Академический Документы
Профессиональный Документы
Культура Документы
Whatever the reason for wanting to understand and control risks, in every manufacturing
process there will be a need for a comprehensive risk identification, risk assessment, risk
measurement, risk minimization and risk monitoring program. Such a program will need to
encompass all aspects of the business to ensure all key areas of risk concern are captured.
CATEGORIES OF RISK
Strategic risks the organization faces that may affect the validity of its strategy for
pursuing growth opportunities
Operational risks that might affect key operations of the organization in executing its
strategy
2.WHO ARE THE RISK MANAGER? WHAT ARE THE FUNCTIONS OF RISK
MANAGER?
Risk managers work with companies to assess and identify the potential risks that may hinder
the reputation, safety, security and financial prosperity of their organisation.
Once these risks have been identified, assessed and evaluated, risk managers are then tasked with
implementing processes and procedures to ensure that their client is fully prepared to deal with
any potential threats.
A risk manager’s job is inspired by the mantra, “prevention is better than cure.” It’s all about
avoiding threats and mitigating the effects of those which are essentially unavoidable.
Risk management careers are highly analytical and a large part of your time will be focused on
conducting detailed risk assessments. This process involves analysing documents, statistics,
reports and market trends. You’ll also be required to assess the organisation’s previous risk
management policies and protocols.
Responsibilities
Conflicts of Interest
A conflict of interest could be defined as a situation that occurs when a person or company acts
in a manner to promote self-interests rather than the established best interest of the business or
customer. A conflict of interest may cause a situation that is unethical, that violates current
policy or the law, or all of the above.
Dealings involving insiders – Dealings with persons or entities connected with the [company] in
a way that might affect its judgment represent a potential conflict of interest or self-dealing
activity.
Inappropriate financial benefit – A [company] may gain an inappropriate financial benefit if it
generates additional fee-based business for itself or an affiliate in one of the following ways: by
using an affiliated company’s income-producing services, by charging undisclosed fees to
accounts for security transactions, or by receiving payment for other services that are normally
included in fiduciary administration fees. If a [company] obtains financial benefits (including
goods and services) from a service provider (whether affiliated or not), the benefits must be
authorized and must not be provided in exchange for using that provider.
Employees’ unethical conduct – Employees’ unethical conduct can undermine the [company’s]
ability to fulfill its duty of loyalty to [customers and vendors]. A [company] that publishes a code
of ethics for employees that clearly communicates the [company’s] expectations may reduce the
risk of unethical conduct. Management should have monitoring systems in place to detect
employee conduct that conflicts with the [company’s] responsibilities. Systems should be
sufficient to alert the [company] when a [company] employee serves [a customer or vendor of]
the [company] for a fee, competes with the [company], receives loans from fiduciary clients,
accepts gifts or bequests from fiduciary clients, receives goods and services from vendors, or
executes personal securities transactions that are counter to the best interests of account
beneficiaries.
Bribery
“The act of taking or receiving something with the intention of influencing the recipient in some
way favorable to the party providing the bribe. Bribery is typically considered illegal and can be
punishable by jail time or stiff fines if authorities find out about the bribe.”
To be considered a bribe, the thing given or accepted generally must be of some significant
value; however, many organizations take a zero-tolerance approach to gift value. Even a gift or
gratuity of little monetary value, if it influences the actions of the receiver, could be considered a
bribe. Some organizations follow IRS guidelines for de minimis benefits. In general, a de
minimis benefit is “one for which, considering its value and the frequency with which it is
provided, is so small as to make accounting for it unreasonable or impractical.” Usually,
traditional practices or customs in the workplace, such as giving birthday cakes or holiday foods,
are excluded from bribery prohibitions. It is unlikely these types of things sway anyone’s
judgment, and no one wants vendors to stop sending complimentary boxes chocolates or fruit
baskets for the Christmas or New Year holidays!
Compliance Management
Most sound business practices begin with an established commitment by management and a
stated policy, and, the management of conflicts of interest, ethics, and prohibitions on activities
like bribery or kickbacks is no different.
Codes of Ethics or Conduct – The stated commitment to and general guidelines about ethics,
conflicts of interest, and other expectations are the starting point. Most large companies have a
published code of ethics—a set of general guidelines to encourage employees to behave ethically
and responsibly and others may implement a policy of the same nature. Smaller institutions may
have a more informal approach, but, any commitment by management must be clearly
communicated to all employees. Training is a good idea.
Organizations often have established codes of ethics based on the industry or trade. For example,
both the National Association of Mortgage Brokers and the Florida Association of
Mortgage Professionals have a Code of Ethics, and there are many more.
Monitoring and auditing for compliance – Periodic reviews of company operations or records
should include compliance to ethical standards as well as legal and regulatory requirements.
When faced with situations that feel like they might be unacceptable, stop and think, “Do we
have a code of conduct or something similar that covers this?” If not, consult management for
direction. In any case, if the hairs on the back of your neck are bristling, proceed with caution. It
could be the best pause you ever take.
