Risk Management in Context

The formal introduction of risk management to improve health and safety in the workplace changed the face safety management forever. This change was necessitated as a result of the introduction of the concept of "Duty of Care" into Occupational Safety, Health and Environmental legislation in the International arena.

This change in legislation focus was a distinct departure from the specific compliance legislation framework what previously exited that required managers to comply with a set of rules. Once the rules were complied with, no legal action could be instituted against these managers. The duty of care type of legislation requires managers as well as company owners to establish the significant risks and institute controls that will reduce the risks to tolerable levels.

The definition of risk differs from one discipline to another, and even within the same field there are sometimes contradictory definitions. In the context of business management, risk can be defined as the chance of loss or gain. However, the probability of occurrence of a particular adverse effect of harm and suffering, as viewed from the safety, health and environmental viewpoint, only negative risk is considered.

Risk Assessment the Concept

The term 'risk assessment' is commonly used in various ways to describe some method of identifying, understanding and controlling risks. Risk Assessment can be described as a detailed and systematic examination of any activity, location or operational system to identify risks, understand the likelihood and potential consequences of the risks and to review the current or planned approaches to controlling the risks, resulting in instituting additional controls where required. Successful risk control can include outcomes such as improved productivity, safety, health, production, environmental protection, community acceptance, etc.

There are many ways to conduct risk assessment. One of the most common and accepted approaches in the operational activities of an organization is qualitative risk assessment. Qualitative risk assessment is part of regulatory requirements in many countries for the improvement of occupational health and safety standards. Qualitative methods of assessing risks do not try to establish numbers and 'black and white' tolerability of a particular risk like quantitative risk assessment. Qualitative risk assessment attempts to establish levels of risk only in relation to other risks, or a total system risk. As such, methods such as risk ranking are commonly used to establish relative levels of risk, ranging from a high rank to a low rank. This risk ranking is then used to allocate limited resources in an objective manner in order to reduce the risk.

Risk Management in Context

In order to make sense of the various types of risk assessment it is necessary to understand where in the organisation each of the types are mostly utilised. It is not the intention to discuss all the various types of risk assessment, but merely to give them some context in relation to some of the main activities taking place in the organisation. The following model should serve to explain these relationships:

To view the model click here

As can be seen from the model, in the operational management activities of the organization hazard identification and continuous risk assessment is an activity mostly associated with operation and supervision tasks, while workplace risk assessment is normally associated with operational management while baseline and issue based risk assessment is normally activities that influences decision and control actions. Strategic management activities draw on both operational management and corporate governance aspects of risk management as a matter of course. As part of the corporate governance activity, executive management, business risks, such as strategic, financial, market and operational risks management forms an integral part.

The utilization of risk management also extends into the realm of corporate accountability through the requirement for enterprise wide risk management. This consists mainly of the activities of ownership and commitment, executive leadership, enabling frameworks and the continuous process improvement activities.

Finally risk management is utilized as one of the tools to manage the sustainability of the company by managing the reputation of the organization. This is achieved through financial as well as non-financial activities that corporate managers engage in. To indicate how the various levels of risk management is interrelated it would suffice to say that, during an operational audit, the operational risk assessments are evaluated, and at the conclusion of the audit, non-conformances in the risk assessment process are identified for rectification. These non-conformances and they way they are managed provides a platform for the sustainability management of the organization.

It is a known fact that the introduction of risk assessment concepts in business has significantly changed their approach from a reactive management approach to a more objective management style that includes a more realistic way of allocating resources to address specific risks in an objective manner.

© 2009 Carl Marx