"Study of With Respect To '': Padmashri Annasaheb Jadhav Bharatiya Samaj Unnati Mandal'S
"Study of With Respect To '': Padmashri Annasaheb Jadhav Bharatiya Samaj Unnati Mandal'S
"Study of With Respect To '': Padmashri Annasaheb Jadhav Bharatiya Samaj Unnati Mandal'S
PROJECT REPORT
ON
RELIANCE INDUSTRY’’
SUBMITTED BY
EXAMINATION NO:-
GUIDED BY
PROF.AKSHAY BHOIR
Examiner: -__________
Date: - __________
College Seal
ACKNOWLEGMENT
To list who all have helped me is difficult because they are so numerous and the depth
is so enormous.
I would like to acknowledge the following as being idealistic channels and fresh
dimensions in the completion of this project.
I take this opportunity to thank the University of Mumbai for giving me chance to
do this project.
I would like to thank my Principal, Dr. Ashok D. Wagh for providing the necessary
facilities required for completion of this project.
I take this opportunity to thank our Coordinator Bhavana khainar, for her moral
support and guidance.
I would also like to express my sincere gratitude towards my project guide
Prof. Akshay Bhoir whose guidance and care made the project successful.
I would like to thank my College Nirlon Library, for having provided various
reference books and magazines related to my project.
Lastly, I would like to thank each and every person who directly or indirectly helped
me in the completion of the project especially my parents and peers who supported
me throughout my project.
INDEX
Page
Sr. No. Particular
No.
1. Introduction to venture capital 6 - 24
3. Methodology of study 26 - 27
Primary data 26
Secondary data 27
6. Conclusion 57
1. INTRODUCTION TO RISK MANAGEMENT
Risk generally results from uncertainty. In organizations this risk can come from
uncertainty in the market place (demand, supply and Stock market), failure of
projects, accidents, natural disasters etc. There are different tools to deal with the
same depending upon the kind of risk.
IMPACT ACTIONS
Considerable Extensive
Must Manage and
SIGNIFICANT Management Management
Monitor Risks
Required essential
LIKELIHOOD
The above chart can be used to strategize in various situations. The two factors that
govern the action required are the probability of occurrence and the impact of the risk.
For example a condition where the impact is minor and the probability of occurrence
is low, it is better to accept the risk without any interventions.
1
A condition where the likelihood is high and the impact is significant, extensive
management is required. This is how a certain priority can be established in dealing
with the risk.
Apart from this, typically most of the organizations follow a risk management cycle.
Refer diagram below:
According to this cycle there are four steps in the process of risk management. The
first step is the assessment of risk, followed by evaluation and management of the
same. The last step is measuring the impact.
Risk identification can start at the base or the surface level, in the former case the
source of problems is identified. We now have two things to deal with the source and
the problem.
Risk Source: The source can be either internal or external to the system. External
sources are beyond control whereas internal sources can be controlled to a certain
extent. For example, the amount of rainfall, weather over an airport etc!
Problem: A problem at the surface level could be the threat of accident and casualty
at the plant, a fire incident etc.
When any or both of the above two are known beforehand, certain steps can be taken
to deal with the same.
After the risk/s has been identified then it/they must be assessed on the potential of
criticality. Here we arrive upon risk prioritization. In generic terms ‘likelihood of
occurrence × impact’ is equal to risk.
2
OBJECTIVES OF RISK MANAGEMENT
The main objective of risk management in ITIL is to detect, analyze and control the
risks.
If the organization dealing with e-commerce decides to enter into digital payments,
there is a lot of investment which needs to be made into acquiring adequate human
resources, capital, and digital infrastructure.
All 3 of these acquisitions are made over a period of time and can pose a financial,
business and organizational risk. Mismanagement of such resources can not only
cause the new venture to fail but can also affect the profitability and credibility of the
existing core competence of the company.
3
SCOPE AND FRAMEWORK OF RISK
MANAGEMENT
This step includes the specification of the external environment in which the
organization operates and the definition of the relationship between this environment
and the organization itself.
The external environment typically includes: the local market, the business,
competitive, financial and political environment the law and regulatory environment
social and cultural conditions external stakeholders.
It is also very important that both the perceptions and values of the various
stakeholders and any externally generated threats and/or opportunities are properly
evaluated and taken into consideration.
4
Definition of internal environment
The criteria by which risks will be evaluated have to be decided and agreed. Deciding
whether risk treatment is required, is usually based on operational, technical,
financial, regulatory, legal, social, or environmental, criteria or combinations of them.
The criteria should be in line with the scope and framework defined above.
Furthermore they should be closely related to the organization's internal policies and
procedures and support its goals and objectives.
