RISK ASSESSMENT PROCESS EVALUATION REPORT

RISK ASSESSMENT PROCESS EVALUATION REPORT

By Name

Course

Tutor’s Name

Institution

19th, April, 2012

 

 The ‘risk assessment process’ assignment tackled in my group was well done, and satisfactory. Therefore, I was pleased with how the group handled the whole assignment to arrive at the final product. It was important for group members to co-ordinate at various stages, and be committed to the work through all the stages of the assignment. This involved immense researching, which could not be performed much better by a single individual. Although various challenges were experienced at the group level, effective organization and leadership among the group members helped to overcome the challenges.

Most organizations today are mainly concerned with the processes of risk management, assurance, control, and governance. With regard to risk management, a company must treasure its assets, whether they are a source of profit for the company or not, since these remain valuable to a company’s stakeholders. Therefore, risk management mainly protects the company and its valuable assets from destruction, which presents itself in different forms. The assets of a company also include employees; therefore, risk management also puts company employees into consideration, protecting them from potential harm, or outlining strategies to be used in case of risk (PriceWaterHouseCoopers n.d).

The risk assessment process for the group involved the construction industry in the United Kingdom. For the sake of specificity, the group settled on the ABC Builders & Maintenance Contractors Ltd in the UK, as the company of study. As a group, the main research, which was in-depth, was conducted through referring to a variety of textbooks and lecture notes. This was one of the good things about the work, since the group had access to a wide range of information about the case. Therefore, valuable information could be accessed, and this increased the reliability and authenticity of the submitted group work.

Using the COSO Enterprise Risk Management framework, the risk assessment process was able to address the aspect of value creation in the company addressed. This provided a highlight of the strategies the company could deal with future events that are a source of uncertainty in the company (COSO 2004). In addition, the strategies recommended could be instrumental in helping the company avoid future negative outcomes while increasing the probability of its future positive outcomes. COSO Enterprise Risk Management framework is useful, as it offers the description of important concepts, suggests a common language, and acts as a guide for enterprise risk management (COSO 2004).

Therefore, using the COSO Enterprise Risk Management framework, the assigned risk assessment process was conducted on all the various levels of the company, including the enterprise level, subsidiary, as well as the business unit processes. Through this, it was established that the management of a company has a role to play in the determining how different risks in a company might interact. Company management too should perform own risk assessment, monitoring, and response and control of risks in the company. This is because, it is more useful to invest in risk management than waiting for risks to happen, and then spend vast company resources in risk mitigation (Hiles, 2004).

With regard to internal environment, the risk assessment clarified that in this company, any risk was capable or not capable of occurring. In addition, this used past records to establish and develop the trends in the company’s risk. Therefore, from this, the company could be in a position to determine the kind of risk, which would be more likely to happen at a particular period. Furthermore, this assessment process put in consideration other different aspects in the business, which are more likely to affect the likelihood of a risk to happen in the company (Curtis & Carey 2012).

According to Rizal & Tahir (2011), objective setting is another important area of the Enterprise Risk Management framework, which the risk assessment process focused on, since this has the capability of influencing on the probability of risk occurrence. First, it was important to inspect the goals and objectives of the involved company. This was with the main aim of finding out if the issue of risk and risk management was part of the priorities, which the government had set. If a company includes aspects of risk management in its goals, this means that at least the company might be putting in more efforts in ensuring that the company is protected from risks, or in a better to handle any types of risks that might affect it without expecting. Therefore, this shows that the company has invested in preparedness, as a way of managing potential risks. It is thus, quite clear that the efforts of the management in prioritizing and encouraging risk management activities in the company contribute significantly to the nature of future risks to be experienced by the government, as well as the degree and influence of the risk (Borhesi & Gaudenzi 2012).

In addition, the COSO Enterprise Risk Management framework, with regard to objective setting, is crucial, as it determines the risk appetite of the company. Therefore, the risk appetite of the company will be high, if the management of the company does not put into consideration, major risk factors in the company, and does not plan or exhibit any strategies for risk management (Rittenberg & Martens 2012). Similarly, the company’s level of risk tolerance is a major aspect that was clear in the objective setting, which also determines whether a company will experience specific risks or not. Nonetheless, the involved company in the risk assessment was cautious of risks, and had adopted considerable amount of strategies, which would be vital and applied to a risk situation. In addition, the company budgeting was inclusive of risks, thus showing the company’s awareness of risk occurrence.

With regard to event identification, it is clear that certain events in a company might determine the occurrence of risks. These events can be divided into two major categories, including positive and negative events. Basing on the type of event, risks, and opportunities in the company might be established. While positive events present opportunities to the company, negative events result in risks. Therefore, by identifying and assessing the different events taking place in the company, including relevant business functions, it was possible to determine how each event influences the capability of the company to achieve its objectives and goals. Nonetheless, both internal and external events are vital, as these together develop the risk profile of a company (Cohrssen & Covello 1999).

