Taking risks is part and parcel of the life of an entrepreneur. Once you are in business you need to manage the risks that will come your way. The financial crisis in 2008 was a wake-up call for every business leader to be aware of risks and to address them as a matter of urgency.
Risk management is now being emphasised as one of the key responsibilities of directors. Failure to do so can result in the board being dragged to courts because of negligence. The Board of Directors is responsible in overseeing risk.
Risk-taking is inevitable if an organisation is to achieve its objectives. Taking and managing risk is the very essence of business survival and growth. Organisations that are more risk aware appreciate that actively managing potential problems, threats or risks provides them with a competitive advantage.
An opportunity that avails itself to an organisation has some risk attached to it as Albert Einstein once commented, “In the middle of difficulty lies opportunity”.
A business will exploit the opportunity as long as it’s within its risk appetite and also as long as the return to be achieved will be enough to compensate for the risk.
To navigate the murky waters of entrepreneurship you need a risk management framework. An effective risk management process requires a framework that will identify, assess, control, monitor, and mitigate exposures. The tone to deal with risk or manage risk should be spelt out in the organisation’s strategy.
This shows the board’s and senior management’s commitment in dealing with risk. Risk management starts with the definition of business objectives. The level of risk and acceptable levels of risk appetite will depend on the context set by the organisation’s objectives.
Objectives should include an expression of risk appetite, such as the level of available capital or a maximum level of acceptable earnings volatility.
The key steps in any risk management process should include the following key issues:
l Risk identification. It is important at this stage to define what you mean by a risk event. What are the potential risks that the business is exposed to. You need to create a register of the risks that affect your organisation.
l Control framework. You need to come up with the controls that will control or mitigate each of the risks that are identified. Typical controls would include management oversight, information processing, automation, process controls, segregation of duties, performance indicators, and policies and procedures.
l Assessment. Assessment processes will provide the organization with an objective process to determine how well the organisation is controlling the identified risks.
l Measurement and monitoring. The process here is to determine how large or small the exposures are, whether controls are working properly, and whether exposures are changing and subsequently require attention
An organisation that implements effective risk management is likely to improve performance against its objectives. Effective risk management will bring the following benefits:
l An organisation with an effective risk management framework will minimise unwelcome surprises in its performance. Such unwelcome events will have been forecasted and measures to deal with them would already have been put in place. By identifying and managing risks managers can plan well ahead of the problem occurrence. By planning for unexpected events, you can be ready to respond if they do arise. An organisation can also draw up a contingency plan in case of the risk event occurring.
l Management will not spend most of its time engaging in fire-fighting. The process of risk identification and addressing their possible impact in advance will result in a more focussed approach to dealing with risks.
l The organisation will focus more internally on doing the right things properly. These right things are the ones which when implemented will reduce the impact of risk on the performance of the organisation.
l The organisation will craft strategies that effectively deal with any identified risks and thus improve the likelihood of achieving both short and long-term objectives.
l An organisation with an effective risk management model/ strategy will reduce the occurrence of fraud. The internal controls that are put in place to deal with identified risks will have the effect of quickly highlighting any incidence of fraud.
l Organisations with a sound risk process will have higher success rates on their projects than those with mediocre risk processes.
Every organisation should endeavour to have a robust risk management framework so that shareholder value is preserved. Theodore Roosevelt said “Risk is like fire: If controlled it will help you; if uncontrolled it will rise up and destroy you.” Business leaders should see to it that risk is managed.
l Stewart Jakarasi is a business and financial strategist and a lecturer in business strategy (ACCA P3), advanced performance management (P5) and entrepreneurship.
He provides advisory and guidance on leadership, strategy and execution, preparation of business plans and on how to build and sustain high-performing organisations.
For assistance in implementing some of the concepts discussed in these articles please contact him on the following contacts: sjakarasi@gmail.com or WhatsApp +266 62110062.