never static.
● Benefits:
○ Achieve business objectives
○ Build stakeholder confidence
○ Ensure legal and regulatory compliance
○ Align risk appetite with strategy
○ Strengthen resilience
○ Enhance governance practices

15
Benefits of ERM Contd.

● Benefits Contd.
○ Minimize operational surprises
○ Improve risk response decisions
○ Optimize resource allocation
○ Rationalize capital allocation
○ Link growth, risk, and return
○ Identify and manage enterprise-wide risks
○ Enhance organizational learning

16
 ERM Structure
● ERM: Integrated framework for
company-wide risk management to
maximize value
● Seven main elements:
1. Corporate governance
2. Internal control
3. Implementation of internal control
4. Risk management framework
5. Risk management policy
6. Risk management process
7. Sources of risk

17
 ERM Structure Contd.

● Corporate governance:
○ Corporate governance guides
ERM
○ Board oversees risk
management systems
○ Defines risk strategies and
disclosures

18
 ERM Structure Contd.

● Internal Control:
○ Understanding Internal Controls
○ Hierarchy of Controls
○ Purpose of Risk Management

19
 ERM Structure Contd.

● Implementation:
○ Use internal or external resources for
risk management.
○ Ensure clear mapping,
communication, and agreement on
parameters

20
 ERM Structure Contd.

● Risk Management Framework:

○ Integrates risk management: Core
activity
○ Ensures comprehensive risk
reporting: Informed decisions
○ Facilitates proactive risk approach:
Enhances resilience
○ Steps 2 to 5 iterative: Continuous
improvement

21
 ERM Structure Contd.

● Risk Management Framework Contd. :

○ Step 1: Mandate and Commitment
■ Top-Down Implementation
■ Continuous Evaluation
○ Step 2: Design Framework
■ Embed practices at all levels
■ Effective communication
○ Step 3: Implement Framework
■ Careful timing and training
■ Comprehensive risk management
plan
22
 ERM Structure Contd.

● Risk Management Framework Contd. :

○ Step 4: Monitor Framework
■ Regular reviews
■ Performance evaluation
○ Step 5: Improve Framework:
■ Amend based on monitoring
■ Refine practices for optimal
decision-making

23
 ERM Structure Contd.

● Risk Management Policy:

○ Purpose and Objectives
○ Roles and Responsibilities
○ Implementation and Process
○ Scope and Coverage
○ Stakeholder Interests
○ Confidentiality and Review
○ Integration with Corporate
Governance
○ Policy Presentation
○ Organizational Commitment
24
 ERM Structure Contd.

● Risk Management Process:

○ Analyze risk management process
○ Evaluate each component’s
contribution
○ Seven Stages of Risk Management:
■ Context
■ Identification
■ Analysis
■ Evaluation
■ Treatment
■ Monitoring/Review
■ Communication/Consultation
25
 ERM Structure Contd.

● Risk Management Process Contd. :

○ Sequential yet Iterative Process:
■ Activities often follow a sequential order.
■ Iteration occurs as new risks are identified.
■ Revisiting and repeating earlier processes
ensures comprehensive risk management.
■ Continuous loop from identification to risk
response actions implementation

26
 ERM Structure Contd.

● Sources of Business Risk:

○ Internal Processes:
■ Decision-making
■ Operational efficiency
■ Internal policies and procedures
○ Business Operating Environment:
■ Market conditions
■ Regulatory changes
■ Technological advancements
○ Evolution from Traditional PEST
Analysis:
■ PEST: Political, Economic, Social, Technological
influences
■ Enhanced: Includes internal & external risks
27
…

28
Sources:
1. Simple Tools and Techniques for Enterprise Risk Management, Chapman, R.J., Wiley, 2006
2. The Fish Rots from the Head, B. Garratt, Profile Books Ltd.

29