Are your risks under control?

9 Jun 2011 | 3 min read

Written by Dianne Gibert, Fathom Business Architects

In recent months, Australia has experienced countless devastating events: flash floods in Victoria and Queensland, bushfires in Western Australia, a seemingly endless drought that had affected most of Southern Australia and, to top it off, a cyclone that then further destroyed the shores of Queensland. This really is a land of extremes!

Although we hope that we won’t have to endure such catastrophic events again for a long time, the chances are – and the reality is – that we probably will. There will be some communities, some lives, somewhere across Australia, that will have to suffer the same fear and crippling loss that so many others have recently experienced.

Why? Simply because our lives are inevitably full of risks. There is risk in everything we do, from actions as basic as crossing the road to as dangerous as battling high winds and searing temperatures.

What is a risk? A risk is the possibility of an adverse event occurring and the likely consequences that follow as a result of this event. It is usually something that is out of your control, though you can take steps to minimise or ameliorate it. Risk management is a systematic approach to identifying, evaluating, planning and monitoring risks so that they are reduced to a safe and acceptable level.

It is generally well-understood that good risk management in a business involves both effective planning as well as efficient management; the consequences of an adverse risk event can result in financial loss, loss of customers, or even put you out of business.

Think of some of the major risk events to businesses that have occurred in the past 12 months. This, for example, could be BP’s Gulf of Mexico oil extraction program. A fracture in the piping system, caused by short-sighted planning and ineffectual management, led to a disastrous oil spill for not only the company itself, but for customers, shareholders and the environment! Clearly, there were better steps that could have been taken to mitigate the risk of piping failure.

In the airline industry there is a constant risk of delays and cancellations of flights. However more often than not, when the circumstances are serious enough to adversely affect passengers, the airlines communicate the situation directly to commuters via emails/SMS, alerting them of the delay. Whilst the effect of these events is still undeniably unfortunate, passengers accept it, and are appreciative of the airlines for gracefully handling the situation.

Closer to home there is the ever-present risk of losing data as a result of an IT crash. Risk management of this involves having a reliable backup system in place. But there are other risks that also threaten your business. Look at your own business and ask yourself these questions:

Have you identified the major risks that
have the capability to be detrimental to your business?
Are these risks incorporated in either/all of the fi ve main types of risk – physical, safety, financial, legal, market and operational?
Have you undertaken actions to reduce the chance of the risks occurring?
Do you have a plan of what to do if the risk event still occurs and/or is unpreventable?
Do you review both the potential risks and designated plans regularly?

When identifying risks, also consider the impact it will have on your customers andyour ability to properly serve them. If your customers cannot contact you, or you cannot access your database, how will you effectively manage their needs? Perhaps they will be left with no alternative but call someone else?

You must also recognise that in the case of a disaster or a major afflicting event, it is often our candidates that are needed to repair the damage and help restore the situation to normal. Your “tradies” and blue collar workers are the ones who will be required to clear the streets and remove the debris; the doctors and nurses on your database will be the ones on call if disease breaks out. How can you manage risks so that not only are your office staff members protected, but also that your candidates remain available?

Recently we were told about a series of risk events that beset one recruitment agency. They are a small operation of about five staff, well-regarded and kept very busy placing office administrators and managers into local businesses. They had grown so quickly that they hadn’t had a chance to think about protecting their business from adverse events. Unfortunately, within the space of two months, their IT system was hacked into, a bushfire swept past way too close, and a major client was lost. They did have regular backups, but someone forgot to get the latest backup done, so they lost 14 days of data. About six weeks later the bushfire caused real consternation – it was unclear how to get staff out to safety, therewere no readily available contact numbers for staff family members, there was nonumber to divert incoming telephone calls to. Fortunately in the end there was nodamage and no one was hurt, but it did cause a fright. A few weeks later the business missed out on a major tender with an existing client. The drop in business volumes was significant. Again, it was fortunate that the business was able to regroup and no one lost their job, but it was a close call and a very difficult few months.

If this business had identified and prepared for these events, the impact would not have been so severe. Although it was unlikely they could have prevented these things happening, the downside may have been less significant if they had formal procedures in place – a more reliable backup process, emergency evacuation plans, and a broader spread of clients.

The approach to risk management is very straightforward. There are four main steps:

1. Identify the risks. Work with others in the business to brainstorm all the possiblerisks which could occur.

2. Evaluate. Review each risk and evaluate the likelihood of the risk occurring, andthe seriousness of the consequences. The risks that scored high on both counts arethe ones with the “red flags”, the ones to manage carefully.

3. Develop risk strategies

a. Risk control. The first strategy is to reduce the likelihood of the adverse event occurring. Some common strategies include avoidance – don’t do anything that could cause the risk to eventuate, e.g. sell that part of the business; transfer – push the risk onto others through contract or insurance; or reduce the likelihood through improved process and training.

b. Contingency plans. The second is to develop a plan for what to do if things still go wrong. A ‘Disaster Recovery Plan’ that includes emergency phone numbers, who will manage the situation and who will speak to customers.

4. Monitor. All risks and plans should be reviewed regularly. Perhaps the successful implementation of risk control means it no longer has a red flag; or market or internal developments have raised new risks. Not all risks can be predicted or prevented, but preparation is the key to a successful recovery. Take the time to find out what risks could impact your business, and manage them.

Risks that may be facing yourbusiness include:

Key staff loss
Theft
Major client loss
Fraud
Litigation
“Bad” placement
Accident and injury
Adverse publicity
Fire or flood
Loss of data

tags: News

categories: News

Quick Links
Mapping and GIS Jobs | Java Jobs | FX Jobs | All Jobs

Are your risks under control?

EBR Team

Carpenter - Based in Tocumwal or relocation | Tocumwal

Sales & Marketing - Building Industry - $100k + commission | Sydney

Sales Professional - Audio Visual solutions | Sydney

Sales Consultant - Building industry experience is a bonus | Sydney

Sales Representative - Building Industry | Sydney