Being continuation of text of the 25th LASPOTECH inaugural lecture series delivered by Mrs. Adeola K. Banjo, a chief lecturer in Insurance Department at the LagosState Polytechnic recently.(The second part was published yesterday, Tuesday, December 27, 2011).COMPONENT OF RISK MANAGEMENT POLICYIt may not be necessary or desirable for an organization to have a separate risk management policy document. However, the management policies or strategies should contain the following risk management components:' the objectives and rationale for managing risks;' how this links to the organisation's strategic/corporate plan;' the extent or range of risks that need to be managed;' guidance on what may be regarded as acceptable risk;' the level of documentation required;' staff positions responsible for managing risk;' Sources of support/expertise available to assist those responsible for managing risk; and' principles for reviewing organizational performance in regard to the management of risk.' principles for reviewing organizational performance in regard to the management of risk. (Habbard, 200PRINCIPLE AND PROCESS OF RISK MANAGEMENTAccording to Hutton, (2009), Risk Management should be a continuous and developing process, which runs throughout the organization's strategy and the implementation of that strategy.It should address methodically all the risks surrounding the organization's activities, past, present and in particular, future. It must be integrated into the culture of the organization with an effective policy and a programme led by the most senior management staff. It must translate the strategy into tactical and operational objectives, assigning responsibilitythroughout the organization with each manager and employee responsible for the Management of risk as part of their job description. It supports performance measurement and reward, thus promoting operational efficiency at all levels.The risks facing an organization and its operations can result from factors both external and internal to the organization. According to AIRMIC, (2002), the diagram below summarizes examples of key risks in these areas and shows that some specific risks can have both external and internal drivers and, therefore, overlap the two areas. They can be categorised further into types of risk such as strategic, financial, operational, hazard, etc.PRINCIPLES OF RISK MANAGEMENTAccording to ISO 31000, (2009), theInternational Organization for Standardizationidentifies the following principles of risk management:Risk management should:' create value' be an integral part of organizational processes' be part of decision making' explicitly address uncertainty and assumptions' be systematic and structured' be based on the best available information' be tailored' take into account human factors' be transparent and inclusive' be dynamic, interactive and responsive to change' be capable of continual improvement andenhancementPROCESS OF RISK MANAGEMENTAccording to the AIRMIC, (2002) 'Risk management ' Principles and guidelines on implementation',the process of risk management consists of several steps.' The organization's Strategic ObjectivesRisk management protects and adds value to the organization and its stakeholders through supporting the organization's objectives through effective risk assessment, evaluation, reporting, selecting appropriate risk treatment techniques and effective monitoring.' Risk assessmentRisk Assessment is defined as the overall process of risk analysis and risk evaluation. (ISO/IEC Guide 73, 2002).(a) Risk AnalysisThis includes:Risk IdentificationRisk descriptionRisk estimation(a) (i) Risk IdentificationAfter establishing the context, the next step in the process of managing risk is to identify potential risks. Risks are about events that, when triggered, cause problems. Hence, risk identification can start with the source of problems, or with the problem itself.According to Oyetayo, (2006),Risk Identification sets out to identify an organization's exposure to uncertainty. This requires an intimate knowledge of the organization, the market in which it operates, the legal, social, political and cultural environment in which it exists, as well as the development of a understanding of its strategic and operational objectives, including factorscritical to its success and the threats and opportunities related to the achievement of these objectives.The chosen method of identifying risks may depend on culture, industrial practice and compliance. The identification methods are formed by templates or the development of templates for identifying source, problem or event.(a)(ii) Risk DescriptionThe objective of Risk Description is to display the identified risks in a structured format.(a)(iii) Risk EstimationRisk Estimation can be quantitative, semi-quantitative or qualitative in terms of the probability of occurrence and the possible consequence.(b) Risk EvaluationAccording to Akinjobi, (2006), Once risks have been identified, they must then be evaluated as to their potential severity of impact (generally a negative impact, such as damage or loss) and to the probability of occurrence.These quantities can be either simple to measure, in the case of the value of a lost building, or impossible to know for sure in the case of the probability of an unlikely event occurring. Therefore, in the evaluation process it is critical to make the best educated decisions in order to properly prioritize the implementation of therisk management plan.The fundamental difficulty in risk evaluation is determining the rate of occurrence since statistical information is not available on all kinds of past incidents. Furthermore, evaluating the severity of the consequences (impact) is often quite difficult for intangible assets. Asset valuation is another question that needs to be addressed. Thus, best educated opinions and available statistics are the primary sources of information. Nevertheless, risk assessment should produce such information for the management of the organization that the primary risks are easy to understand and that the risk management decisions may be prioritized.