By Veronicah Muthoni
Risk management is the process of identification, analysis, and acceptance or mitigation of uncertainty/ threats in investment decisions.
These threats, or risks, could stem from a wide variety of sources, including financial uncertainty (demand, supply, and stock market), legal liabilities, strategic management errors, accidents, and natural disasters.
Risk management has become a necessity in the modern world. Over the years, a lot of companies have found out that their operations and even their entire existence can be threatened due to external events. Thus, there has been a constant increase in the number of resources that are being devoted to the risk management process.
The Steps in the Process
1. Risk identification mainly involves brainstorming. A company gathers its employees together so that they can review all the various sources of risk. The next step is to arrange all the identified risks in order of priority. Because it is not possible to mitigate all existing risks, prioritization ensures that those risks that can affect a business significantly are dealt with more urgently.
2. Risk assessment is the next step. In many cases, problem resolution involves identifying the problem and then finding an appropriate solution. However, prior to figuring out how best to handle risks, a business should locate the cause of the risks by asking the question, “What caused such a risk and how could it influence the business?”
3. Risk control. Once a business entity is set on assessing likely remedies to mitigate identified risks and prevent their recurrence, it needs to ask the following questions:
· What measures can be taken to prevent the identified risk from recurring?
· In addition, what is the best thing to do if it does recur?
4. Review Controls. Here, the ideas that were found to be useful in mitigating risks are developed into several tasks and then into contingency plans that can be deployed in the future. If risks occur, the plans can be put to action.
Response to Risk
Response to risks usually takes one of the following forms:
1. Risk avoidance: While the complete elimination of all risk is rarely possible, a risk avoidance strategy is designed to deflect as many threats as possible in order to avoid the costly and disruptive consequences of a damaging event.
2. Risk reduction. Companies are sometimes able to reduce the amount of damage certain risks can have on company processes. This is achieved by adjusting certain aspects of an overall project plan or company process, or by reducing its scope.
3. Risk sharing. Sometimes, the consequences of a risk are shared, or distributed among several of the project's participants or business departments. The risk could also be shared with a third party, such as a vendor or business partner.
4. Risk retaining. Sometimes, companies decide a risk is worth it from a business standpoint and decide to keep the risk and deal with any potential fallout. Companies will often retain a certain level of risk if a project's anticipated profit is greater than the costs of its potential risk.
The Covid – 19 pandemic was an unprecedented crisis that affirmed the need for risk management in all companies. Companies with auspicious risk management plans were able to stay afloat because they had established procedures to avoid such uncommon threats. Strong corporate governance principles that focus specifically on risk management are thus an imperative in helping companies reach their goals.