Documentos de Académico
Documentos de Profesional
Documentos de Cultura
By
Dr Safdar A Butt
1
What is Risk?
Risk arises from uncertainty; but all uncertainties
do not carry risk.
Possibility of an unfavorable outcome of an
uncertainty is risk.
Outcome of an uncertainty may even be
favorable. Is that a risk? In certain cases, yes.
2
Why take risks?
Because you have to.
Because it brings rewards.
Risk Aversion
3
Risk Management Process
Risk Identification / Exposure
Risk Assessment
Selection of risk management techniques
Implementation
Review
4
Risk Identification
Risk profile of a company
Formal listing of all potential risks.
External professional help
Risk is inevitable; however unfavorable
consequences of risk can be controlled.
Degree of risk to be assumed
5
Classification of Risk
Production risk
Price risk of inputs / outputs
Reputational risk
Project risk
Environmental risk (weather)
Political risk
Economic conditions risk
6
Risk Assessment
Having listed all the potential risks, ask:
How likely is it for any of these risks to actually
materialize?
What is the maximum possible loss that can
arise from each of the listed situations?
Can you stand that loss?
7
Risk Management Techniques
Risk avoidance
Loss prevention and control
Internal controls
Risk retention
Risk transfer
8
Risk Transfer Modes
Hedging
Options
Insurance
Diversification
9
Implementing the Plan
Get quotes, find the best provider and create a
contract.
Keep reviewing the situation.
Keep revising your risk profile.
Keep a record of cost of risk transfer against
benefits of risk transfer.
Amend plans as necessary.
10
Is risk management a
Corporate Governance issue?
Board is responsible for protection of company
assets.
Board must work to improve shareholders’
value, which is not possible without taking some
risks.
Not taking risks may be the biggest risk.
11
Risk Management Reporting
CC of CG requires:
Audit Committee’s Report
12
Audit Committee’s Report
List significance risks; how they are being
identified, assessed and managed.
Report on effectiveness of the systems put in
place to manage these risks
List of actions being taken to remedy significant
failings or weaknesses
Comment on need for greater monitoring of
procedures
13
Board’s Statement on
Internal Control
Essentially it is about status of internal controls, e.g.
There is an ongoing process for identifying, evaluating
and managing significant risks.
That the process was there during the year under
report.
It is being regularly reviewed by the Board.
14
Turnbull Report
Risk Assessment
Control Environment
Control Activities
Information and Communication
Monitoring
15
Risk Assessment
Clear objectives, clearly communicated to all
concerned.
Significant risks assessed regularly
Market risks
Technological risks (H&S, Environment)
Credit and liquidity risks
Reputational risks, legal risks
16
Disaster Recovery Plans
Disasters happen, or are made to happen.
What plans does a company have to ensure that:
Its operations are restored quickly
Its data is not lost
17
Thank you
Dr Safdar A Butt
18