Risk management has become an indispensable component of modern business development strategies. No business plan will be adopted without a chapter with a detailed listing of possible risks and ways to manage them.
But first you need to identify the risks. The success of uncertainty management as a whole depends on how this is done.
Uncertainty in the modern economy
Uncertainty in our context is the lack or lack of information about future events. It is always present in economic activity, influencing many economic processes. Uncertainty is expressed in degree of risk.
Business is impossible without the uncertainty of the future inherently. New technologies, reforms, high competition, innovations - all this is impossible without probable failures. Increased risk is a subscription to the world of free enterprise.
Economic threats are formed as a result of a variety of factors. Competitors, suppliers, public opinion, government decisions, sanctions, employees themselves - all entities are potential carriers of hazards that are difficult to predict.
Risks and portfolio theory
Over the past hundred years, a solid block of economic research has been formed on the risks in the securities markets, insurance, finance and other business areas. Thanks to them, the theory of portfolio approach has appeared in the world of business.
This interesting theory allows you to connect the identification of dangers and threats into a single whole with portfolio management. The main idea of the theory relates to the ratio of risk and income: it can be calculated and fixed in a digital value. According to the portfolio approach, the investor should receive full compensation for possible threats. The company's specific risks (unique to it) are best minimized or completely eliminated. In this case, the return on the investment portfolio will depend only on the state of the market.
One way or another, identification and risk management is one of the key topics of modern business in all its manifestations.
Definitions and classification
The concept of risk applies not only to the economic sphere. They are operated on by psychologists, philosophers and other humanities. And this means an exceptional variety of bulky formulations in various sources. Therefore, it is better to define the identification of risk and the risk itself.
Risk is an uncertain but possible event that can occur in any area of human life. Such events are a highly variable category. They reflect any changes in their outcomes, probabilities and consequences.
Risk identification is the identification of possible negative cases that could affect a business. Without this element, further work on business sustainability is impossible.
The risk identification process is divided into two stages:
- With an initial search and identification of external and internal threats, a company begins that has not previously dealt with it. This also applies to new projects or firms.
- Permanent risk identification - periodic revision of the existing list to adjust old opportunities and add new ones.
In general, risk management is a coherent and logical process. The chain of actions consists of the following links:
- identification of hazards and risks;
- their analysis and assessment;
- minimization or elimination of factors;
- assessment of the effectiveness of interventions;
The last stage of the process smoothly proceeds to its beginning. Any evaluation of the work done should lead to an audit and adjustments to the actions before the next cycle. This fully applies to the new cycle of risk identification after evaluating the effectiveness of measures to minimize them.
Significant risk response measures are as follows:
- risk minimization;
- its liquidation;
- risk sharing.
Management of risks
This is a set of actions that begins with the identification of risks. Risk analysis and measures to reduce or eliminate the possibility of their implementation begin at the second stage. It is clear that measures are taken in respect of only those factors that may adversely affect the success of the business.
Ignoring the control of possible threats can lead to serious losses for the company. Modern business is merciless to those who do not know how to think about tomorrow.
The key to success has always been the early identification of risks. These words are easy to write on paper, but very difficult to put into practice. Search and determination of weak links is impossible without the participation of personnel at all levels. And employees often prefer not to talk about any mistakes, misconduct and other incidents at work.
Therefore, the main concern of management is to create an atmosphere of trust for an open discussion of the company's problems without fear of punishment. If such conditions are created, identification and risk assessment will be the most complete, which will guarantee their successful management.
Methods for identifying risks: who? Where? when?
The main thing is to know and remember that no one will give you a universal recipe for identifying risk factors. Because it cannot be by definition.
You can search, remember and identify possible threats anywhere and anytime. Identification of enterprise risks can be carried out by founders, top managers, ordinary employees, consultants - anyone. Sources for search can be anything: internal, external by industry, insider from competitors, global from world news.
The art of identifying dangers and risks in a huge amount of information lies in the ability to choose only cases that are significant for the company. Then it will be possible to begin their analysis and evaluation.
