Quantitative Risk Assessment - Literature review Example

Quantitative Risk Assessment INTRODUCTION Any unwanted event that will disturb the company's operation or project, which may also affect the schedule of the project lifecycle, is considered as risk for the business or for that project. Risk management is a systematic process of identifying potential risk in advance, analyzing the risk with prioritization and then taking precautionary steps to mitigate the risk (The Institute of Risk Management, n.d.). Risk management can be done at two different level; Trading risk management and Firm-wide risk management. Trading risk management involves managing risk at micro level. It usually requires risk management at individual traders. This process quantifies risks, the risk factor proposition and then implementing hedges. While Firm-wide risk management involves management of risk at business unit level or the firm level. The management of risk involves matching risk with the capital to ensure that firm will be able to absorb the risk thus preventing business from solvency (Das, 2006). RISK MANAGEMENT TECHNIQUES Today, every organization is having a risk management department whose core responsibility is managing and mitigating risks that will hinder the firm’s processes. According to Schwulst (2014), risk management is an extensive process divided into different phases; Risk Identification, Risk Analysis and Risk Response Planning (Schwulst, 2014). 1. Risk Identification In this phase of risk management, different tools are used to identify various types of risks that the firm might have to face in the near future. The risk identification is itself an extensive process and requires detailed analysis of the business in order to identify the cause of the problem, because the negligence in this phase of risk management will ruin the outcomes from the entire risk management process. Risk identification process is further subdivided into various stages; 1.1 Information gathering In this stage of risk identification, preliminary information is gathered regarding all the possible factors that can create risk for the firm or its project. Risk managers try to provide the environment to the employee where they can talk freely without any hesitation so that all possible risks could be identified. Risk manager uses following techniques and methods to determine risks within the organization Brain storming sessions Interviewing staff Workshop for facilitation SWOT analysis Assumption analysis Diagrammatic Analysis Risk questionnaire and surveys Expert Judgment Risk identified using above techniques will be categorized by the risk manager in accordance with the type of the risk. The categorization includes financial risk, strategic risk, operation risk and hazard risk (Schwulst, 2014). Financial risk is the risk when the firm’s cash flows are insufficient to meet the financial obligation (Guzman, n.d.). While strategic risk is the risk that is linked to the strategic decision making by the senior management and all personnel involved in the strategy making process (Frigo & Anderson, 2011). Operational risk is the likelihood of loss resulting from inadequate policies, procedures, control and system (Hussain, 2000). Lastly, Hazard risk is the risk that can cause harm and damage to the firm or the staff if proper safety measures are not taken (Wells, 2004). 2. Risk Analysis According to Schwulst (2014), this stage involves assessing and evaluating the risks identified, the level of risk, the events that triggered the risk. The risk assessment will assist the risk manager answer two questions; who might be harmed and how they may occur. There are various methodologies to conduct risk analysis. However, they are divided into two broad categories; Qualitative risk analysis and Quantitative Risk Analysis. 2.1 Qualitative Risk Analysis According to Bartlett (2004) qualitative risk assessment can be done in any of the following ways in accordance to the situation (Bartlett, 2004) 2.1.1 Probability Assessment Probability assessment is the likelihood of the event of risk to happen which is either measured in percentage or range (Bartlett, 2004). So, if the likelihood of the event is more than or equal to 50% then it is considered risky activity for which measures are to be taken to either mitigate or control the level of risk. So in accordance to all risk assessment measures the activities or processes that are having zero or little risk probability are considered to be an issue not risk for the organization. 2.1.2 Impact Assessment According to Bartlett (2004), impact assessment involves evaluating the consequences of the organization’s objectives. In this technique, the risk impact may be categorized as cost, timescale, reputation, safety, revenue, etc. However, word “impact” is used for consequences whether the outcomes are beneficial or threatening (Bartlett, 2004). 2.1.3 Risk breakdown structure This risk assessment technique involves categorizing the risk identified in according to the hierarchical approach. Therefore, the lower level risk activities might be broken down further to identify the cause of the problem thus controlling the risk element. However, the higher risk activities will reflect the probability of its occurrence and the consequences. Categorizing risk related activities in accordance with their level of intensity would assist the risk manager in prioritizing while dealing with each activity (Bartlett, 2004). 