Every business faces risks that could present threats to its success.
Risk is defined as the probability of an event and its consequences. Risk management is the
practice of using processes, methods and tools for managing these risks.
Risk management focuses on identifying what could go wrong, evaluating which risks should be
dealt with and implementing strategies to deal with those risks. Businesses that have identified
the risks will be better prepared and have a more cost-effective way of dealing with them.
This guide sets out how to identify the risks your business may face. It also looks at how to
implement an effective risk management policy and program which can increase your business'
chances of success and reduce the possibility of failure.
whether there are any US companies which have the cash/share price to do this
whether there are any Canadian competitors who could be a takeover target, perhaps
because of financial difficulties
whether the US company would lower prices or invest more in research and development
Where there's a strong possibility of this happening, you should prepare some sort of response.
Compliance risk
Compliance risks are those associated with the need to comply with laws and regulations. They
also apply to the need to act in a manner which investors and customers expect, for example, by
ensuring proper corporate governance.
You may need to consider whether employment or health and safety legislation could add to
your overheads or force changes in your established ways of working.
You may also want to consider legislative risks to your business. You should ask yourself
whether the products or services you offer could be made less marketable by legislation or
taxation – as has happened with tobacco and asbestos products. For example, concerns about the
increase in obesity may prompt tougher food labelling regulations, which may push up costs or
reduce the appeal of certain types of food.
Identifying financial risk involves examining your daily financial operations, especially cash
flow. If your business is too dependent on a single customer and they are unable to pay you, this
could have serious implications for your business' viability.
You might examine:
Rate changes will affect your debt repayments and the competitiveness of your goods and
services compared with those produced abroad.
Operational risks
Operational risks are associated with your business' operational and administrative procedures.
These include:
recruitment
supply chain
accounting controls
IT systems
regulations
board composition
You should examine these operations in turn, prioritise the risks and make provisions for such a
risk happening. For example, if you are heavily reliant on one supplier for a key component you
should consider what could happen if that supplier went out of business and source other
suppliers to help you minimise the risk.
IT risk and data protection are increasingly important to business. If hackers break into your IT
systems, they could steal valuable data and even money from your bank account which at best
would be embarrassing and at worst could put you out of business. A secure IT system
employing encryption will safeguard commercial and customer information.
There are some tools you can use to help evaluate risks. You can plot on a risk map the
significance and likelihood of the risk occurring. Each risk is rated on a scale of one to ten. If a
risk is rated ten this means it is of major importance to the company. One is the least significant.
The map allows you to visualise risks in relation to each other, gauge their extent and plan what
type of controls should be implemented to mitigate the risks.
Prioritising risks, however you do this, allows you to direct time and money toward the most
important risks. You can put systems and controls in place to deal with the consequences of an
event. This could involve defining a decision process and escalation procedures that your
company would follow if an event occurred.
Use preventative measures for business continuity
Risk management involves putting processes, methods and tools in place to deal with the
consequences of events you have identified as significant threats for your business. This could be
something as simple as setting aside financial reserves to ease cash flow problems if they arise or
ensuring effective computer backup and IT support procedures for dealing with a systems failure.
Programs which deal with threats identified during risk assessment are often referred to
as business continuity plans. These set out what you should do if a certain event happens, for
example, if a fire destroys your office. You can't avoid all risk, but business continuity plans can
minimise the disruption to your business.
Risk assessments will change as your business grows or as a result of internal or external
changes. This means that the processes you have put in place to manage your business risks
should be regularly reviewed. Such reviews will identify improvements to the processes and
equally they can indicate when a process is no longer necessary. Choose the right insurance
to protect against losses
Insurance will not reduce your business' risks but you can use it as a financial tool to protect
against losses associated with some risks. This means that in the event of a loss you will have
some financial compensation. This can be crucial for your business' survival in the event of, say,
a fire which destroys a factory.
Some costs are uninsurable, such as the damage to a company's reputation. On the other hand, in
some areas insurance is mandatory.
Insurance companies increasingly want evidence that risk is being managed. Before they will
provide cover, they want evidence of the effective operation of processes in place to minimise
the likelihood of a claim. You can ask your insurance adviser for advice on appropriate
processes.
Insurance products
You can use a business interruption policy, for example, to insure against loss of profit and
higher overheads resulting from, say, damaged machinery.
You may also want to consider:
Key man insurance is designed to cover you for the financial costs of losing key personnel.
Group life assurance is provided by employers as part of a benefits package and pays out a lump
sum to an employee's family should the employee die.
As a result:
The websites operators cannot take any responsibility for the consequences of errors or
omissions.
You should always follow the links to more detailed information from the relevant
government department or agency.
Any reliance you place on our information or linked to on other websites will be at your
own risk. You should consider seeking the advice of independent advisors, and should always
check your decisions against your normal business methods and best practice in your field of
business.
The websites operators, their agents and employees, are not liable for any losses or
damages arising from your use of our websites, other than in respect of death or personal injury
caused by their negligence or in respect of fraud.