Chapter 3: Management Control and Risk
Chapter 3: Management Control and Risk
Risk identification is the process of spotting, recognizing or classifying potential risks, which
may affect an organization. Risk identification can help a company to be prepared if these risks
occur. This is one of the early stages of the risk management process.
Risk identification is very important, because if you want to avoid or reduce a risk, you have to
be able to identify that risk first. By identifying the source of a problem, or the series of events,
which may lead to a problem, an organization can take steps to prevent these risks from
affecting adversely on the organization.
Risk Categories
1) Fundamental risk - Risk that affect in general, broad groups of people, and are beyond
the control of any individual.
2) Particular risk - Risk over which an individual may have some measure of control.
3) Speculative risk - Risk which either good or harm may result
Type of Risk
1) Business risk - the risk that businesses face due to the nature of their operations and
products. Some businesses for instance are reliant on a single product or small range of
products, or they could be reliant on a small key group of staff.
Strategic risk
Product risk
Commodity risk
2) Economic risk - risk that changes in the economy might affect the business. Those
changes could be inflation, unemployment rates, international trade relations or fiscal
policy decisions by government. This risk is considered to be external to the business.
3) Financial risk - the risk of changes in a financial condition such as exchange rate,
interest rate, customers’ credit rating, or price of goods.
Credit risk
Currency risk
Impact of Risk on Long-term Decisions
1) Sensitivity analysis - method in analysing the risk surrounding a capital expenditure
project
2) Analyse risk and uncertainty
An alternative way of remembering risk management methods is via the mnemonic (TARA):
TRANSFERENCE
In some circumstances, risk can be transferred wholly or in part to a third third party, so that if
an adverse event occurs, the party suffers all or most of the loss. A common example of risk
transfer is insurance. Businesses arrange a wide range of insurance policies for protection
against possible losses. This strategy is also sometimes referred to as sharing.
AVOIDANCE
An organization might choose to avoid a risk altogether. However, since risks are unavoidable in
business ventures, they can be avoided only by not investing (or withdrawing from the business
area completely).
REDUCTION or MITIGATION
A third strategy is to reduce the risk, either by:
limiting exposure in a particular area
attempting to decrease the adverse effect should that risk actually crystallize.
ACCEPTANCE
The final strategy is to simply accept the risk that may occur and decide to deal with the
consequences in that particularly situation. This is appropriate normally where the adverse
effect is minimal.
Risk management
RISK REDUCTION
Even if a company cannot totally eliminate its risks, it may reduce them to a more acceptable
level by a form of internal control. The internal control would reduce either the likelihood of an
adverse outcome occurring or the size of a potential loss. The costs of the control measures
should justify the benefits from the reduced risk.
HEDGING RISKS
The concept of hedging is reducing risks by entering into transactions with opposite risk profiles
to deliberately reduce the overall risks in a business operation or transaction.
RISK SHARING
A company could reduce risk in a new business operation by sharing the risk with another party.
This can be a motivation for entering into a joint venture.