2.1.4 Probability-Impact Matrices In accordance to Bartlett (2004), Probability-Impact Matric is used to rank the risk in accordance with their significance level. The assessment derived from probability risk evaluation and impact assessment are each determined against a scale whose impact is measured with respect to the size of the project and the environment. There are different schemes to rank the risk in the matric having probability on one axis and impact on the other axis. The scale used to measure the impact is “high” and “low”. Some combinations give focus on the impact, while the others emphasize on probability. For instance, activities following under high probability and low impact scheme are considered to be less risky because their impact is low, but their chance of occurrence is quite high. But this matric is to be discussed with the stakeholders before the risk assessment begin because it will vary from project to project. 2.2 Quantitative risk assessment Similar to qualitative risk assessment there are several methods to conduct quantitative risk assessment. 2.2.1 Sensitivity Analysis According to Taylor (2009), sensitivity analysis involved varying one variable in a situation and studying the impact that this change has on the outcome. In the case of risk assessment, sensitivity analysis will include an evaluation the type of risk that will have the highest impact on the situation. Thus, each risk will be evaluated one by one by keeping every other element constant. Therefore, sensitivity analysis will help the risk manager in identifying the parameters that will impact the most in the given condition (Taylor, 2009). 2.2.2 Expected Monetary Value Analysis This quantitative risk assessment technique involves calculating average anticipated future impact of the decision. The future impact of risk is calculated by multiplying the probability of the impact with the two or more outcomes of the situation and then summing the two results. The analysis is better interpreted using a decision tree where the outcomes can easily be seen and interrelated (Heldman, 2011). 2.2.3 Modeling and Simulation According to Heldman (2011), the potential risk at various phases of the project can be forecasted into the impact that this risk will have on the project using modeling technique. However, simulation is the technique that involves computing project’s model using different input variable, thus given the probability distribution for the said variable. Both methods forecast their potential impact using the identified risks through probability distribution (Heldman, 2011). 2.2.4 Cost Risk Analysis This technique involves completing the project within the designated budget and simultaneously doing contingency planning for the project in order to mitigate the risk that might occur during the project. The cot risk analysis will help the risk managers to identify all the possible risks that might have an adverse impact on the project’s cost (Hulett, 2012). 2.2.5 Schedule Risk Analysis Similar to cost risk analysis, this method will assist the project manager to identify the risks that will impact the project’s schedule, which will result in delaying of project. The project plan is the tenure in which the project will be completed; therefore, any delays in the project schedule will result in incurring additional project cost than budgeted amount (Hulett, 2012). 2.2.6 Value at Risk According to Best (2000), value at risk is a technique to measure market risk. This method involves measuring the risk of the project that measures the maximum degree of loss at a given confidence level. It is measured in terms of probability. Value at risk is an amount in monetary form that may be loss over a specific period of time (Best, 2000). 2.2.7 Cash flow at risk Cash flow at risk is referred as the difference between the expected cash flow and cash flows in accordance to the confidence level give. This risk measurement helps the risk manager in identifying the creditworthiness of the company if it can pay off its credit and liabilities (Burger, et al., 2008) 2.3 Non –Financial Risk Assessment The non – financial firm may undergo different methodology to evaluate the risk involved. Some of the options for the non- financial firms for risk assessment as mentioned by Carlton (1999), includes: operating leverage, production location, adjustment to production volumes, modifications to business portfolio and diversified portfolio (Carlton, 1999). 3. Risk Response Planning Risk response planning is the process to determine the actions that can be used to mitigate the risk that have previously been identified and evaluated. Risk response plan is created for high-risk activities that are having high probability of occurrence, as well as high impact. There are some techniques that will help the risk manager in risk response planning (Clarizen: the way to work, 2013). 3.1 Risk Reassessment This technique involves a reassessment of the risk on a frequent basis. This process will help the risk manager to keep the track of the risks and their impact during a particular time period. New risk may be identified during the process of risk assessment (Clarizen: the way to work, 2013). 3.2 Risk Audits The identified risk and their root causes should be properly evaluated and documented in order to ensure an effective risk management process. The project manager should ensure risk audits on a frequent basis; however the objective of the audit should be clearly defined before the audit (Clarizen: The way to work, 2013). 