Methods for identifying risks can be fundamentally different from each other. The choice of method depends on the company, taking into account its profile, the specifics of the place, time and many other factors.
The most common methods include brainstorming, the Delphi method, SWOT analysis, checklists, and building flowcharts. Some of them are pure facilitation methods, some are analytical work.
Brainstorm: Remember Everything
This method works great if your collaboration goals are clearly defined. This is a team work through facilitation - a special technology for effective group activity. Brainstorming can do wonders. It is especially good for forming a long list of something (in our case, risks and dangers) with subsequent groupings and structuring of items.
If the discussion is built correctly, its result is a list without a single extra paragraph or word. It is important that the team begins to be proud of the final list of risks: this is a real collective product. And this means involving employees in further work with corporate risks and dangers.
The most important advantage of brainstorming as a method is the collective significance of the result.
Delphi Method
A feature and the main advantage of this method is a great opportunity to get unbiased answers from all participants, to avoid the influence of authoritative points of view. It's all about the anonymity of the questionnaires distributed.
The technology of working with the group consists in anonymously filling out questionnaires, which are then collected, processed and handed out to neighbors for review. After that, adjustments to the initial answers are made in the questionnaires, which most often appear after acquaintance with the opinion of colleagues. This action can be repeated several times - until consensus is reached.
The choice of facilitation method depends on the range of questions that need to be answered. If brainstorming is perfect for searching and identifying a whole array of all kinds of dangers (a large amount of well-structured information), then the Delphic method is optimal for identifying, for example, priority risk groups.
SWOT analysis
SWOT analysis is not a special method in risk management. But this competitive analysis technology works great for identifying them.
Environmental threats and company weaknesses identified in the SWOT analysis are inherently risk factors.
Weaknesses relate to internal factors. This may be the low qualification of part of the staff, the lack of the necessary software or frequent conflicts between certain departments. Such factors fit well into the risk matrix with very real ways to minimize them.
Environmental threats are much more difficult to work with. They do not fall under the control of company management and are associated with political, environmental, social and other fields. This alone significantly increases the need for SWOT analysis.
Control sheets
The method is more suitable for those who are not the first to collect information about corporate risks. Checklists are lists of all potential company threats identified in past sessions or projects. The task is to audit and make adjustments to reflect changing external or internal factors.
The checklist method should not be used as the main one, it is good as an auxiliary one.
The method of constructing flowcharts
If the company uses a process approach with built-up chains of flowcharts of the main and auxiliary processes, then identifying risks with their help will be very simple. A well-written sequence of actions always helps to find weak links or uncertainty in decisions.
Visual illustrations show all the relationships within the company related to product analysis, sales, management decisions, software, etc.
Domino effect and new digital risks
The expansion of transnational corporations and the globalization of international business have made serious changes in the dynamics of economic development and, accordingly, completely new types of threats. One of the characteristic signs of these risks is the so-called domino effect.
Sophisticated interbranch financial and industrial corporate relations make it impossible for an isolated economic collapse of one company, a series of bankruptcies in affiliated and business-related organizations will necessarily stretch.
The digital revolution brought with it specific challenges related to IT threats. The methods for identifying risks associated with the IT sphere are completely different. Digital security specialists are needed here, a general brainstorming will no longer help.
Three Identified Risk Strategies
As part of the risk management process, after their identification and analysis, the most important stage of their corporate “processing” follows. The solutions can be completely different, but all options can be divided into three types of strategies:
- Avoid Any Risk is a strategy that is more common than we would like. Stagnation and stagnation - these are the results of companies whose management refuses to engage in new initiatives if they carry even the smallest share of risk. It will not work out aside today: the volatile external environment does not tolerate such behavior.
- Risks are monitored and taken for granted. Such a policy leads to fluctuations in the performance and profitability of the company depending on the implementation of the dangers and their negative impact on the business.
- Management of risks. In this case, companies clearly follow the chain of actions from the search for possible weak links to the development and implementation of measures to manage them.
Work with the consequences of economic uncertainty cannot be neglected: these are the realities of today. The more effective it is, the more sustainable the business will be.