5
INTRODUCTION TO RELIANCE INDUSTRIES
6
HISTORY
1960–1980
SHAREHOLDING
The number of shares of RIL are approx. 3.1 billion.The promoter group, Ambani
family, holds approx. 46.32% of the total shares whereas the remaining 53.68% shares
are held by public shareholders, including FII and corporate bodies. Life Insurance
Corporation of India is the largest non-promoter investor in the company, with 7.98%
shareholding.
OPERATIONS
The company's petrochemical, refining, oil and gas-related operations form the
core of its business; other divisions of the company include cloth, retail business,
telecommunications and special economic zone (SEZ) development. In 2012–13, it
earned 76% of its revenue from refining, 19% from petrochemicals, 2% from oil &
gas and 3% from other segments.
7
In July 2012, RIL informed that it was going to invest US$1 billion over the next
few years in its new aerospace division which will design, develop, manufacture,
equipment and components, including aircraft, engine, radars, avionics and
accessories for military and civilian aircraft, helicopters, unmanned airborne vehicles
and aerostats.
EMPLOYEES
As on 31 March 2013, the company had 23,519 employees of which 1,159 were
women and 83 were employees with disabilities. It also had 29,462 temporary
employees on the same date.As per its Sustainability Report for 2011–12, the attrition
rate was 7.5%. But currently, the same attrition rate has gone up to 23.4% in 2015 as
per latest report released by the organization.
In its 39th Annual General Meeting, its chairman informed the shareholders of the
investment plans of the company of about ₹1,500 billion (US$21 billion) in the next
three years. This would be accompanied by increasing the staff strength in Retail
division from existing strength of 35,000 to 120,000 in next 3 years and increasing
employees in Telecom division from existing 3,000 to 10,000 in 12 months.
8
HISTORY OF RISK MANAGEMENT
Risk managers are concerned with the future. Still, it can be instructive and
inspiring to look back to the past sometimes. So, what's the history of risk
management? One very interesting book about this topic, "Against the Gods: The
Remarkable Story of Risk," contends that the true dividing line between what we
should call ancient times and modern times is mastering risk. In this book, Peter L.
Bernstein contends that when people began to understand how to predict and manage
risks, they also began to understand that the future did not just hold random events
generated by the will of the gods or the whims of nature.
Some historians believe that the earliest concept of managing risk arose because of
gaming. Thousands of years before Internet users could play online poker, people in
different ancient civilizations played games with dice and bones. Also, people played
games that evolved into chess and checkers well over two thousand years ago.
Some historical evidence that gaming gave rise to probability theory, important to risk
management, comes from writings by Dante and Galileo. The famous
mathematicians, Pascal and Fermat, wrote each other about games of chance in the
1600s, a correspondence that is believed to have given rise to modern probability
theory used today.
If one were to consider the role of insurance in risk management, it is still possible to
trace it back to ancient times. For example, mutual aid and burial societies have been
documented as far back as the earliest days of ancient Rome. These are considered the
precursors of modern insurance companies.
9
When Did Risk Management Become a Career?
Corporate risk management has been a career before people actually called
themselves risk managers. For example, the first actuaries worked for the precursor of
a modern life insurance company in England as early as the 1700s. However, it is
probably possible to find even earlier examples.
10
FUNCTION OF RISK MANAGEMENT
Risk management has evolved from being just a discipline to a full-fledged profession
that lots of people are choosing these days. Reason, the discipline has become wider
and has assumed manifold dimensions making it a crucial function in organizations
these days.
Apart from this there are avenues for risk management professionals in the fields of
fire, security and health also. Each field requires a specific qualification and there are
plenty of institutes offering such courses. But be sure that you opt for an institute of
repute after thoroughly assessing the curriculum and ensuring the credibility of the
same.
The role is specialized and requires special attributes like planning, prioritizing and
execution skills, and an eye for detail apart from the conventional managerial skills.
11
Career opportunities in Risk Management: As mentioned earlier as a risk
management professional you may start your career as an underwriter working under
more experienced risk managers. Remember, experience counts more in this industry
than just qualifications!
Banking also offers many lucrative avenues. They need good risk management
professionals. Risk is an integral part of all banking activities and therefore the
requirement. However risk management positions and profiles are not floated on job
portals or advertised like other jobs. The hiring is mostly internal in nature, positions
get filled by references. Networking helps a great deal here.
Although risk management finds applications chiefly in the field of finance and
banking with Venture capitalists, insurance and banking companies and wealth
managers hiring qualified and experienced risk management people. However,
Government organizations nowadays also employ risk management professionals in
the fields of fire, earthquake and floods.
12
ANTICIPATING AND MITIGATING ORGANIZATIONAL
RISKS IN THE DIGITAL AGE
Every era brings with its own share of risks for organizations and other entities. While
the Industrial Era was marked by risks in the form of Employee Unions, Labor
Strikes, and the ever present threat of competition and environmentally damaging
operations, the Services Era brought with it the risk of too much globalization leading
to a Race to the Bottom as well as the peculiar and unique challenges posed by local
conditions and risks.
