implementing an effective risk management strategy based upon knowledge peter scott
Post on 23-Dec-2015
218 Views
Preview:
TRANSCRIPT
Implementing an effective risk management strategy based
upon knowledge
Peter Scott
PETER SCOTT CONSULTING
What is Risk?
“Chance of bad consequences”
The concise Oxford Dictionary
PETER SCOTT CONSULTING
What is Knowledge?
“The sum of what is known”
The concise Oxford Dictionary
PETER SCOTT CONSULTING
Risk
Management
Knowledge
Management
An integrated strategy
PETER SCOTT CONSULTING
Law Firm Risks
Peop
le
Op
eration
alRegulatory
IT
Co
mp
etit
ion
/bu
sin
ess
Eco
no
mic
,p
olit
ical
,fi
scal
Financial
Asset
Reputational
Management
PETER SCOTT CONSULTING
Risk/KM
Risks are inter-related
Failure to manage knowledge
involves widespread risk
KM is an essential part of an
integrated risk management
strategy
PETER SCOTT CONSULTING
Example: Reputational Risk
OperationalPeopleRegulatoryIT Competition & Business MarketsEconomic, Political & FiscalFinancial Assets
Interaction with Knowledge/KM?
PETER SCOTT CONSULTING
Law Firm Risks
Peop
le
Op
eration
alRegulatory
IT
Co
mp
etit
ion
/bu
sin
ess
Eco
no
mic
,p
olit
ical
,fi
scal
Financial
Asset
Reputational
Management
PETER SCOTT CONSULTING
Management Risks
Is your management in control of its knowledge and managing your risk?
PETER SCOTT CONSULTING
Your Risks?
Where does the knowledge relating to your risks reside?
Can you access it?
Can you capture it?
Can you maintain and upgrade it?
PETER SCOTT CONSULTING
Implementing a Risk Strategy
DIAGNOSIS
Identification and assessment
MITIGATION
Control, transfer and avoidance
MONITORING
Tracking and reporting
When a risk crystallises
LIMITATION
Minimising the effect of
crystallised risks
PETER SCOTT CONSULTING
Risk Identification Involves:
Being management drivenBrainstormingFacilitated discussionsQuestionnairesTop down/bottom up
PETER SCOTT CONSULTING
Risk Diagnosis
Assess severity of high-level risks
Identify high level risks
Set criteria for assessing risks
Identify detailed risks
Assess severity of detailed risks
Risk map
Risk summary
PETER SCOTT CONSULTING
Risk Assessment
Incidence - probabilityImpact - severity
PETER SCOTT CONSULTING
Risk Mapping
PETER SCOTT CONSULTING
Risk Mitigation
Designed to:ReduceAvoidAcceptTransfer
PETER SCOTT CONSULTING
Risk mitigationRisk map
Risk summary
Consider impact/probability
correlation
Required controls
summary
Insurance requirements
summary
Contingency plan
requirements
Residual risk
summary
Consider available mitigation techniques
PETER SCOTT CONSULTING
Monitoring involves
Tracking and reportingComparing actual outturns to preset indicatorsConfirming effectiveness of risk responsesReporting compliance and exceptions
PETER SCOTT CONSULTING
Risk monitoringRequired controls
summaryContingency
plan requirements
Insurance requirements
summary
Set risk indicators and methods to monitor them
Annual Risk Management
Report
PETER SCOTT CONSULTING
Limitation involves
Risk crystalisation scenarios Contingency plansLimitation proceduresPost event assessment
PETER SCOTT CONSULTING
Use of IT Use an integrated risk management system to quantify, assess and control risk by :
streamlining diagnosis, mitigation and monitoring
embedding common risk management procedures
providing information access to all who need it
creating and maintaining one central, up to date risk database
PETER SCOTT CONSULTING
Example – Risk Summary – an overview of risks
PETER SCOTT CONSULTING
Example – Detailed Risks
PETER SCOTT CONSULTING
Example - Controls
PETER SCOTT CONSULTING
Example - Questionnaires
PETER SCOTT CONSULTING
Example – Final Evaluation
PETER SCOTT CONSULTING
Advantages of a formal risk management process?
Structured approach focuses on key risksElimination of redundant proceduresComfort / assurance to PI insurersUniversal application to all risk areasContinuous monitoring ensures management of risk is “lived” day to day
PETER SCOTT CONSULTING
Risk/KM
Risk
Management
Knowledge
Management
PETER SCOTT CONSULTING
Implementing a Risk Strategy
DIAGNOSIS
Identification and assessment
MITIGATION
Control, transfer and avoidance
MONITORING
Tracking and reporting
When a risk crystallises
LIMITATION
Minimising the effect of
crystallised risks
PETER SCOTT CONSULTING
Any questions?
top related