Through the risk assessment of the company, various avenues were identified through which events in the company could influence company goals. Risk assessment was conducted in two major phases, including likelihood and impact. This involves both measuring the impact of risk in the company, and determining the possibility that risk would occur in the company. During risk assessment, there was use of different methodologies, including qualitative and quantitative methodologies. This would ensure that appropriate and reliable information is gathered about risk in the company, and which would be instrumental in helping the company to strategize for risk control (Hester 1998).

Nonetheless, risk response was also addressed, and this identified considerable possible responses by the company to the identified risk situation in the company. In addition, control activities were as well identified, which comprise policies and functions a company adopts to respond to risk. This must occur at all company levels, since as observed, different company levels can experience risks. Additionally, this might apply both use of knowledge and technology adopted by a company. Other aspects in a company, which were mentioned as important in risk response and control, include communication, risk monitoring by the risk officers, internal control system, among others (IMA 2007).

Nonetheless, the assignment was a source of important insight into the construction industry in the UK, including its safety levels and UK safety statistics. Through the assignment, major causes of injuries and fatalities in the UK construction industry were identified. In addition, through the group assignment, it is possible to make a comparison of the safety situation in the UK construction industry and the construction industry in other countries, thus rating the health and safety standards in the UK construction industry.

The risk assessment conducted depended on different case studies of the ABC Builders & Maintenance Contractors Ltd and other construction companies in the UK, to come up with final conclusions about the risk these were exposed to. Nonetheless, through the various case studies, it was eminent that construction sites should take seriously all the health and safety factors in construction, as these matter and contribute to risk. Risk assessment was conducted on the case study, thus increasing the ability of individual group members to look into an accident and device ways through which an accident could be prevented. Nonetheless, each individual was involved in the risk assessment process at different levels, and this boosted  a person’s knowledge about risk and risk management in companies. However, although this was an insightful project, one thing I would have wanted is that the course would have been introduced to us in previous levels of university education. This would have allowed for vast knowledge on risk and risk management, which most students would have applied in their professions. Nonetheless, this provides great knowledge, which is still applicable to most companies, thus, it is clear that this knowledge will be of use in my profession.

 

 

Works Cited

Borhesi, A. & Gaudenzi, B 2012, “Risk Management: How to Assess, Transfer, and

Communicate Critical Risks,” Springer, London.

Cohrssen, J. & Covello, V 1999, “Risk Analysis: A Guide to Principles and Methods for

Analyzing Health and Environmental Risks,” DIANE Publishing, London.

COSO 2004, “Enterprise Risk Management –Integrated Framework: Application Techniques,”

Viewed 19 April 2013 < http://www.ma.hw.ac.uk/~andrewc/erm2/reading/ERM%20-       %20COSO%20Application%20Techniques.pdf >

Curtis, P. & Carey, M 2012, “Risk Assessment in Practice,” COSO, Viewed 19 April 2013

<http://www.deloitte.com/assets/DcomUnitedStates/Local%20Assets/Documents/IMOs/Governance%20and%20Risk%20Management/us_grc_coso_riskassessment_102312.pdf >

Hester, R 1998, “Risk assessment and risk management,” Royal Society of Chemistry, New

York.

Hiles, A 2004, “Enterprise Risk Assessment and Business Impact Analysis: Best Practices,”

Rothstein Associates Inc, New Jersey.

IMA 2007, “Enterprise Risk Management: Tools and Techniques For Effective Implementation,”

Viewed 19 April 2013 <http://poole.ncsu.edu/erm/documents/IMAToolsTechniquesMay07.pdf >

PriceWaterHouseCoopers n.d, A practical guide to risk assessment,” Viewed 19 April 2013 <

http://www.pwc.com/en_us/us/issues/enterprise-risk-

management/assets/risk_assessment_guide.pdf >

Rittenberg, L. & Martens, F 2012, “Enterprise Risk Management: Understanding and

Communicating Risk Appetite,” COSO, Viewed 19 April 2013 <

http://www.coso.org/documents/ERMUnderstanding%20%20Communicating%20Risk%20Appetite-WEB_FINAL_r9.pdf >

Rizal, A. & Tahir, M 2011, “Review of the Literature on Enterprise Risk Management,” Viewed

19 April 2013 < http://bmdynamics.com/issue_pdf/bmd110159_Malaysia_8_16.pdf >

Use the order calculator below and get started! Contact our live support team for any assistance or inquiry.

[order_calculator]