The present Digital Age too is characterized by several risks, not the least of which is
the Threat from Rapid Obsolescence due to Accelerating Technological
advancements.
For instance, take the case of Apple and the iPhone and we have a situation where it
has to release a new version every Six Months or so, or risk losing ground to its
competitors.
This is something that applies to other Verticals as well where rapid technological
changes mean that organizations have to be always alert to fast changing business
trends.
In addition, business leaders also have to worry about how Data is the New Oil and
hence, the battles in the Corporate Landscape of the 21st Century are all about Access
and Control to the sources of Data.
13
TAKE THE CASE OF FACEBOOK AND GOOGLE BOTH OF
WHICH COLLECT PERSONAL DATA ON A LARGE BASIS.
As can be seen from the recent scandals concerning the controversial methods by
which these entities collected user data as well as shared it with Third Party entities, it
is not hard to see how in future, business leaders have to be wary about being Gung
Ho Pirates who can collect personal data and consumer data at will and share the
booty with others.
As for protecting the data, it is clear that leading corporates and their leaders fret and
worry about where and who the next target of hacking would be.
Thus, as can be seen from the preceding discussion, the Digital Age is giving
organizations and business leaders sleepless nights.
What adds to the potent mix of threats and risks is the very real threat from the 24/7
news cycle keeping them on their toes as unless they respond to the constant drumbeat
of news channels upending their carefully planned strategies, they would risk Losing
the Narrative.
Moreover, with the proliferation of Social Media and the constant buzz of Tweets and
Facebook posts, business leaders and organizations have nowhere to run or hide as
any small or big event brings with it a barrage of both praise and criticism.
As can be seen from the incessant Trolling on Twitter and Facebook, organizations
need to be always on the lookout for defamatory and derogatory streams of
information.
14
NEW AND OLD FASHIONED THREATS TO HUMAN
RESOURCE MANAGEMENT
Having said that, organizations are also at risk from plain old fashioned threats such
as Attrition and a labor market that has become an employer’s nightmare.
This is especially the case in the United States where the economic boom of recent
years has ensured that there are more jobs than jobseekers and consequently,
organizations and their Human Resource Managers have to confront the risks from the
asymmetric and the lopsided job market.
In addition, this glut of jobs has resulted in some potential candidates not turning up
for work after selection and this trend known as Ghosting where employees absent
themselves from work and disappear as well as do not join the organizations on the
date of commencement of employment.
Moreover, there are also instances of employees stealing data and other confidential
information with relatively old fashioned methods of carting away such organizational
data on Pen Drives and other memory storage devices.
A key threat for organizations and business leaders in the Digital Age is on how to
anticipate the next business trend and identify the risks and mitigate them and plan
accordingly.
15
In other words, while Automation might be good for profitability, it
is also a key threat since runaway AI can simply override the humans
in the organization and lead to apocalyptic outcomes.
This was seen recently when a flight originating from Thailand crashed mainly
because of the software overriding the Pilots commands and despite a Heroic battle
between Man and Machine, the latter won with tragic consequences.
This is the reason why many leading business leaders are calling for enhanced
supervision of automated operations so that the ultimate decisions are made by the
humans and not the machines.
Lastly, as mentioned in the introduction, each era has its own threats and risks.
However, what is different in the Digital Age are the Speed and the Depth of such
threats coming together at the same time creating a Perfect Storm of events that can
bring down the entire organization and who knows, the world itself.
With the interconnected web of people and the speed at which information flows,
organizations have seen more threats than before.
Claims processing is probably the most important function for any insurance
company. This is because this process is where the insurance company actually
delivers on its commitment. The speed and convenience with which the claims are
settled have a long bearing on the reputation of the insurance company.
Nowadays, most insurance companies have started automating their claims process.
This decision is obvious given the numerous benefits that a company stands to reap
after such automation has taken place.
16
IN THIS ARTICLE, LET’S HAVE A CLOSER LOOK AT THESE
BENEFITS.
Customers are required to fill in numerous forms as a part of their claims process. The
information received from these forms has to be entered into a centralized system. No
processing can be carried out unless this information is available in electronic format.
Before automation was extensively implemented in the claims industry, entering this
data into the system was a manual, time-consuming as well as expensive process.
However, modern technology has made it possible for software to directly read the
information from forms and input it into the system. Hence, the conversion of data
from paper forms to electronic entries can be accomplished with very little manual
intervention.
Since data processing is one of the biggest costs which is incurred by any insurance
company, reduced data entry goes a long way in saving costs.
COMPLETENESS OF APPLICATION
The lack of complete data is a major hindrance to fast processing of insurance claims.
The reality is that in order to claim insurance, different types of documents need to be
submitted. The list of these documents varies on a case to case basis. Hence, it is not
possible to give a simple checklist which can be verified.
