03 Sep Identify best practice approaches to monitoring and controlling risk. Define appropriate communication mechanisms for various stakeholder groups and discuss

ARTICLE TITLE: The embedment of risk management in enterprise management system INTRODUCTION Risk management is a specific area of management. This specificity is due to the dual functions it performs within the company. First, risk management is a separate management domain fulfilling mainly a preventive role in protecting the organization against the effects of the materialization of key risk factors. Second, it is a component of an integrated corporate management system in which risk plays a key role, and effective risk management determines the effectiveness in many functional areas of the company. Risk management often determines the ability of enterprises to survive and thrive in an unpredictable economic environment (Christopher et al., 2011; Elahi, 2013; Skrzypek, 2013; Bromiley et al., 2015). A systemic approach allows risk management to be regarded as a system that integrates management domains, hierarchical levels, and processes, as well as relationships and interactions. Consequently, systemic risk management allows enterprises to respond proactively to the complexity of the environment and, in the context of a process approach, represents a set of interrelated processes for identifying, assessing, analyzing, countering, and monitoring risks (Hilson, 2006; Fischer et al., 2010; Dionne, 2013). One of the characteristics of risk management is that it is firmly embedded in many other management domains. Indeed, between the risk management system and the enterprise management system there should be a continuous exchange of information based on structural, process-related, and purposeful interactions (Kaczmarek, 2010). Furthermore, the structure of risk management should result from the enterprise strategy and take into account its external and internal conditions, as well as its objectives, procedures, standards, and organizational structure. A risk management system structured in this way should ensure that business continuity is maintained and that a competitive advantage is built or maintained, even in crisis (Jedynak and Bąk, 2021). BACKGROUND The positioning of risk in the enterprise management system is intrinsically linked to the core processes of risk management and manifests itself in the most common preventive measures taken against identified risks. The direct role that risk management plays in corporate management can be seen, among others, in the following management domains: strategic management, operational management, financial management, quality management, human resources management, project management, investment management, and innovation management. The role of risk management in strategic management The issue of risk in business activities is the core of analysis in strategic management conditioning the implementation of strategic goals. One of the goals of strategic management is to be able to understand the peculiarities of risk, which makes it possible to diagnose the type and scope of threats to the enterprise, assess their expected impact on the enterprise, and ensure business continuity (Urbanowska-Sojkin, 2012; Schroeder, 2014). The risks occurring in the environment of enterprises are also pivotal for the selection of a development concept, which is one of the leading phases of strategic management. In this case, an adequate assessment of risks and the development of ways to mitigate them determines the maintenance of the current competitive position or its strengthening, and thus also conditions the effectiveness of strategic management. A strategic approach to risk in enterprise should therefore be based on inferences drawn from the recognition of business practices in creating growth in the face of increasing threats, mainly economic and technological ones (Goodfellow and Raynor, 2004). These types of increased threats and the need to take them into account in strategic management processes have contributed to the development of new long-term management methods and tools based on risk. In recent decades, there has been intensive development of a strategic approach to risk management, both in the private sector and at the level of managing the development of society, economies, and countries (Claessens et al., 2002). This approach was, in a way, forced by the ubiquitous economic uncertainty, which should be managed in such a way as to become a measurable risk, the occurrence of which can be prepared and sometimes even prevented by implementing appropriate preventive actions against the identified risks. The next stage of the observed development of the strategic approach to risk was the development of a new conceptual trend. Given the interplay between risk management and strategic management, and in the wake of the global financial crisis, the concept of strategic risk management (SRM) has been developed. The new post-crisis approach to strategic management aims to improve the process of identifying, assessing, and managing risk factors that could cause huge losses or even lead to bankruptcy. However, the main objective of this concept is to perfect the ability to recognize the early signals of crises and to mitigate the scale of their negative effects. The achievement of the stated SRM goals should ultimately make it possible for enterprises to implement strategic security solutions, reduce susceptibility to crises, and prepare to change the business model in response to a potential crisis (Calandro, 2015). Another consequence of the strategic approach to risk management, and thus a manifestation of the intensive development of this relatively new field of management, is the development and use of appropriate preventive or remedial tools, enabling longterm planning of dealing with key risk factors. However, these tools are sector-specific. Others will be appropriate, for example, for activities in the construction sector, others in the financial sector, and still others in the IT sector, etc. The next issues related to the role of risk management in strategic management are strategic risks, that is, those that a given entity (company or country) considers to be key from the point of view of the conducted activity. The main management efforts should therefore focus on strategic risks, both in normal operating conditions and in crisis situations. Strategic risks during the crisis are of particular importance because maintaining business continuity depends on the appropriate approach to managing them (Jedynak and Bąk, 2021). The role of risk management in operational management In their day-to-day operations, enterprises have to face primarily microscale risks and threats related to legal regulations, the specifics of their core business, the competences of employees, and the efficiency of control systems and mechanisms. Operational risk management (ORM) is a distinct management concept that integrates operational management with risk management. The concept is crucial in shaping corporate performance (Naude and Chiweshe, 2017). The main objective of a proactive approach to operational risk should be to improve the adequacy of business decisions, improve efficiency, ensure constant financial results, and maintain the established market position. Despite the availability of a wide range of insurance services, which constitute known operational risk protection tools (Manning and Gurney, 2005), these goals can only be achieved through the integration of enterprise strategy and operational processes. ORM should be a management imperative, first because of the impact of small operational problems on the expansion of risk into other business domains in the form of a chain reaction (Kleindorfer and Saad, 2005), and second because of the need to strengthen awareness of operational threats in order to shape resistance to these threats and balance the needs of stakeholders, for example, customers, suppliers, employees, shareholders, and regulators (Kumar et al., 2014). In order to balance the needs of all stakeholders, a detailed and cyclical identification of risk factors is necessary. The key to effective operational management is the appropriate approach to the risks considered operational, that is, those related to the day-to-day operations of the company. An appropriate approach to operational risks is so important because neglecting protection against everyday threats to the company can sometimes turn into a serious long-term crisis or generate many problems in various functional areas of the company. The operational risk is the risk of loss resulting from incorrect internal processes, human or system errors, and external events. Depending on the sector in which the company operates, these may be, for example, breakdowns, frauds, billing errors, product defects, sales problems, etc. (Coleman, 2010). The role of risk management in project management Enterprises are required to conform to market requirements and the progressive volatility of the environment. To this end, they undertake complex, multi-faceted projects that require the use of specialized project management methods (Frame, 2001; Trocki, 2012). Risk identification, assessment, and analysis processes should occur at all stages of project management, mainly in areas such as quality management, time management, cost management, procurement management, communication management, and integrity management. The overriding goal of project risk management is to keep risks within acceptable limits within the context of the established limits of profitability, rationality, and costs (Cooper et al., 2005). Ward and Chapman (2003) further indicated that project risk management should focus on managing chances in proportion to the focus on the risk of project failures. This is because overestimating risks can result in a decrease in the effectiveness of project work, which can then negatively affect the end result. Furthermore, the approach to risk management should not be limited to the achievement of objectives of a single project, but it should holistically monitor the integration of particular projects’ risks with strategic objectives on an ongoing basis (Dai and Wells, 2004; Sanchez et al., 2009). From the above, it follows that project management and risk management are related in several ways. Concretely, the relationship between these two functional areas can be understood in two ways: first, as dealing with many threats occurring in various phases of project management (where the responsibility for counteracting these threats is most often shared between many people involved in the implementation of the project), and second, as project failure, that is, the risk of inability to implement the intended project (where responsibility lies with the people managing/supervising the project). The risk associated with the success or failure of the entire project, and more specifically the management of this risk, should be strictly dependent on the situational context. This means that threats that will hinder the implementation of the project depend on the industry, the degree of preparation for its implementation, environmental conditions, etc and these circumstances determine the actions that will be taken as part of project risk management The role of risk management in financial management Risk in corporate financial management can be considered a crucial aspect of developing and implementation financial plans that determines the ability to follow trends in global or national financial policy formation (Li, 2003). Besides being recognized as a leading risk area concerning the possibility of the occurrence of financial losses, financial risk is also regarded as a factor that, if properly managed, can reduce the overall level of risk and, through this, reduce the costs of incurring it, which can have the effect of increasing the value of the enterprise (Fairchild, 2002). For this reason, among others, risk is firmly embedded in financial management methodologies. However, risk assessment techniques and tools, for example, financial ratios (liquidity, debt, profitability ratios), only allow for identification of risk exposure at the time of measurement. Therefore, it is necessary to implement early warning methods for financial problems that go beyond the statistical or mathematical calibration of financial risk models. Furthermore, financial risk management should take into account both macroeconomic risk (globalization challenges, economic uncertainty, financial crises) (Hammoudeh and McAleer, 2015) and microeconomic risk (equity risk, interest rate risk, credit risk, liquidity risk, commodity price risk, market risk, counterparty risk, operational risk) (Garcia and Javier, 2017). Financial risk management processes should also allow defining their own transparency requirements for financial instruments, developing models for generating and processing information about threats to and opportunities for profitability, and taking into account the causes and consequences of systemic risk (Mertzanis, 2014).

