Risk Management is the discipline of identifying and managing uncertainties the business is facing. The failure to deploy effective Risk Management can have a devastating impact on the business and could result in closure.

Risk management is a culture and a strategic tool to ensure the future existence of the business and can typically be tailored to meet the needs and requirements of your business.
 

Risk Management should be established not only in the Directors or Executive layer of the business but should be top of mind in the middle and junior ranks of the business as well.
 

The purpose of risk management requires the:

• Identification of a risk, which can be strength, weakness, opportunity, or threat to the business.
• The calculation or quantification of the risk which requires the establishment of the likelihood and impact thereof. Each of these consist of a detailed process of analysis and should not be q guess.
• Identification of a mitigation strategy for the specific risk type and
• The ongoing monitoring and reporting of the risk during the period of existence.

 

It is advised that the risk registers be rolled out formally to the various departments to allow for the identification, reporting and resolution of risks through the business and to allow for the tracking of the changes to the risk within the business.

If it is not established as part of the culture of the business, then it would be done on an ad hoc basis to meet the needs and requirements of the board and does not result in the appropriate benefits being realized.
 

The above can only be established through an effective risk management function which is tailor made to the needs and requirements of your business.

 

Value Statement:

Risk management executed in its purist form, allows for the effective management of the business by:

• Predicting key impacting events and allowing for the deployment of appropriate corrective measures, controls or alternate mitigation strategies.
• Security the revenue stream of the business.
• Decrease the likelihood and impact of the potential risk events which could affect the operation of the business.

Value Proposition:

Cristal Consulting subscribes to ISO 31000 and associated standards to ensure a consistent and acceptable approach to risk management. The services we offer includes, but is not limited to the following:

• Development of a formal Risk Management strategy which is customized for your specific business and other stakeholder requirements.

 

• Presentation of training to Directors, Senior Managers and executives, Middle Managers and junior staff to ensure a consistent approach to risk management.

 

• We can assist the performance of the risk assessments based on:
  • The business, typically referred to as the Top 10 or Top 20 risks the business faces.
  • Departmental risk assessments, typically the top 10 risks per department based on the operational requirements of each of the departments.

 

• The risk assessment would include:
  • Defining the specific risks within the environment (wording to ensure that the risk under review is clearly understood.)
  • The quantification of the likelihood and impact, without using a thumb suck to determine it.
  • The identification of the mitigating strategies to be performed, which includes:
    • Defining the solution set
    • The owner and corrective measures to be taken
    • Agreeing on the implementation date for the specific remedies agreed upon.
    • Monitoring and reporting on the progress made.

 

Value can only be generated from Risk Management if it is formally established and made part of the culture of the business.
 

Cristal Consulting uses our own templates, formats, systems, and tools for the documentation of the complete process to ensure that a complete view of all the activities can be provided.
 

Please feel free to contact us to obtain more information on the process used.