Since the requirements are complex, most insurance consumers miss out on providing
certain information in the first go. As a result, their application is sent back, and they
are asked to submit more documents. The process usually goes back and forth a
couple of times before the claim is actually processed.
The iterative nature of this process is a problem for both the insurance companies as
well as the consumers. This is because the consumers have to wait longer before they
can get the money which is owed to them. From an insurance company’s point of
view, the continuous back and forth means the efficiency of the back office, as well as
front office staff, is compromised leading to higher costs.
17
ELIMINATES NEED FOR STORAGE
As already mentioned in the first two points, the claims process involves a lot of
paperwork. Insurance companies are supposed to hold on to this paperwork for further
reference. This becomes a problem since it is very difficult to maintain a physical
archive.
With increasing automation in the claims processing industry, physical archives have
now become obsolete. They are now being replaced by electronic archives. Electronic
archives are easier to maintain. This is because the process of archiving as well as
retrieving documents can be automated. This means that considerably less manpower
and money needs to be spent on maintaining the archive. Also, since electronic
archive does not occupy much space in the real world, the real estate costs are also
saved.
AUDIT TRAIL
The best part about automating the claims process is that the audit becomes extremely
easy. If any insurance executive has accessed a particular claim file or has performed
any action related to the claim, their information is automatically recorded by the
system. The software, therefore, creates a trail which can be easily checked while
conducting audits. This feature is extremely valuable to insurance companies who
have lost a lot of money in the past due to the connivance of their support staff with
outsiders.
From the consumer’s point of view, the entire claims process is a black box. This
means that the consumer doesn’t know what is happening to their claim until they
receive the money. This creates a feeling of ambiguity and uncertainty. Consumers do
not mind waiting for some more time as long as they are in the loop regarding what is
happening with regards to their claims.
New and advanced automated claims processing software makes it possible to provide
this information to customers in a timely manner. Customers are often provided with a
flowchart to explain the various stages that their claim will have to go through. A
18
dashboard provides real-time to updates to customers whenever they log in to the
system. Hence, automated claims processing software not only reduces costs by also
enhances customer experience.
Automated claims processing software also has the ability to detect patterns in data.
Hence, whenever auditors detect a fraudulent claim, they are supposed to flag it to the
system. Over the course of time, the software has its own database of fraudulent
claims. The system can then run analytical operations on this data in order to identify
patterns which were common amongst those fraudulent claims. This data can then be
used by the software to flag new claim applications which follow the same pattern and
therefore may be fraudulent. Most claim processing software have the capability to
continuously learn as more and more data points are added to their database over an
extended period of time.
To sum it up, automating the claims settlement process has become a norm in the
software industry. Companies that do not automate this process in the next few years
may not survive since their administrative costs will be much more as compared to
their competitors.
19
ADVANTAGES OF RISK MANAGEMENT:
Risk management process is considered as an important discipline that the business
has in its recent times.
Many organizations tend to realize the advantages of enterprise risk management.
Following are few benefits of risk management in projects:
TREATMENT OF RISKS:
It helps in treating one’s own risks that are the subsets of implementing a plan. It has
internal compliance that are brought and mitigated towards the forsaken actions.
Its opportunity falls in the lack of preparation and even more realized upon the
profitable data that relieves through internal controls.
MINIMIZATION OF RISKS:
The risks that are handled within the given assessments plans are foreseen within the
business functions. It enables one to speed up the data to change policies and
contingencies that are made successful within the mapped business functions.
Here the cost beneficial analysis is to be revised within the ownership of risks. It
focuses on change of policies within the detailed structural behavior.
20
AWARENESS ABOUT THE RISKS:
Here the terms that are noticed will create awareness among the scheduled terms of
risks that are a successful analysis and evaluation of exercising the modules of risks.
It enables one to concentrate on the risk treatments within the lessons learnt and are
scheduled into lack of preparation. It has subsequent phases regarding each module
within the identified data.
NEW OPPORTUNITIES:
The opportunities that are emerging are held within the new ways of communicating
on the unravel issues.
It has collective and least significant part that matches with most of the scenarios. It
prepares for the future endeavors and the related exhaustive efforts as inputs.
HARVESTING KNOWLEDGE:
Here one must try to spend the knowledge about the stakeholder’s experience of the
preemptive approach that are made applicable for the unprepared threats towards the
knowledge gained and this provides a template to face the readymade risks.
21
PROTECTING RESOURCES:
The risk management plans and policies under help in protecting the resources of the
organization. This helps in promoting the resources instead of using them illegally.
It also equips safety among the adaptive changes to the staff alternatives and is
bundled together with the other resources. It builds production plans and the
alternative plans or the process of re-routing.
REGULATORY COMPLIANCES:
This framework helps in meeting regulatory needs. It performs and measures the risk
managements. This improvement helps in attaining the higher credit aspects.
