RISK MANAGEMENT can be explained as a management function the object of which is the protection of people, assets and earnings by avoiding or minimising the potential for loss from pure risk, and the provision of funds to recover from losses that do occur. Risk Management involves the systematic identification, evaluation and control of all identified potential losses.
The aim of Risk Management is to develop a structured way of identifying and assessing the probabilities and consequences of risk, and selecting appropriate risk strategies to reduce the probability of, or losses associated. Moreover, analyse risk can provide decision support by systematization of knowledge to describe/express risk and how to mitigate the risk.
In general, there are 6 processes in Risk Management and Mitigation. Those are as follow:
1. Identification (identify the risks)
In this step, risk are identified and classified into its appropriate classification using appropriate technique. This stage helps to develop a common understanding of the future uncertainties. This is also the most important step because hazards that are not identified will not be quantified, leading to the overlooking or underestimation of risk.
Method / Technique / Model associated:
b) Literature search
c) What if review (brainstorming examination)
d) Walk through
e) Check list (brainstorming examination)
f) Hazop (creative interaction of specialists)
g) Relative Ranking (ranking process areas)
h) Fault Tree Analysis (graphical model that illustrates combinations of failures)
i) Event Tree Analysis (evaluates the potential for an accident)
2. Assessment and Evaluation (assess and evaluate those risks)
Based on identified risks in previous step, they are analysed by suitable method / technique. It is the stage where its results are used to make decisions, either through relative ranking of risk reduction strategies or through comparison with risk targets. To assess the risk, there are several considerations:
1. Risk assessment should involve generally recognised techniques
2. Risk assessment must be supported by currently available scientific evidence
3. Risk assessment must be demonstrated that the level of protection
4. Risk assessment must be shown that actions taken do not impede trade unnecessarily.
In this stage, we assign probability to risk and determine consequences of each risk identified.
Method / Technique / Model associated:
a) Frequency Assessment Methods
1. Historical Records
2. Fault Tree Analysis
3. Event Tree Analysis
4. Failure Mode and Effects Analysis (FMEA)
5. Human reliability analysis
6. Common cause failure analysis
7. External events analysis
b) Consequences Assessment Methods
1. Source term models
2. Event Tree Analysis
3. Atmospheric dispersion models
4. Effect models
5. Mitigation models
c) Risk Evaluation Methods
1. Risk matrix
2. F-N Curve
3. Risk profile
4. Risk isopleth
5. Risk index
6. Risk histogram
1. Hazard and Operability Analysis (Hazop)
2. Bayesian probability theory
3. quantitative risk assessment (QRA)
4. probabilistic risk analysis (PRA)
3. Selection (select an appropriate risk management strategy)
Once risks have been assessed, the appropriate strategy (avoidance, postponement, speculation, hedging, control, sharing/transferring, security, etc) must be planned carefully.
4. Implementation (implement that risk management)
If our planned is fixed, then the next step is to implement into real life.
5. Mitigation (mitigate those risks)
Once we are in implementation phase, we need to measure whether our risks strategy has been successfully applied to mitigate our targeted risk or not. We also need to aware and prepare for unforeseen risk events that unidentified in first step. On the other words, risk mitigation focuses on reducing the consequences if an adverse event is realized.
6. Monitoring (monitor those risks)
This stage is where our strategies implemented being supervised to detect the risks when they occurs.
Manuj, I., & Mentzer, J. T. (2008). Global supply chain risk management. Journal of Business Logistics, 29(1), 133-155.
Nishat Faisal, M., Banwet, D. K., & Shankar, R. (2007). Information risks management in supply chains: an assessment and mitigation framework. Journal of Enterprise Information Management, 20(6), 677-699.
Tuncel, G., & Alpan, G. (2010). Risk assessment and management for supply chain networks: A case study. Computers in Industry, 61(3), 250-259.
Khan, F. I., & Abbasi, S. A. (1998). Techniques and methodologies for risk analysis in chemical process industries. Journal of loss Prevention in the Process Industries, 11(4), 261-277.
Hallikas, J., Karvonen, I., Pulkkinen, U., Virolainen, V. M., & Tuominen, M. (2004). Risk management processes in supplier networks. International Journal of Production Economics, 90(1), 47-58.
De Souza, R., Goh, M., & Meng, F. (2007). A risk management framework for supply chain networks. TLI-Asia Pacific White Papers Series.