Friday, June 1, 2012

Approaches to Managing Risk

2:34 PM


Assessing Risk

"Fish see the bait, but not the hook; men see the profit, but not the peril." -- Chinese Proverb

Risk Analysis starts by identifying threats and then estimating the likelihood that those threats may occur.

A risk can be assessed by evaluating at the potential severity of the loss and the probability of occurrence.

Perhaps the most widely accepted formula for risk quantification is:

Risk = Rate of occurrence X impact of the event

For example, suppose you flip a coin and if you get 'heads' you have to pay me $100. Your risk value is:

50% (Probability of Event) x $100 (Cost of Event) = $50 (Risk Value)

Three Approaches

Three approaches can be used to assess post-retirement risks:

  • Finding the expected loss based on the odds for the occurrence,
  • Gauging the impact of an occurrence with stress testing, or
  • Evaluating the impact of a risk to a moderate change in outcome using sensitivity testing.

The nature of each risk determines which approach is most appropriate to quantify the exposure.

How to manage risks

Once risks have been identified and assessed, all techniques to manage the risk fall into one or more of these four major categories:

  • Avoidance (eliminate)
  • Reduction (mitigate or control)
  • Transfer (outsource or insure)
  • Retention (accept and budget)

The selection of the approach or combination of approaches depends on the nature of the risk under review.

All risks that are not avoided or transferred are retained by default. Some approaches to managing risk fall into multiple categories.

Risk Avoidance (elimination of risk)

Risk avoidance is completely avoiding a situation that poses a potential risk. While attractive, this is not always practical. By avoiding risk we forfeit potential gains, for example by avoiding investment in equities.

Risk Reduction (mitigating risk)

With this approach, we try to reduce the extent or possibility of a loss. This can be done by increasing precautions or limiting the amount of a risky activity.

For example, reducing the allocation of your investments to equities reduces the magnitude of a catastrophic loss from a market crash. Diversification of assets is another form of risk reduction, because the various asset classes are never perfectly correlated and are sometimes even negatively correlated.

Risk Transfer (insuring against risk)

This approach means insuring the risk, for example buying life insurance or an annuity. The risk is transferred to a third-party, usually an insurance company.

The risk is still there, that is the adverse event can still occur, but you will not suffer any monetary consequences from it. Early death of a spouse is compensated with the face amount of the insurance policy. Income will continue as long as you live when you purchase a life annuity, so your longevity risk is removed.

Risk transfer using insurance is risk sharing. In exchange of paying their premiums, all insured pool their resources and share the risk. Statistically, only a small number of individuals will experience an early death for example, while the others continue paying their premiums.

Risk Retention (accepting risk)

Risk retention means accepting the risk. Even if the risk is mitigated, if it is not avoided or transferred, it is retained. Retention is effective for small risks that do not pose any significant financial threat. Retention is unavoidable in certain circumstances: an individual may not be able to afford or obtain health insurance.

In other situations, you may decide to accept a risk because the cost of eliminating it is too high. Your only option is then to reduce the risk by introducing safety measures.

Risk management process

Risk management is not something you do once. It is crucial to constantly review and monitor risks and revise your plan when circumstances change. It is also important to ensure that the approaches you have put in place to deal with the consequences of an event are still effective.

Monitoring ensures risks have been identified and assessed and that you have the appropriate controls in place. You can document all this in a risk management plan, setting out your risk tolerance and selected approaches to risk management.

The process of risk management results in improved decision-making, planning and prioritization and an optimal allocation of your resources. It allows you to anticipate what can go wrong and minimize or prevent serious financial loss.

In short, it can significantly improve your odds of avoiding ruin or a financial disaster.

Evaluating and ranking risks

It is worthwhile to rank the risks once you have identified them. This can be achieved by considering the consequence and likelihood of each risk. Prioritizing risks allows you to focus on the most important risks.

Ranking lets you quickly identify which risks you need to focus on.

Using one of the approaches to quantify risk, we can get a risk rating representing the significance and likelihood of the risk occurring. Each risk can be rated on a scale from 0% to 100%. If a risk is rated 100%, it means that it is completely managed. If it is a significantly lower percentage, you can then decide what type of controls should be implemented to mitigate or eliminate the risk.

Risk management plan

You can put systems and controls in place to deal with the consequences of an event that has the most serious consequences. This involves defining an approach to manage the risk and have an escalation process that you can follow if the event occurs.

There's no point in spending more to eliminate a risk than the cost of the event if it occurs. It may be better to accept the risk than it is to use excessive resources to eliminate it.

When you decide -- or have no choice but to accept a risk, develop a plan to minimize its effects should it happen. A good contingency plan will allow you to take action immediately.

Review

Once you've carried out a risk analysis and managed the most important risks appropriately, conduct regular reviews. This is because the costs and impacts of some risks may change, other risks may become obsolete, and new risks may appear.

A prevention plan defines the activities that need to take place periodically to monitor or mitigate the risks you've identified.

Be flexible

With all this sophisticated mechanisms in place, it is important not to lose sight of the need to be flexible when faced with emerging events that change your circumstances and expose you to a dire situation.

There is always more than one way to skin a cat, so keep yourself open to multiple options and forge ahead with your life.

0 comments:

Post a Comment

 

© 2018 Risk Blog by Equisoft Inc. All rights reserved. Designed by Templateism

Back To Top