It also derives higher efficiency towards the capital volatility and even the rating
metrics that are assigned to the compensated business plans. It translates into greater
confidence of improved stakeholders that are made applicable within the insured
business.
VALUES SHAREHOLDERS:
It aims at the borrowing capacity of the shareholder that has significant effort within
the management and assumes the determinant roles that the company can extend to.
It has exact decision making process within the current models and also the expected
regulatory recruitment.
22
DISADVANTAGES OF RISK MANAGEMENT:
Managing the risks provides the waste of time to compensate the projects. It
persuades the projects that reciprocate to improve the funds in the company. It is
spent on the research and development of the allocated issues that hold to ensure
project management.
COMPLEX CALCULATIONS:
Risk management involves complex calculations in terms of managing risks. Without
the automatic tool, each and every calculation regarding risks becomes difficult.
It involves the ideal data that contributes to the employee’s standards. This process is
really difficult to predict.
UNMANAGED LOSSES:
If the organization meddles with a loss, then that pay will be delivered to the pay loss
of the firm.
Here, the organization is responsible for the loss that happened due to improper
schedule about the risk management.
AMBIGUITY:
Even if the ambiguity is out of loss then people have to cover it within the planned
scale of losses of the discounts and even the consideration into unnecessary insurance
discounts.
23
MITIGATION:
Usually, mitigation guarantees losses of the concealed impairment of money which
may cause improper management of risks. This leads to unsafe acceptance of data
within rare company losses.
DIFFICULTY IN IMPLEMENTING:
Risk management takes a long time to gather the information regarding the strategic
plans. It has universal standards that are mitigated and accepted according to the
monetary values.
It matches with the hard understanding without recent experience without
compensation of the required quantity of data.
PERFORMANCE:
Since the risk management can be processed only with subjectivity, it holds on the
control of prospects within each issue. It can be identified with the difficult
implementation of controls.
It manages the cost benefits analysis that is not implemented. This process
concentrates more on the implementation of controls.
POTENTIAL THREATS:
These potential threats are to be maintained carefully so as to organize and disappear
from the market. This implementation reduces the level of risk and proportionally
increases the control over it.
Any kind of process will have its own limitations and benefits of project risk
management. Thus to build an effective risk management one has to focus on the
mitigated strategic plans of risks that are effective on the risk takers. It is to identify
the maximum of the entire management to overcome forthcoming dangers.
Risk management becomes the major case when the organization has targeted results
apart from the potential threats, damages and vulnerabilities.
24
PRINCIPLES OF RISK MANAGEMENT
Various organizations have laid down principles for risk management. There are risk
management principles by International standardization Organization and by Project
Management Body of Knowledge.
The Project management body of knowledge (PMBOK) has laid down 12 principles.
This article carries an amalgamation of both PMBOK and ISO principles. The
various principles are:
25
5. ROLES AND RESPONSIBILITIES: Risk Management has to be
transparent and inclusive. It should take into account the human factors and ensure
that each one knows it roles at each stage of the risk management process.
26
2. LITERATURE REVIEW
In this section, we try to provide an idea about the basics concepts of risk
management based on the liturature review. This includes a generic definition of risk,
risks management and their method. The risk The thematic of risk management is not
new, but it is recent and not very studied in logistic chain (or supply chain), the first
work that explicitly addresses for the risk management in the supply chain dating
from 2003. The risk is present in many activities including the logistic in which one
consequence of the risk that it is increasing and affect around all the logistic networks,
therefore the managers need to make a great deal of effort to identify and manage
risks. The meaning of risk can be differ from one person to another depending on their
point of views, attitudes and experience what makes the study of risk more and more
complex. Aven , proposed a basic risk theory based on brief selected review that over
the last 15-20 years and he presented the evolution of risk concept in Oxford English
Dictionary since 1679, we think that definition followed the environment evolution.
Veland and Ave, proposed the same based classification of risk given by Aven and
they used theses definition to discuss how the risk perspectives influence the risk
communication between the decision-makers, the risk analysts, experts and lay
people. Indeed, for Karimiazari et al , engineers, designers and contactors view risk
from the technological perspective, lenders and developers tend to view it from the
economic and financial side.
So, the question is: what is a risk? The first answer, the risk is the probability that
an event or action may adversely affect the organization . For Mazouni, the risk is an
intrinsic property of any decision, it is measured by a combination of several factors
(severity, occurrence, exposure to, etc.), although it is generally limited to two factors:
severity and frequency of occurrence of a potentially damaging accidents that
incorporate some exposure factors.
27
3. METHODOLOGY OF STUDY
(a) Overseeing and approving the company enterprises wide risk management
framework.
