Risk Management in Organizations - Essay Example

? Risk Management in Organizations Introduction In the modern competitive world, where globalization is the culture, innovation is the state of moving forward, and technology is a notion, risk is an ever existing factor for the modern organizations. This factor of influence is persistent, inevitable and highly challenging for modern organizations because it is comprehensive in its existence and requires major competency approach of organizations to get it dealt, controlled and managed. This report is investigating “Risk” which is a highly influential factor for organizations in the modern appearance. The study aims to investigate that how risk is challenging and can be undermining for organizations if not dealt or encountered at the first level. How risk can be assessed, dealt and managed are further areas of study in this report. The objective here is to understand the risk in the wider perspective in order to apply the models and principles of risk management effectively. The Conception of Risk in Organizations According to the contemporary literature, risk is an uncertainty, which revolves around every modern organization. It is an uncertainty which organization carries throughout its life period. The periods of success and certainly the period of failures are filled with risk and uncertainty (Damodaran). Risk is actually an effect or a consequence that attaches to an organization due to its environment. Environment is one major source of risk and therefore, it is the environment that inputs risk in organization’s structure, culture and system altogether (Damodaran 5). Risk is actually a state of vulnerability. When organizations are vulnerable to their environments, they carry the influential factor of risk or uncertainty. Actually, all organizations are vulnerable, but only those are less vulnerable or more protected which know how to deal with the risk’s influence (Pathak 570). The risk influence is of two types - internal and external. Internal risk influence comes from the culture, political system and value system of organization and certainly the outer or external risk influence comes from the environment of the organization. Market risks, financial risks, political risks, economical or social risks are all external risk influences which an organization takes from its environment (Buehler and Freeman). Similarly, the cultural risk, the decision making risk, the risk in the leadership style of practice, and risk in the management style are certainly internal risk influences. From this understanding it can be elaborated, that risk management in organizations is all about managing these two types of risk influences - internal and external risk influences. When both internal and external risks are managed or controlled, the organization is freer on its progress, performance and deliverance states. So the need is to focus on these two types of risks (internal and external) which evolve with organization system intangibly and precisely (Damodaran 8). The example of risk can be taken from an organization, which is moving and expanding to a new international market. The risks of the environment of that new market will certainly be the risk channelized to the expanding organization (Andersen and Schroder). The organization will be catching political, social, economical and cultural risks from the environment of the new market. Another example of risk can be taken from the organization merging with a new organization. The risks of the merger will directly influence both the organizations. In that case, risk will be divided, but still left for both organizations to manage it collaboratively (Andersen and Schroder 10). When is a Risk not a Risk? Risk as a Threat In the modern perspective, risk is described as a highly probable event. As the risk’s probability is higher the probability of its consequences is higher too as it is a foreseen and known event in modern organizations (Buehler and Freeman). By knowing the risk and risk consequences, analysts can easily judge and decide when and how to manage risk at the first instance. From all this understanding, it can be elaborated that if the risk is not controlled or managed at the first level can appear in the form of threat or disaster, which is a low-probability event (Buehler and Freeman 2). When risk appears in the form of low-probability event in organizations, it is a major threat for organizations because in that case organizations are more vulnerable and risk affected. The British Petroleum’s Deepwater Horizon disaster 2010 describes the same form of risk, which circulated the organization for three years period (Hampton). It was after three years of the appointment of Tony Hayward as a CEO of the company, BP faced this massive disaster of oil spill. It is one of the major man-made disasters counted in history. The disaster was caused because the CEO Tony Hayward did not prioritize safety as a first thing to manage. Neglecting the safety aspect which was actually a highly probable risk prevailing within British Petroleum, the company faced the major disaster which was a sudden and low-probability event (Hampton 278). The case of British Petroleum depicts that if the risk is not managed or controlled at the first level, it becomes a low-probability event, which is a threat or a disaster for the organization. The need is to manage risk at the first level in order to prevent it for becoming a low-probability event, which is a disaster. A low-probability event brings major consequences. It brings consequences that cannot be controlled or managed (Hampton). After the oil spill