3.3 Reserve Analysis This is a comparison between the amount of remaining risk with the amount of remaining contingency reserves which includes time and cost. This analysis will help the risk manager if the contingency reserves of the project are ample enough to deal with the remaining project risk (Clarizen: The way to work, 2013). Theories of Risk Management techniques David Murphy in his book on “Understanding Risk: Theory and Practice of Financial Risk Management” (Murphy, 2008) describes the theories on the concepts of financial instruments along with their associated risks. The author represents that the financial risk management is concerned with the management of financial assets, which are the part of financial institutions. Karol Marek Klimczak in his research paper evaluates and identifies a number of different risk management theories and their implications. Karol Marek Klimczak identifies the Modigliani and Miller Paradigm, which is based on the financial structure and its irrelevance (Klimczak, 2007). All the risk management techniques are the extensions of Modigiliani & Miller theory. The paradigm also studies the implications of hedging strategy. The hedging strategies lower the volatility of cash flows and firm value. Ricardo Rebonato discusses in his research based article on the theory of Model Risk, which covers the theory of sensitivity analysis, which is discussed above, model risk is the risk of that arises due to the fault in the financial model, which may lead to the wrong results (Rebonato, n.d.) The theory also explains the risk of sensitivity analysis, which explains that the wrong input of the data leads to the wrong results. RISK MANAGEMENT OF NON-FINANCIAL FIRMS: Non-financial firms are referred to as non-banking firms or firms that have primary business other than trading in money or its derivative securities. In other words, it includes the companies, which do not deal with investments or financial goods or services. The non-financial firms are different from the financial enterprises in a way that the risk management techniques and methods, which can be used for the financial firms cannot be easily used or adapted for the non-financial firms. One common example is the comparison of the banking industry and the information technology sector. Jeremy C Stein, Stephen E. Usher, Danieal Laguttatu and Jeff Youngen in their research based article A Comparable Approach to Measuring Cash Flow at Risk for Non-Financial Firms (Stein, et al., 2001) explain the difference between the banking and non-banking or non-financial firms risk measurements methods. The article indicates two measures of risks; one is the value at risk (VAR) and the other is the Cash Flow at Risk (CFAR). In order to explain the concepts of risk measurement and management methods identified by Stein et al. (2001), it is necessary to define the concepts & implications of value at risk and cash flow at risk. Value at Risk The value at risk refers to the measure of risk, which identifies the risk of loss in the value of the portfolio of the financial assets. (Best, 1998). The new science of risk management is also referred to as the value at risk. The idea behind this risk management technique is to move away the risk management decisions from the traditional perspectives of using only the volatility as a measure of risk (Chaudhary, 2013). Although, volatility still have valuable importance in risk management, but the flaw that can be observed in volatility, is that the measure does not consider the direction of the movement of the asset price. Contrariwise, the value at risk is focused on the odds of losing money concept. The investors of financial assets such as stocks, bonds, etc. are concerned with the value of money they will lose. In other words, the value at risk identifies and measures the worst case scenario. It can be explained in a way that how much an investor could lose in an appalling month. The three essential components of value at risk include; a) Confidence level b) Time Period c) Loss amount ( Percentage) The above points can be explained with the help of an example i.e. if a stock portfolio has 1 month 5% VAR of $2Million then it refers that there is 0.05 probability that the portfolio value will fall by $2million in 1 month period if there is no trading. The probability refers to the confidence level. The one month period refers to the time period, and the amount of $ 2million identifies the loss amount that the investor can bear. The major criticism of value at risk measure in terms of non-financial firms is that the measure requires the good historical data and the firms with less historic data can find it hard to use value of risk measure as the risk management technique. Cash Flow at Risk It is another important concept of risk management. The cash flow at risk uses the projections of operating cash flows and identifies the probability of losing the actual cash. It conveys information regarding the shortfall in cash flows, which is associated with a pre-defined probability. The concept covers the shortfall in cash flow by the firm over a particular time period (Jankensgard, 2008). Both the concepts described above are referred to as “At Risk” measures. The measures are used more relevant to financial and the investment companies. The companies, which have primary business other than those related to financial services do not find such risk measures and techniques helpful but the Cash flow at risk can be more commonly used for the risk measurement and management of non-financial firms (Das, 2006). Now referring the article by Stein, et al. (2001) again along with the risk management techniques discussed in the literature review above, it can be clearly understood that the value at risk measure is suitable only for financial industry or investment companies. The reason is that the measure requires more