(b)
(c) Overseeing that all the risks that the organization faces such as strategic and
commercial safety and operations compliance and control and financial
risks have been identified and assessed and there is an adequate risk
management infrastructure in place capable of addressing those risks
28
4. DATA ANALYSIS AND INTERPRETATION
Risk is made up of two parts: the probability of something going wrong, and the negative
consequences if it does.Risk can be hard to spot, however, let alone prepare for and
manage. And, if you're hit by a consequence that you hadn't planned for, costs, time, and
reputations could be on the line.
This makes Risk Analysis an essential tool when your work involves risk. It can help you
identify and understand the risks that you could face in your role. In turn, this helps you
manage these risks, and minimize their impact on your plans.
In this article and video, we look at how you can use Risk Analysis to identify and
manage risk effectively.
Risk Analysis is a process that helps you identify and manage potential problems that
could undermine key business initiatives or projects.
To carry out a Risk Analysis, you must first identify the possible threats that you face,
and then estimate the likelihood that these threats will materialize.
Risk Analysis can be complex, as you'll need to draw on detailed information such as
project plans, financial data, security protocols, marketing forecasts, and other relevant
information. However, it's an essential planning tool, and one that could save time,
money, and reputations.
29
INTERVIEW QUESTIONS
Q1. What Are The Company’s Top Risks, How Severe Is Their Impact And
How Likely Are They To Occur?
Answer :Managing enterprise risk at a strategic level requires focus, meaning
generally emphasizing no more than five to 10 risks. Day-to-day risks are an
ongoing operating responsibility.
Q2. How Often Does The Company Refresh Its Assessment Of The Top
Risks?
Answer :The enterprise wide risk assessment process should be responsive to
change in the business environment. A robust process for identifying and
prioritizing the critical enterprise risks, including emerging risks, is vital to an
evergreen view of the top risks.
Q3. Who Owns The Top Risks And Is Accountable For Results, And To
Whom Do They Report?
Answer :Once the key risks are targeted, someone or some group, function or unit
must own them. Gaps and overlaps in risk ownership should be minimized, if not
eliminated.
Answer :Cultural issues and dysfunctional behavior can undermine the effectiveness
of risk management and lead to inappropriate risk taking or the undermining of
established policies and processes.
30
RISK MANAGEMENT PROCESS
There are several bodies that lay down the principles and guidelines for the process of
risk management. The steps involved remain the same more or less. There are small
variations involved in the cycle in different kinds of risk.
The risks involved, for example, in project management are different in comparison to
the risks involved finance. This accounts for certain changes in the entire risk
management process. However the ISO has laid down certain steps for the process
and it is almost universally applicable to all kinds of risk. The guidelines can be
applied throughout the life of any organization and a wide range of activities,
including strategies and decisions, operations, processes, functions, projects, products,
services and assets.
Identification
Assessment
Outlining a framework.
31
2. IDENTIFICATION: Once the context has been established successfully, the
next step is identification of threats or potential risks. This identification can be at
the level of the source or the problem level itself.
Source analysis means that the source of risks is analyzed and appropriate
mitigation measures are put in place. This risk source could be either internal or
external to the system. Examples of the risk source could be employees of the
company, operational inefficiency in a certain process etc.
Problem analysis on the other hand means the effect rather than the cause of the
risk is analyzed. For example a drop in production, threat of losing money etc!
The choice of the method varies across industry, organizational culture and other
factors. However some common methods of risk identification are:
Taxonomy based Risk Identification: The possible risk sources are broke down,
hence taxonomy. A questionnaire is made best on existent knowledge; the answers
to the questions are the risk.
Common Risk Check: There are certain risks that are common to an industry.
Each risk is listed and checked on time.
3. ASSESSMENT: Once the risks have been identified, they are then assessed on
their likelihood of occurrence and the impact. This process can be simple as in
case of assessment of tangible risks and difficult like in the assessment of
intangible risks. This assessment is more or less a guessing game and the best
educated guess decides the success of the plan.
32
RISK MANAGEMENT PLAN
Any project immaterial of the size of the same carries a lot of risks, which may be
financial, non-financial, legal or physical. Having an effective risk management plan
is first and foremost to the success of any project. The task is to anticipate these risks
well in advance before the project takes off.
Other risk management strategies may suggest the acceptance of the risk. This is
decided after a thorough cost/benefit analysis. The risk management plan also
depends on how the risks are prioritized by the organization. Based on relative
priorities risks are given weightage, for example a certain organization may be more
concerned about the physical and legal risks, whereas another organization may be
focusing on operational or strategic risks. Risk priority defines the strategy and finally
the plan.
Besides keeping the risk management cycle in mind; before the final draft, an
PRIORITIZE THE RISKS: Arrange the risk in order of priority. Those that
need to be dealt with first are listed first. Risks are prioritized on the basis of
degree of impact and the likelihood of occurrence.
