Risk policy: Difference between revisions
Ceopediabot (talk | contribs) m (typos fixed: , → , , parallely → parallelly) |
m (Text cleaning) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
'''[[Risk]] policy''' framework is created at high-level of organisation's structure. It has within three below phases<ref>OECD (2010), p.19</ref>: | '''[[Risk]] policy''' framework is created at high-level of organisation's structure. It has within three below phases<ref>OECD (2010), p.19</ref>: | ||
# risk assessment, | # risk assessment, | ||
Line 26: | Line 10: | ||
* treat about auditing compliance, | * treat about auditing compliance, | ||
== Challanges in creating the risk policy == | ==Challanges in creating the risk policy== | ||
Many organisations have diffutilties while it comes to implementing the risk policy. The reasons might be the following<ref>OECD (2010), p.19-21</ref>: | Many organisations have diffutilties while it comes to implementing the risk policy. The reasons might be the following<ref>OECD (2010), p.19-21</ref>: | ||
* '''Risks are interrelated''' - risks are usually very complex therefore they require treatment on many levels parallelly, | * '''Risks are interrelated''' - risks are usually very complex therefore they require treatment on many levels parallelly, | ||
* '''The way of communicating risks''' - when there was proper risk assessment and possible responses were predicted there is chance that risks will be communicated in effective way, however, sometimes the whole [[process]] is prepared in a crisis which may cause failure of communication, | * '''The way of communicating risks''' - when there was proper risk assessment and possible responses were predicted there is chance that risks will be communicated in effective way, however, sometimes the whole [[process]] is prepared in a crisis which may cause [[failure of communication]], | ||
* '''Failure is risk assessment''' - also might be impacted by preparation in crisis, for example when new regulations is made rapidly and problem was not assessed deeply upfront, | * '''Failure is risk assessment''' - also might be impacted by preparation in crisis, for example when new regulations is made rapidly and problem was not assessed deeply upfront, | ||
* '''Subjective perspective of risk''' - some risks might be subjectively overestimated or underestimated versus opinion of experts, the reasons of it can be culture or past events which impacted the public, | * '''Subjective perspective of risk''' - some risks might be subjectively overestimated or underestimated versus opinion of experts, the reasons of it can be culture or past events which impacted the public, | ||
* '''Communicating and responses to the public'''- often there is an expectation to reduce risk to zero, which sometimes might be not possible, therefore it may become [[cost]]-ineffective, | * '''Communicating and responses to the public''' - often there is an expectation to reduce risk to zero, which sometimes might be not possible, therefore it may become [[cost]]-ineffective, | ||
* '''Separating risk assessment from [[risk management]]''' - risk assessment and risk [[management]] are two separate exercises, however often they are institutionally joined what may impact lack of objectiveness in final decisions. | * '''Separating risk assessment from [[risk management]]''' - risk assessment and risk [[management]] are two separate exercises, however often they are institutionally joined what may impact lack of objectiveness in final decisions. | ||
== Risk policy document== | ==Risk policy document== | ||
The risk policy document may consist of below chapters<ref>(2015) Heriot Watt University</ref>: | The risk policy document may consist of below chapters<ref>(2015) Heriot Watt University</ref>: | ||
* Introduction, | * Introduction, | ||
Line 44: | Line 28: | ||
* Developments in practice. | * Developments in practice. | ||
== Policy impact on risks == | ==Policy impact on risks== | ||
Looking from another perspective, so how governance policy may impact risks, there are two main types<ref>Micale V., Frisari G., Hervé-Mignucci M., Mazza F. (2013)</ref>: | Looking from another perspective, so how governance policy may impact risks, there are two main types<ref>Micale V., Frisari G., Hervé-Mignucci M., Mazza F. (2013)</ref>: | ||
# '''Prospective policy risks''' - overall uncertainty which negatively affect on [[planning]] of [[project]], | # '''Prospective policy risks''' - overall uncertainty which negatively affect on [[planning]] of [[project]], | ||
Line 53: | Line 37: | ||
==Footnotes== | ==Footnotes== | ||
<references /> | <references /> | ||
{{infobox5|list1={{i5link|a=[[Risk management process]]}} — {{i5link|a=[[Business risk management]]}} — {{i5link|a=[[Strategic risk management]]}} — {{i5link|a=[[Project risk assessment]]}} — {{i5link|a=[[Risk category]]}} — {{i5link|a=[[Associate in risk management]]}} — {{i5link|a=[[Project risk analysis]]}} — {{i5link|a=[[Risk management strategy]]}} — {{i5link|a=[[System safety]]}} }} | |||
==References== | ==References== |
Latest revision as of 03:58, 18 November 2023
Risk policy framework is created at high-level of organisation's structure. It has within three below phases[1]:
- risk assessment,
- risk management,
- risk review.
The risk policy treats mainly about communication and consultation. The goal of risk communication is to identify risks, to educate people and to inform them about scale of risk. Understanding risks and accepting them is an perfect outcome of proper risk policy, because trust of public towards the organisation is built[2]. Borghesi A. and Gaudenzi B. advices that the risk policy should[3]:
- be kept up-to-date,
- has special documentary,
- develop strategy related to the risk,
- treat about auditing compliance,
Challanges in creating the risk policy
Many organisations have diffutilties while it comes to implementing the risk policy. The reasons might be the following[4]:
- Risks are interrelated - risks are usually very complex therefore they require treatment on many levels parallelly,
- The way of communicating risks - when there was proper risk assessment and possible responses were predicted there is chance that risks will be communicated in effective way, however, sometimes the whole process is prepared in a crisis which may cause failure of communication,
- Failure is risk assessment - also might be impacted by preparation in crisis, for example when new regulations is made rapidly and problem was not assessed deeply upfront,
- Subjective perspective of risk - some risks might be subjectively overestimated or underestimated versus opinion of experts, the reasons of it can be culture or past events which impacted the public,
- Communicating and responses to the public - often there is an expectation to reduce risk to zero, which sometimes might be not possible, therefore it may become cost-ineffective,
- Separating risk assessment from risk management - risk assessment and risk management are two separate exercises, however often they are institutionally joined what may impact lack of objectiveness in final decisions.
Risk policy document
The risk policy document may consist of below chapters[5]:
- Introduction,
- Statement of risk policy,
- Risk evaluation,
- Benefits from risk evaluation,
- Comparing risks and benefits,
- Developments in practice.
Policy impact on risks
Looking from another perspective, so how governance policy may impact risks, there are two main types[6]:
- Prospective policy risks - overall uncertainty which negatively affect on planning of project,
- Retroactive policy risks - changes in policy or regulatory which affect the financial stability and require additional investments.
Author: Patrycja Mikołajczyk
Footnotes
Risk policy — recommended articles |
Risk management process — Business risk management — Strategic risk management — Project risk assessment — Risk category — Associate in risk management — Project risk analysis — Risk management strategy — System safety |
References
- Borghesi A., Gaudenzi B. (2013), Risk Management. How to Assess, Transfer and Communicate Critical Risks, Springer, Italy
- Micale V., Frisari G., Hervé-Mignucci M., Mazza F. (2013), Risk Gaps: Policy Risk Instruments, Climate Policy Initiative
- OECD (2010), OECD Reviews of Regulatory Reform Risk and Regulatory Policy Improving the Governance of Risk: Improving the Governance of Risk, OECD Publishing
- Risk Policy and Strategic Risk Appetite (2015), Heriot Watt University, Great Britain