disaster, British Petroleum paid a major price. The company paid the price in the form of legal penalties, maintenance costs and costs of readjustments of the technical faults. All this understanding elaborates that risk needs to be addressed in a pro-active manner. It has to be addressed right at the first instance, and right at the time risk emerges or appears in the organization. A proactive approach is a significant and mandatory one to address risk in organizations (Buehler and Freeman 2). Risk as an Opportunity Risk becomes an opportunity, when strategists view it in that manner. Understanding risk as an opportunity actually makes it an opportunity in organizations. When strategists view risk from the wider perspective, take the holistic view of it, they will understand that it has two sides of appearance and existence (Andersen and Schroder). One side of risk is negative, but the other side of it is always positive. Recognizing this positive side of risk makes it an opportunity in organization. Positive thinking and positive attitude can make this happen, can view risk as an opportunity and a benefit to retrieve (Hampton). It is understood from the organizational point of view that bigger organizations become bigger only because they are capable of taking big risks. What does that mean? It means that such organizations are capable of transforming risk to an opportunity (Kaplan). Considering risk as an opportunity only can make it happen. This is the art and a secret of success which almost all world’s successful organizations perform and practice (Andersen and Schroder). It is an art that changes the natural state of risk. It changes risk from threat to an opportunity. This art actually belongs to visionaries, to people who are leaders in their instinct and to people who are capable of taking bigger challenges and stronger decisions (Kaplan). He was Bill Gates who was behind the success of the billion-dollar company Microsoft Corporation. He was Walter Disney who gave the vision to the world’s top animation industry the Walt Disney. He was Steve Jobs who discovered the largest selling innovation of Apple Inc. He was Robert Noyce who gave the world the inception of the Intel Corporation. All these people are visionaries. They are people who are capable to look beyond risk factor and influence. The secret of their success is only one, and that is that they are capable of making the risk an opportunity (Buehler and Freeman 5). They provided their organizations the same ideology, the same culture in which risk is considered as an opportunity and not a threat. Locating risk as an opportunity is the method of these visionaries, which is actually a method to transform risk to an opportunity. When risk is an opportunity, it is not in its real state. It is not risk anymore as it is something that can be retrieved or recovered as a benefit. Therefore, it can be asserted that risk is not a risk, when it is an opportunity (Andersen and Schroder). Understanding Risk using the Risk Breakdown Structure Understanding the Nature of Risk In the contemporary organizational practice, it has been noted that risk managers mostly face problems in the stage of risk assessment (Hillson). They face problems as the stage is most critical and requires a very proactive and profound approach of risk managers to identify risk in the clearest manner. One of the reasons why risk managers face problems in this stage is that they do not have the right tool or model to identify the risk pattern. Moreover, there are organizations which do not have proper risk control and assessment strategies and due which the problems are more prominent on risk managers at the time of risk assessment (Hillson 87). Risk assessment requires intelligent and workable risk management systems. It requires proper and deliberate planning systems that can engage risk at each decisive level. The effective system of risk assessment is most needed at this stage of risk assessment (Hillson). In the modern perspective, risk needs to be identified with the exact nature of it. Just like the risks of industrial companies, which are of a strategic nature, are different from the risks of financial institutions, which are of financial type (Ayyub). This has to be understood by risk managers that they can only identify risk in its exact form if they are capable of identifying risk in the exact nature of it. It took 25 years to General Motors’ analysts to identify and recognize their nature of risk (Kaplan). They entirely concentrated on large vehicle segment, and when the economic situation got down and energy prices increased, the company did not had the small cost-efficient vehicles to provide to the customers. What happened is that General Motors got retired from its original progress and succession. This is because the company did not identify its true nature of risk; it got down with its ultimate market progress and performance (Kaplan 7). All of this understanding elaborates that risk has to be identified with the exact nature of it. In order to avoid risk to become a threat or an incident, it has to be recognized with its true nature. This is one phenomenon that risk managers have to imply in their stage of risk assessment (Ayyub). Using the Risk Breakdown Structure Model In order to manage risk, the first stage is risk assessment and risk identification. Identifying risk can only make it possible for risk managers to manage risk with effectiveness. There are different tools and models that apply to the stage of risk assessment or risk identification. The Risk Breakdown Structure is one of those effectively applied models that come to the practice