33
DEVELOPING AND ACTION PLAN: Plans are designed to minimize
the impact of the risk and to check the occurrence. In addition, an action plan in
developed against each risk i.e. in event of occurrence how do we respond to the
risk, who all will be responsible and what are the contingencies.
The formulation of the plan is in tandem with the risk management cycle which acts
as the basic guideline. Both work in sync, in fact the interventions in step 3 discussed
above cannot be without a thorough understanding of the cycle.
34
EVALUATION OF A RISK MANAGEMENT PLAN
A risk management plan can never be perfect. However, the degree of its success
depends upon risk analysis, management policies, planning and activities. A well-
defined management plan can be successful only if risks are properly accessed. And if
not, the main objective of risk management plan itself is defeated. Critical evaluation
of a risk management plan at every stage is very necessary especially at an early
stage. It will allow companies to discover the flaws before it gets into the action. Once
you’re through the process, you can address the issues and then introduce it.
The below mentioned steps can help in analyzing and evaluating a risk
management plan:
35
EVALUATE THE BUSINESS ENVIRONMENT: A thorough study
and critical evaluation of business environment where a risk management plan is
to be implemented is essential. Take time to assess, analyze and decide what
exactly is required.
36
RISK TREATMENT - RISK RESPONSE PLANNING
A risk treatment is mandatorily a part of an effective risk management plan. The plan
here means how you respond to the reported potential risks. It details on strategies on
how to deal with the various risks - low or high, acceptable or unacceptable. The plan
also outlines the role and responsibilities of the team members.
Literally speaking, risk treatment also known as risk control, is that part of the risk
management where decisions are made about how to deal with risks either in the
external or internal environment. Various options like risk reduction, risk avoidance,
risk acceptance and risk transfer.
Before you embark on risk treatment there is something called as risk response
planning that needs to be taken care of. It is explained in detail below:
Risk response planning no doubt is an integral aspect of risk treatment. The planning
covers discusses and evaluates inputs like risk register, risk profiles and cause control
matrix. Strategies are formulated and documented in this stage. The following four
different strategies are discussed upon.
37
MITIGATING RISK - Risk mitigation is a control process that essentially
stops a risk before it starts making an impact and bringing it to an acceptable
level. Often a contingency plan is put in place to prevent the risk.
ACCEPTING RISK - Finally, there are certain risks that are unavoidable.
This strategy is the best when the risk is low. But there has to be a due plan for the
same such as determining when the project will be exposed to the risk and making
small adjustments accordingly. A risk that is acceptable can be considered passive
since no action at all is taken upon the same.
By the end of risk response planning various risks and the corresponding strategies
are documented. A risk register is ready that contains all details vis-à-vis the time of
occurrence, priority and the people involved in handling the risk. The risks have
already classified as either internal or external. Relevant risks are assigned to relevant
stakeholders accordingly.
38
ENTERPRISE RISK MANAGEMENT
The CAS committee on Enterprise risk management has given the following
definition of the same - ‘The discipline by which any organization in any industry
assesses, controls, exploits, finances and monitors risk from all the sources for the
purpose of increasing organizations short-term and long-term value to its
stakeholders’.
In simpler terms enterprise risk management includes all the tools and processes
employed by an organization to manage and control risks and grab more opportunities
in the market place. It provides a framework for better risk management.
Enterprise risk management starts with identification of events that are of relevance to
the organization, the risks and opportunities. These events are evaluated on the basis
of their impact and probability of occurrence and a strategy is designed to counter or
meet the same; all this to add more value to stakeholders.
It is an approach where in risk is looked upon as an opportunity and at the same time
is monitored such that it may not affect an organization to a large extent.
Typically the following four strategies, called as ‘risk response strategy’ are adopted
by organizations while facing a risk.
Reduction strategy: taking certain actions that decrease the impact of the risk.
39
Conceptual Framework: ERM in the table below has been conceptualized in two
dimensions, one showing the types of risk and other the various risk management
process steps.
Hazard Risk: Natural disasters, liability damages, Property damages due to fire,
tornado etc, injury or illness to its employees.
Financial Risk: Risks like foreign exchange risk, commodity risk, pricing risk,
asset risk, liquidity risk.
The other dimension of the table carries the steps of entire risk management process.
The process starts from an understanding the conditions in which organization
operates (Establishing context). In the next stage various threats are identified
(Identifying threats) proceeded by analysis of risks.
The risks are then integrated and prioritized. In the penultimate stage strategies are
designed for controlling risks (Treat Risk). Finally, the risk environment is
continually monitored and the strategies are evaluated.
40
RISK MANAGEMENT AND STOCK MARKET
In stock market there is strong relationship between risk and return. Greater the
risk, greater the return generally! In financial terminology risk management is the
process of identifying and assessing the risk and then developing strategies to manage
and minimize the same while maximizing the returns.