* RISK REPORTING AND COMMUNICATIONInternal ReportingDifferent levels within an organization need different information from the risk management process.External ReportingA company needs to report to its stakeholders on a regular basis setting out its risk management policies and the effectiveness in achieving its objectives.* RISK TREATMENTRisk treatment is the process of selecting and implementing measures to modify the risk. According to Roechrig, (2006), in the risk management process there is a need to select the most appropriate technique, or combination of techniques, for treating the loss exposures. These techniques can be classified broadly as:Risk controlRisk financing.(a) Risk controlRisk control refers to techniques that reduce the frequency and severity of losses while Risk financing refers to techniques that provide for the funding of losses. Many risk managers use a combination of techniques for treating each loss exposure. However, risk control is a generic term used to describe techniques for reducing the frequency or severity of losses.Major risk control techniques include the following:* Avoidance* Loss prevention* Loss reduction* Avoidance: Avoidance means a certain loss exposure is never acquired, or an existing loss exposure is abandoned.The major advantage of avoidance is that the chance of loss is reduced to zero: if the loss exposure is never acquired. In addition, if an existing loss exposure is abandoned, the chance of loss is reduced or eliminated because the activity or product that could produce a loss has been abandoned.Avoidance, however, has two major disadvantages; first, the firm may not be able to avoid all losses. For example, a company may not be able to avoid the premature death of a key executive. Second, it may not be feasible or practicable to avoid the exposure, for example; a paint factory can avoid losses arising from the production of paint. Without paint production, however, the firm will not be in business.Clearly, any amount spent on risk control is intended to add to the profitability of the organization. However, once expenditure exceeds a certain amount, the marginal effect on profit begins to level off and eventually the effect is negative. The logical result, if the company continues to spend money on risk control, is that it will go out of business.* Loss Prevention: Loss prevention refers to measures that reduce the frequency of a particular loss. For example, measures that reduce truck accidents include driver examinations, zero tolerance for alcohol or drug abuse, and strict enforcement of safety rules. Measures that reduce lawsuits from defective products include installation of safety features on hazardous products, placement of warning labels on dangerous products, and institution of quality-control checks.* Loss Reduction: Loss reduction refers to measures that reduce the severity of a loss after it occurs. Examples include installation of an automobile sprinkler system that promptly extinguishes a fire; segregation of exposure units so that a single fire incident cannot simultaneously damage all exposure units, such as having warehouses with inventories at different locations; rehabilitation of workers with job-related injuries; and limiting the amount of cash on the premises.2. Risk Financing:As stated earlier by Reochrig, risk financing refers to techniques that provide for the funding of losses after they occur. Major risk-financing techniques include the following:* Risk retention* Risk transferRisk Retention:Retention means that the firm retains part of or all of the losses that can result from a given loss. Retention can be either active or passive. Active risk retention means that the firm is aware of the loss exposure and plans to retain part of it, such as colossal losses to a fleet of company cars. Passive retention, however, is the failure to identify a loss exposure, failure to act, or forgetting to act. For example, a risk manager may fail to identify all company assets that could be damaged in an earthquake.Retention can be effectively used in a risk management program under the following conditions:(i) Paying LossesIf retention is used, the risk manager must have some method for paying losses. The following methods are typically used:' Current net income: The firm can pay losses out of its current net income and treat losses as expenses for that year. A large number of losses could exceed current income, however, and other assets may have to be liquidated to pay losses.' Unfunded reserve: An unfunded reserve is a book keeping account that is charged with actual or expected losses from a given exposure.' Funded reserve: A funded reserve is the setting aside of liquid funds to pay losses. Funded reserves are not widely used by private employers, because the funds may yield a much higher rate of return by being used in the business.' Credit line: A credit line can be established with a bank, and borrowed funds may be used to pay losses as they occur. Interest must be paid on the loan, however, and loan repayments can aggravate any cash-flow problems a firm may have.(ii) Captive InsurerLosses can also be paid by a captive insurer. A captive insurer is an insurer owned by a parent firm for the purpose of insuring the parent firm's loss exposures. There are different types of captive insurers. A single parent captive (also called a pure captive) is an insurer owned by only one parent, such as a corporation. An association or group captive is an insurer owned by several parents. For example, corporations that belong to a trade association may own a captive insurer.(iii) By insuring on first loss insurance only.(iv) By selling other assets to replace those that are lost or damagedJustification For Risk RetentionAccording to Banjo (2010),' it should be noted that Risk Retention is only justified if:' the risk has been properly identified and evaluated;' the amount retained per incident and in aggregate' per year is within the financial capabilities of the firm' the cost of insurance for the amount retained would be more than the cost of retention.To be continued
Click here to read full news..