information on historical data that reflects the asset prices. The firms like Dell as described in the article (Stein et al., 2001) can use cash flow at risk measure as a technique for risk management. The reason described in the article is that unlike financial firms, non-financial firms find it harder to identify and quantify all sources of risk. The tradable risks such as exchange rate risk can be covered and identified, but the risk is not as much important as other non-financial risks. Risk & Capital Management of Non-Financial Companies Tony Carlton in his article on “ Risk & Capital Management of Non-Financial Companies” (Carlton, 1999) identify the critical difference between the financial and non-financial companies and the risk management techniques used which is mostly adopted by non-financial companies. The Carlton explains that the significant difference between the financial and non-financial firms is that the financial institutions are focused on payment protection and systematic risk, whereas non-financial firms are concerned with corporate governance along with the disclosures information. In terms of assets, financial institutions have the primary business of trading in financial assets whereas the non-financial firms have a balance sheet with major illiquid assets. The most important point, which is discussed by Carlton is that the financial institutions, in terms of the role of risk, take risk management as the key area of focus in business model. Contrariwise, non-financial firms are based on risks arises from other than financial characteristics i.e. physical characteristics. The risk management techniques adopted by non-financial companies include fragmented strategies. Types of Risks Carlton also explains that due to the difficulty of separating the underlying business from the shift in market prices due to interest rates, exchange rates and commodity pricing so the hedging decisions are quite much complex.. The article highlights the following major risks faced by non- financial companies along with their risk management techniques, which are also discussed in the literature review above 1. Strategic Risk 2. Commercial Risk 3. Operating Risk 4. Technical Risks A brief overview of each of these risks along with the help of other literature is as follows I. Strategic Risk: The Risk is referred to as the flaw in the business strategy that may lead to the loss. Non-financial firms face the risk of possible source of loss, which may be the result of failed or ineffective business plan (Pinedo & Walter, 2013) II. Commercial Risk: The risk in which the non-financial firms faces losses from the trading partners or they company may also face losses from the market. The risk arises due to the trust factor (Investorab, 2013) III. Operating risk: Non-financial firms face the risk of loss in their primary business structure, which refers to as the operating risk (Chernobai, et al., 2008) IV. Technical Risk: Non-financial firms face the risk of technical expertise such as Dell Inc. may have to face the risk of shortage of highly professional IT experts, which may lead to the significant loss in the primary business of the organization. The loss that may arise due to the flaw in design and engineering is also referred to as the technical risk (Pinedo & Walter, 2013). Risk Management Techniques Carlton explains in his article to manage the above mentioned risks using the following risk management techniques: a) Operating Leverage b) Changing the location of Production c) Adjustment to Production Volume d) Business Portfolio modification Therefore, the non-financial firm can use the techniques for risk assessment. The techniques are detailed as follows: a) Operating Leverage: Carlton explains that the non-financial firms can mitigate the risk of volatility in the market, which is explained in terms of commercial risk can be controlled by using the mix of fixed and variable cost. (Carlton, 1999) b) Changing the Location of Production The risk management technique can be used to control or overcome the foreign exchange exposure. The risk arises due to the import based competition (Carlton, 1999) c) Adjustment to Production Volume: The variation in market prices, which is anticipated can be overcome by the adjustments to production volume (Carlton, 1999) d) Business Portfolio Modification: The strategy or technique can be implemented with the help of screening of projects (Carlton, 1999) Therefore, it proves that the non-financial firms can use number of risk management technique to manage their risks but the techniques used for non-financial firms are quite much different from that of the financial firms because of the change in the structure of the business and the change in the risk management preferences. Evaluation of Reviewed Studies The Literature review discussed above covers three major areas of risk management i.e. the study of different risk management techniques, which are used in various kinds of business models, their relevant theories and then the study of the non-financial firms. The literature review on the non-financial firms identifies that the hedging strategies and the risk factors of non-financial firms cannot be generalized on the financial or investment related companies. The theories of the financial derivatives, risk management, and hedging strategies identify two types of business models. One is financial business model and the second is non-financial business model. The study of key risk indicators of both the models, as discussed above while studying the literature on non-financial firm risks, is different. In addition to this, as most