Every investment demands a certain amount of risk and for an investor to assume
this risk he has to be compensated duly. This compensation is in the form of
something called as the risk premium or simply the premium. Risk is therefore central
to stock markets or investing because without risk there can be no gains. Successful
investors use stock market risk management strategies to minimize the risk and
maximize the gain.
In financial markets there are generally two types of risk; first the Market risk and
second the Inflation risk. Market risk results from a possibility in increase or decrease
of financial markets. The other risk i.e. the Inflation or the purchasing power risk
results from rise and fall of prices of goods and services over time.
There are certain strategies that can be employed to mitigate the risk in a stock
market. The strategies are as follows:
41
2. PORTFOLIO DIVERSIFICATION: Another useful risk management
strategy in the stock market is to diversify your risk by investing in a portfolio. In
a portfolio you diversify your investment to several companies, sectors and asset
classes. There is a probability that while the market value of a certain investment
decreases that of the other may increase. Mutual Funds are yet another means to
diversify the impact.
3. STOP LOSS: Stop loss or trailing tool is yet another device to check that you
don’t lose money should the stock go far a fall. In this strategy the investor has the
option of making an exit if a certain stock falls below a certain specified limit.
Self-discipline is yet another option employed by some investors to sell when the
stock falls below a certain level or when there is a steep fall.
Ask warren buffet, the greatest investor of all time, what is your advice to investors
and he says ‘don’t lose money!’ But stock market connotes risk and fortunately there
are enough strategies for a wise investor to safeguard his money and ensure gain. A
careful and timely exercise of these options helps you see of the risk involved.
42
OUTSOURCING RISK MANAGEMENT FUNCTION
Managing risk efficiently and effectively can be a determining factor in the overall
success of any organization. Most of the companies try to develop a risk management
plan on their own and some outsource this function. Outsourcing risk management
function is not a new concept and is being widely used by many organizations
nowadays. However, contracting out risk does not guarantee an organization’s success
at all but yes; there are greater chances of success. Reason being, the program is
designed, developed, implemented and reviewed by risk management professionals
and therefore, can improve the quality of your overall plan.
Outsourcing may or may not be necessary. There are several factors that influence this
decision including type of firm, type of risk, company’s current financial status,
interior and exterior business environment and level of human intellect. If company
possesses and retains intellectual and knowledgeable people, requirement of
outsourcing risk is less. But if, it is an entirely different situation to deal with or
company does not possess that level of people, chances of hiring services from
outside increase.
Even after considering all above advantages, outsourcing risk is still a critical decision
and needs careful considerations and planning. Unbiased advice from experts is one
of the most essential requirements so that they can advice you if you really need to
develop a risk management plan or if it so, should you purchase external services.
43
There are several companies offering such specialized services. The need is find one
that understands your requirements and suits your budget. Therefore you need to
decide before something terribly goes wrong.
Another major issue is that controlling risk is not always required. Sometimes, you
can simply let it go. But it doesn’t mean to be careless about it. It simply means you
don’t need to develop a full-fledged risk management plans. Initial two-three steps
can help averting risk. A defensive strategy can prove to be extremely useful in some
cases. It not only saves your efforts but also your time, money and human resource. If
you require only minor alterations avoid contracting out.
Outsourcing risk has its own advantages and disadvantages. The major
advantages are reduction in cost, development of specialized plan, decreased time
consumption and lessened employee hours. On the other hand, the process itself can
be very risk as you may need to disclose the confidential information to the
outsourcing firm so that they can better understand the current standing of your
organization. It may also bring undesirable changes in your company. The need is to
keep a check on outsourcing companies and taking a note of their activities.
44
5.FINDINGS AND SUGGESTIONS
Make a record of your significant findings - the hazards, how people might be
harmed by them and what you have in place to control the risks. Any record
produced should be simple and focused on controls.
If you have fewer than five employees you don’t have to write anything down.
But it is useful to do this so you can review it at a later date, for example if
something changes. If you have five or more employees you are required by law
to write it down.
Any paperwork you produce should help you to communicate and manage the
risks in your business. For most people this does not need to be a big exercise -
just note the main points down about the significant risks and what you concluded.
An easy way to record your findings is to use our risk assessment template .
When writing down your results keep it simple, for example 'Fume from welding:
local exhaust ventilation used and regularly checked'.
Risk management professionals should not take lightly the complexity associated
with providing healthcare services. While regulations, third-party payer
requirements, and licensing/accreditation standards contribute to this complexity,
formalized policies and procedures can mitigate it.
45
46
6.CONCLUSION
47
7.BIBLIOGRAPHY
WEBLIOGRAPHY
https://en.wikipedia.org/wiki/List_of_companies_of_India
https://www.mindtools.com/pages/article/newTMC_07.htm
https://www.ncbi.nlm.nih.gov/pubmed/12122845
48
49
50
51
52
53
54
55
56