RISK MANAGEMENT
Your company, like the rest of the other business entities, is faced with changes in both internal and external environments. However, it is imperative to ask this question; how then can the entity achieve its objectives? The answer is, objectives can be achieved with sound risk management practices.
Your position in the organisation notwithstanding, you have a duty to always practise risk management, since objectives to be achieved exist on the one hand and changes in the internal and external environment working for or against the achievement of the objectives persist on the other. You may already be practising risk management in some way. Nevertheless, do you know that ISO 31000 can greatly improve your company’s risk management system?
Consideration of risk is very much part and parcel of decision making. Risk is not an isolated, but it is an integrated function. Therefore, it goes without saying that the management should integrate risk processes with the functions and structure of the company. For this to happen, the board should design, implement, evaluate, and improve risk framework.
Risk framework insists on training of employees, managers, and board members alike to demonstrate their understanding of risk principles - that risk is integrated (inherent), structured (formal), customised (peculiar), inclusive (involving all stakeholders), and dynamic (always evolving). Further they should be trained to be prepared to work with the available information without waiting for full information, to consider human and cultural factors and lastly, to keep repeating or iterating the risk process.
Risk process entails a constant appreciation of the changing circumstances and the positive or negative impact they have on the achievement of objectives and strategy implementation. The process is executed when employees can identify risks (including opportunities) in their own way, are able to analyse and evaluate them, and eventually address the risks. This process is considered complete when employees can communicate, consult, record, and report on risks right from the identification to the treatment phase. Finally, both the board and management must monitor and review the risk process to ensure it is fit for purpose at all times.
As a board your mandate includes policy formulation and the creation and maintenance of a fit for purpose framework. It is recommended that you seek the approval or consent of your senior management to approve a risk manual that will guide the implementation of the risk process. A good risk software should be able to cater for the risk process at the minimum.
[ISO 31000: 2018 thankfully acknowledged]
CONTACT DETAILS
Physical Address: RSM Botswana, RSM House, Plot 39, Gaborone International Commerce Park, Gaborone Postal Address: P O Box 1816 Gaborone, Botswana Telephone: +267 3912805
Contact [email protected] or call 3912805 for further inquiries and assistance.