Opening Prayer

Our Father in Heaven, we thank You for this wonderful day, for the good health and the blessings of
a family.
As we come to your presence, please forgive us our sins as we forgive those who sinned against us.
 CHAPTER I

RISK MANAGEMENT
CONCEPTS AND
PRINCIPLES
Objectives:
1. Basic knowledge of risk management.
2. Understand the elements of the risk management.
3. Know the importance of risk management plan and
considering the various potential risks or events before they
occur.
4. Understand the benefits of risk management framework.
5. Appreciate the principles of risk management.
6. Know the risk management process.
 What is Risk Management?

Risk management is the process of identifying,

assessing and controlling threats to an organization's
capital and earnings. These threats, or risks, could stem
from a wide variety of sources, including financial
uncertainty, legal liabilities, strategic management errors,
accidents and natural disasters.
Risk Defined

It is the possibility of something bad happening. Risk

involves uncertainty about the effects/implications of an
activity with respect to something that humans value (such
as health, well-being, wealth, property or the environment),
often focusing on negative, undesirable consequences.
Many different definitions have been proposed. The
international standard definition of risk for common
understanding in different applications is “effect of
uncertainty on objectives”.
Risk according to UNWTO is a situation that
exposes someone or something to danger harm or
loss. Risk can be a physical safety matter, a risk of
property loss, a financial business risk, and more.
From the moment a person engages himself in the
business, whether a sole proprietorship, partnership,
or corporation, the risk immediately attaches.
Example:

1. Food handling is one issue that must be adequately

addressed whenever someone prepares food for the
customers. The danger of food poisoning due to the
contamination of food is high if the necessary precaution
based on standards will not be followed. The government
has provided regulations that must be complied with by any
business ventures to make sure that the danger or harm is
mitigated. Food sanitation permit is a mandatory
requirement for businesses in the food industry.
Example:
2. It is an inevitable practice in both tourism and
hospitality businesses to get the necessary
information about their guests and clientele for
security reasons, not only on the part of the guests
but also on the part of the management as well.
The giving and obtaining information per se is
considered risk in itself that must be safeguarded
accordingly
What is Hazard?

It defined as a potential source of harm. Substances,

events, or circumstances can constitute hazards when
their nature would allow them, even just theoretically, to
cause damage to health, life, property, or any other
interest of value. The probability of that harm being
realized in a specific incident, combined with the
magnitude of potential harm, make up its risk, a term
often used synonymously in colloquial speech.
RISK VS. HAZARD
Accordingly, hazard pertains to any source of potential damage,
harm or adverse health effects on something or someone, while risk
is the chance or probability that a person will be harmed or
experience an adverse health effect if exposed to a hazard. It may
also apply to situations with property or equipment loss, or harmful
effects on the environment.

According to workSMARK, (n.d.) a hazard is something that can

cause harm while a risk is a chance that any hazard will cause harm
to somebody.
 What are the Benefits of a Risk Management
Framework?

• Enables identification of threats and opportunities for an

agency.
• Improves and informs the planning process.
• Reduces likelihood of costly “surprises”.
• Contributes to improved resource allocation.
• Improves efficiency and performance.
• Improves accountability.
• Encourages continual improvement.
 Seven Key Questions
A good risk management framework seeks to answer these basic
questions:

• What are we trying to achieve?

• What events or circumstances that could affect the achievement of our
objectives?
• What are the consequences?
• How likely are these events?
• What can we do to manage these outcomes?
• How will we maximize opportunities?
• Can the organization recover if a risk eventuates?
Principles of Risk Management
There are specific core principles in regards to risk management.
When looking to perform an actual risk assessment, the following
target areas should be part of the overall risk management
procedure (as defined by the International Standards Organization;
ISO):
● The process should create value
● It should be an integral part of the organizational process
● It should factor into the overall decision-making process
● It must explicitly address uncertainty
● It should be systematic and structured
● It should be transparent and all-inclusive
● It should be dynamic and adaptable to change
● It should be continuously monitored and improved upon as the
project moves forward
● When first addressing a risk management procedure for a
project, take note of the aforementioned principles to ensure
that your specific assessment is matching up with the core
ideals as defined by ISO
● It should be based on the best available information
● It should be tailored to the project
● It must take into account human factors
 Risk Management Process

There is a specific procedure that one should follow when it comes to

performing a risk assessment. The overall process can be itemized as
follows:
1. Identification – Perform a brainstorming session where all conceivable
risks are itemized
2. Planning – Once defined, plan for contingencies as part of the overall
project plan; implement controls as needed
3. Derive Safeguards – Place specific ‘fallbacks’ into the overall project
plan as contingencies for risks if they arise
4. Monitor – Continuously monitor the project to determine if any defined
(or un-expected) risks manifest themselves
 Content of a Typical Risk Management Plan
• A statement of the risk management policy
• Details of the scope and objectives of risk management in the
agency
• Consistent risk management language and definitions
• Integration with other management practices and procedures
• Risk assessment criteria (consequence and likelihood ratings)
• Description of the internal and external context in which the agency
operates
• List of analyzed risk
• Summary of the risk treatment plan
• Outline of the risk reporting protocol
• Outline of the monitoring and review program
 Embedding Risk Management

Fit for purpose? Risk management should be embedded in

all the organization’s practices and processes in a way that it
is relevant, effective, and efficient. The risk management
process should become part of, and not separate from,
those organizational processes. In particular, risk
management should be embedded into the policy
development, business and strategic planning and review,
and change management processes.