Answering the 3 Whats of Risk Management

If you are a part of an organization or even were a part of one in the past, you possibly have come across the term called Risk Management. And I am sure someday or the other you found yourself scratching your head trying to get around this term. Some of the questions which you might have asked yourself may be the below questions,

What is Risk Management?

What is the process of managing a risk?

What are the skills needed for Risk Management?

Let me start by answering the above questions one by one.

What is Risk Management?

Before I go ahead and answer the question, let’s see what exactly risk is?

A Risk can be thought of any situation which might expose you to a danger or to an unwanted situation.

For example, before investing in stock markets, you want to make sure that the stocks you are investing in had a pretty good historical track record in the stock market so that the risk you are taking with your hard earned money is minimized and you do not get into bankruptcy.

Expanding this definition to an organization level; risk management can be thought of as a process of identifying possible risks and threats to an organization even before they happen. For example, during mergers and acquisitions, an organization runs a thorough investigation on the firm it wants to acquire to ensure the money spent on it has future prospects.

What is the process of managing a risk?

A typical Risk management process involves five key steps.

Step#1: Risk Identification

The first step towards an effective risk management is to identify the risk within the organization. Risks can be legal, financial, process related, service related, regulatory, policy oriented, etc. The risk identification is an important step because at the end of this step, all the possible risks are exposed to all the stakeholders in the organization and thus immediate strategies can be thought of to mitigate those risks.

Step#2: Risk Analysis

Risk Analysis can be drilled down to three sub categories which involves,

Identifying the scope of the risk: This involves getting knowledge on which department has to handle the risk. For example, if its' money related, the scope of the risk falls under the finance department.

Identifying the hidden links between the organizational norms and the risk: This involves identifying to which department or process is the risk related to and then take actions accordingly.

Identifying the severity and seriousness of the risk: This involves identifying what would be the consequences if the risk actually happens. For example, what would happen if the merger fails after five years; and if that qualifies as a high risk, the merger is often abandoned or in many cases the organizations keeps a close eye to track the performance of the merging company.

Step#3: Risk Ranking

Depending on the severity and seriousness of the risk; risks are classified as high risk, moderate risk and low risk. High risk category is the first one that is mitigated and communicated to key stakeholders so that immediate actions can be taken to prevent those from happening while low risks are usually communicated as an information to the stakeholders which need not need an immediate intervention.

Step#4: Risk Treatment

Irrespective of the risk, they have to be either eliminated completely or minimized as much as possible. This is called risk treatment where experts in those fields come together and figure out road-maps and strategies to manage the risk at hand.

Step#5: Risk Monitoring

Risk monitoring is employed only for the risks which cannot be eliminated completely such as the investment risks, market risks, etc. Concerned departments keep an eye on the parameters which directly or indirectly impact the risk and take corrective actions as and when the risk intensifies.

What are the skills needed for Risk Management?

The three key skills needed for effective risk management are,

Problems Solving Skills: This pertains to coming up with solutions for a problem at hand. In risk management, the problem at hand is the risk and as a risk manager; one has to come up with strategies to mitigate the risk.

Effective Communication: One of the key aspect of risk management is effectively communicating the risk to the stakeholders and hence this skill is highly desirable.

Business know how: An effective risk professional must have a thorough understanding of the business they are a part of to efficiently figure out the risks involved.

Risk Management can be both rewarding and challenging. This was the tip of the iceberg that we just looked into and hence an in depth knowledge is needed to get into the profession of a Risk Manager. For a more detailed information on the skills needed for effectively managing the risks, have a look at 10 Key Skills To Be a Successful Risk Manager In 2020.