,

ARTICLE TITLE Risk Management For the Government of Canada to continually improve the way it delivers services to Canadians, it is important that its management regime fosters flexibility, seeks opportunity and focuses on results. Integral to such a regime is awareness and application of risk management principles and practices. Effective risk management practice equips federal government organizations to respond proactively to change and uncertainty by using risk-based approaches and information to enable more effective decision-making throughout an organization. Risk Management Framework The Framework for the Management of Risk is a key Treasury Board policy instrument that outlines a principles-based approach to risk management for all federal organizations. The Framework reaffirms Deputy Head responsibility in the effective management of their organizations in all areas of work, including risk management and describes the expectations for an effective risk management practice. Of note, the risk management principles of the Framework also apply to all Treasury Board policies, and guide the Treasury Board Secretariat in its management, enabling and oversight roles. Guides and Tools Guide to Integrated Risk Management Explains the principles outlined in the Framework and provides guidance on designing, implementing, practicing and continuously improving an integrated risk management approach and process. Guide to Corporate Risk Profiles Provides guidance on developing corporate risk profiles, including the type and scope of information that helps to make a corporate risk profile a useful tool to manage corporate risks and inform decision-making. Guide to Risk Statements Helps strengthen risk management practices by providing guidance on how to develop clear, concise and well-defined risk statements to assist organizations to better utilize risk information to support decision making throughout the organization. Guide to Risk Taxonomies Outlines broad categories of risk that may assist departments and agencies in articulating and aggregating risks within their organization. Risk Management Capability Model Assists organizations in analyzing their risk management capacity as it compares to key attributes of an integrated risk management approach and encourages a discussion on current capacity versus optimal capacity in these areas. Page details

Related Tags