of risk assessment (Damodaran). Organizations when undertake different projects of interest, they deploy risk managers with a Risk Breakdown Structure (RBS) to assess and manage risk at each stage of the project. Risk Breakdown Structure is a hierarchical taxonomy to demonstrate and project different types of risks associated to a project (Hillson). RBS projects risks in descending levels where each level is a clear and notable identification of risk. RBS actually works like a checklist for the risk manager as it clarifies that where the problem is and how it can be overcome. According to Ayyub (2003), the Risk Breakdown Structure (RBS) gives the clear projection of the total risk involved in a project. It comes out as an analytical model to describe the total risk exposure on a particular project (Ayyub 55). Level 0 Level 1 Level 2 Level 3 (Ayyub 15) The above model elaborates the four levels of the Risk Breakdown Structure (RBS). The model distributes the risk pattern in four major levels- project risks, management risks, corporate and environment risks. Accumulating all risks brings the total risk exposure on a particular project. This is the risk exposure, which mostly is felt by the project manager on a project. It is a noted fact that when risk managers are up in the stage of risk identification, they try to display it in the Risk Breakdown Structure form (Hillson). The RBS is like a work breakdown structure in organizations, elaborating the nature and exposure of risk for a respective organization (Andersen and Schroder). It is the best-adapted model to describe risk in its purest form. Apart from all, risk managers have to understand that all levels of risk described in the RBS are interrelated to each other. Environment risks bring corporate risks, and corporate risks bring management and project risks respectively. To understand risks of one level, risk manager will have to take knowledge of risk of other three levels (Hillson). The Basics of Project Risk Management As all projects are critical and involve the factor of risk, they require the strategic approach of project risk management, which comprehensively addresses risk and its consequences. Project risk management is a strategic approach that project managers adopt to minimize the risk influence on a project (Hillson). To complete project on time, with optimum material resources and with optimum cost, project managers use the strategic approach of project risk management (Hampton). It is an approach that kills and cleans the two main types of risks from a project, which are internal risks and external risks respectively. Moreover, project risk management is about to transform risk to an opportunity. By identifying risk involved in each of the progressive stage of the project, risk is more probable to become an opportunity. This is the thought and technique, which project risk managers imply when dealing with risk factor (Hampton 20). It is a noted fact that to make a project successful its risk has to be minimized or reduced to a significant level. When risk is overcome the obstruction on the project is lowered, and therefore, the project is closer to success and completion (Kaplan). A project risk manager always uses the proactive style of management. Coming out proactive instead of reactive, a project risk manager aggressively deals with the risk influence. These are all notions that imply to project risk management. If a project has to be successful, these notions are important to be adopted and applied (Hillson). Conclusion and Recommendation Risk is an uncertainty, which every modern organization attaches to it inevitably and intangibly. The periods of success and the period of failures are all filled with the factor of risk. Risk is from internal and external organizational resources. It is a factor of influence that is unavoidable in the progressing organizations. Vulnerability is one form of risk. If organizations are vulnerable, it means they are under the influence of risk. Organizational risk management is all about minimizing the vulnerability state. When organizations have powerful and resourceful risk management systems, they are capable to dealing with the vulnerability. In the contemporary perspective, a culture of risk management is needed to bring effective risk control and management in organizations. It requires visionaries and leaders who can acknowledge the risk as an opportunity and not as a threat. These are the notions, which this report has produced. The notions are adaptable and can be applied in the modern organizational practice. Works Cited Andersen, Torben Juul and Peter Winther Schroder. Strategic Risk Management Practice: How to Deal Effectively with Major Corporate Exposures. London: Cambridge University Press, 2010. Print. Ayyub, Bilal M. Risk Analysis in Engineering and Economics. New York: CRC Press, 2003. Print. Buehler, Kevin and Andrew Freeman. "The New Arsenal of Risk Management." 2008, Web. http://www.hbr.org. 27 December 2013 . Damodaran, Aswath. Strategic Risk Taking: A Framework for Risk Management. New York: Pearson Prentice Hal, 2008. Print. Hampton, John. Fundamentals of Enterprise Risk Management: How Top Companies Assess Risk, Manage Exposure, and Seize Opportunity. AMACOM, 2009. Print. Hillson, David. "Using a Risk Breakdown Structure in Project Management." Journal of Facilities Management 2.1 (2003): 85-97. Print. Kaplan, Robert. "Managing Risk in the New World." 2009. Web. http://www.hbr.org. 28 December 2013 . Pathak, Jagdish. "Risk management, internal controls and organizational vulnerabilities." Managerial Auditing Journal 20.6 (2005): 569-577. Print. Read More