Depending
on the size and characteristics of the enterprise that they may establish a risk
management department consists of experienced professionals, or
at least they should use the risk management services of professional
consulting and law firms with extensive experiences in this field. The risk managementde partments
have to perform many tasks but should focus on three main functions: risk
identification, risk analysis and risk response.
First, we need to identify the
risks. It is the process of gathering information, data and analysis
of factors that may impact negatively on the achievement of goals, including
the inside and outside, macro and micro factors. We can use analysis tools such
as brainstorming, interviewing, root-cause analysis, checklist, SWOT analysis…
along with other tools that are used in the strategic
planning process. Enterprises need to create and regularly update
the information and data system to serve for the analysis.
The next process is risk
analysis, in which we need to analyze to assess risk that has been identified
at the main aspects: the root causes of risk, risk probability and condition to
occur, scope and displaced persons entitled to, impact of the risks, factors
that change the level of impact…
Finally is the process
of responding to risks. More specifically, it is the process of choosing the
way to respond to risk, which may include measures to: (i) risk aversion
(abandon risky activities); (ii) risk prevention (eliminate
the root causes of risk); (iii) reduce the likelihood of risk; (iv) eliminate
the negative impacts; (v) reduce the negative impact; (vi) risk sharing; (vii) risk
transferring (buy
insurance, use derivative instruments); (viii) take risks and preparing
resources to overcome the consequences.
Principles
Risk management must ensure the
main principles: (1) create value (cost of risk management has to lower than
benefit that it brings); (2) is an integral part of the business
activities; (3) attached to the decision making (all important
decisions have to consider risk management); (4) to be systematic and follow a
throughout process (5) are regularly evaluated and improved.
It can be said, at the
present, only the financial institutions and the banks are interested in risk managementactivities
(although not enough) while most other companies have not focused on this
activity. Towards the sustainable development, enterprises cannot just “take
risks” in the passive and desperate ways, they should be towards to manage risk
in proactively and wisely ways.
0 nhận xét:
Đăng nhận xét