of the literature reviewed above is based on scholarly research articles and books, so the theories, which are mentioned along with the conclusions derived from the researchers such as Carlton, Stein, Jimmy etc. all provide reliable sources to further evaluate the risk management techniques, particularly of non-financial firms. Although, some of the sources may lead to conflicting results such as Stein, Jimmy, Usher, Stephen & Lagattuta finds that the cash flow at risk can be used for the risk measurement of Non-financial firms but some other studies indicate that the “At Measure” risk measurement methods cannot be used for the risk management of Non-financial companies. Although, the above contradiction implies that the value at risk measure, in any case, cannot be used for the measurement of risk of non-financial firms but the cash flow at risk, if it can be calculated appropriately then it can be used to measure risks of non-financial firms. In addition to this, the literature review also defines the risk factors, which exclusively pertains to the non-financial firms such as strategic risks, commercial risks, operating risks and technical risks. However, the study of Carlton does not directly cover the risk management of these mentioned risks but indirectly handles the risks by using the techniques such as, Operating Leverage, Changing the location of Production, Adjustment to Production Volume, Business Portfolio modification, Portfolio Diversification. Therefore, the whole literature review implies that the risk management techniques might not be able to directly handle the core business risks of non-financial firms. The reason may be that the non-financial firms have to face difficulty in appropriately and quantitatively bifurcating the risk factors. On the other hand, the financial and investment-related firms can easily quantify the risks faced by their primary business such as the effect of interest rates on the bond and stock prices. The quantification of risk can lead the financial firms to manage the risks in much better way than that of non-financial firms. Moreover, the literature also identifies that most of the risk factors for non-financial firms are qualitative or subjective in nature, which needs to be converted into quantitative nature to implement the risk management techniques. Bibliography 1. Bartlett, J., 2004. Project Risk Analysis and Management Guide. s.l.:APM Publishing Limited. 2. Best, P., 1998. Implementing Value at Risk. s.l.:John Wiley & Sons. 3. Best, P., 2000. Implementing Value at Risk. s.l.:John Wiley & Sons. 4. Burger, M., Graeber, B. & Schindlmayr, G., 2008. Managing Energy Risk: An Integrated View on Power and Other Energy Markets. s.l.:John Wiley & Sons. 5. Carlton, T., 1999. Risk and Capital Management in Non-Financial Companies. s.l., Australian Prudential Regulation Authority, Risk and Capital Management Conference Proceedings 01/1999. 6. Chaudhary, M., 2013. An Introduction of Value at Risk. 5th ed. s.l.:Jhon Wiley & Sons. 7. Chernobai, A., Rachev, S. T. & Fabbozi, F. J., 2008. Operational Risk. s.l.:Jhon Wiley & Sons. 8. Clarizen: the way to work, 2013. Risk Management - Useful Tools and Techniques. [Online] Available at: https://success.clarizen.com/entries/24127786-Risk-Management-Useful-Tools-and-Techniques [Accessed 13 Jnauary 2015]. 9. Das, S., 2006. Risk Management: The Swaps & Financial Derivatives Library. s.l.:John Wiley & Sons. 10. Frigo , M. L. & Anderson, R. J., 2011. What Is Strategic Risk Managment. Strategic Finance, April. 11. Guzman, O., n.d. Differences Between Business Risk & Financial Risk. [Online] Available at: http://smallbusiness.chron.com/differences-between-business-risk-financial-risk-100.html [Accessed 13 January 2015]. 12. Heldman, K., 2011. PMP Project Management Professional Exam Study Guide. s.l.:John Wiley & Sons. 13. Hulett, D. D., 2012. Integrated Cost-Schedule Risk Analysis. s.l.:Gower Publishing, Ltd.,. 14. Hussain, A., 2000. Managing Operational Risk in Financial Markets. s.l.:Butterworth-Heinemann. 15. Investorab, 2013. Commercial Risk. [Online] Available at: http://www.investorab.com/investors-media/risk-and-risk-management/commercial-risks/ 16. Jankensgard, H., 2008. Cash Flow at Risk & Debt Capacity, s.l.: Lund Institute of Economic Research Working Paper. 17. Klimczak, K. M., 2007. Risk Management Theory : A Comprehensive Empirical Assesment, s.l.: Leon Kozminski Academy of Entreprenuership & Management. 18. Murphy, D., 2008. Understanding Risk: The Theory & Practice of Financial Risk Management. ed. s.l.:Taylor & Francis Group. 19. Pinedo, M. & Walter, I., 2013. Global Asset Management: Strategies, Risks, Processes and Technologies. s.l.:Simcorp Strategy Lab. 20. Rebonato, R., n.d. Theory & Practice of Model Risk Management, s.l.: Oxford University Press. 21. Schwulst, B., 2014. Risk Management Techniques and Strategies for Risk Managers. [Online] Available at: https://www.udemy.com/blog/risk-management-techniques/ [Accessed 113 January 2015]. 22. Stein, J. C., Usher, S. E., LaGattuta, D. & Youngen, J., 2001. A Comparable Approach To Measuring Cash Flow At Risk For Non Financial Firms. Journal of Applied Corporate Finance, 13(4), pp. 8-17. 23. Taylor , M., 2009. What is: What is Sensitivity Analysis. [Online] Available at: http://www.medicine.ox.ac.uk/bandolier/painres/download/whatis/What_is_sens_analy.pdf [Accessed 13 January 2015]. 24. The Institue of Risk Management, n.d. About : Risk Management. [Online] Available at: https://www.theirm.org/about/risk-management/ [Accessed 13 January 2015]. 25. Wells, G., 2004. Hazard Identification and Risk Assessment. s.l.:IChemE. Read More