The following ad supports maintaining our C.E.E.O.L. service

RISKMANAGEMENTINBUSINESS

RISKMANAGEMENTINBUSINESS

byCorinaCucuMihaelaMrcine

Source:YoungEconomists'Journal(Revistatineriloreconomiti),issue:16/2011,pages:97103,onwww.ceeol.com.

97

Management Marketing - Tourism

RISK MANAGEMENT IN BUSINESS

Assist. Corina Ducu Ph. D Student Constantin Brncoveanu University of Piteti Faculty of Management Marketing in Economical Affairs Piteti, Romania Assist. Mihaela Mrcine Ph. D Student Constantin Brncoveanu University of Piteti Faculty of Management Marketing in Economical Affairs Piteti, Romania

Abstract: The business environment is more competitive than ever and it is characterized by risk, uncertainty, speed and volatility. The concept of risk in business is inextricably linked to the concept of profitability and flexibility. The result of the company (profit or loss) is influenced by unexpected events that accompany its activity.

JEL classification: M0, M1,M10

Key words: risk, risk environment, risk in business, risk management, types of risk.

1. Introduction Risk in business equals the variability of the result, thus affecting the

profitability of assets and consequently the return on the invested capital. This variability can be better mastered, as the company possesses a higher degree of flexibility. The risks of the economic activity mainly result from the companys inability to continually adjust its cost (by reducing it) and to adapt to the economic environment. Risk in business can be approached either in terms of the internal activity of the company or in terms of the external environment in which it evolves. Risk is a measure of the adverse effect of a situation. It refers to the establishment and communication of the potential dangers associated with a particular process in relation to the guarantees and benefits it offers.27

The business environment has experienced a rapid and revolutionary change with consequences that reach organizations worldwide. In the last half century due to increased trade and investment flows we speak more and more about globalization. When the market economy becomes more and more complex and globalized, the reliability of the accounting and financial information acquires critical importance in the correct perception and domination of the economic flows by companies, shareholders, directors, employees and creditors.

Management responses to global competition have included quality improvement and initiatives of risk management, reorganization of structures and processes, as well as greater accountability. But all these need more time, reliability and relevant information for the decision-making process. 27 Regester Michael, Larkin Judy Managementul crizelor i al situaiilor de risc (Crises and risk situations management), Ed. Comunicare.ro, Bucureti, 2003, p. 28-29

98

Revista Tinerilor Economiti (The Young Economists Journal)In todays world, managers must carry out a series of activities when they are

faced with making decisions related to the operating environment: analysis of the environment in which the entity operates; risk identification; their quantitative and qualitative assessment; their monitoring; achievement and implementation of a risk response plan; identification of risky situations; implementation and development of an environment which focuses first on risk

knowledge, knowledge which will be able to remove the dangers to which the activities carried out are subject, contributing thus to their smooth running.

2. Objectives

The concept of risk management Risk management does not only prevent risks, but also makes an entity function

effectively as a result of a structured and organized approach. Risk management refers to the transposition of a business issue in all possible scenarios. It is about a cautious attitude and about the belief in the materialization possibility of a risk. Starting from this attitude, a constructive decision is taken to eliminate or reduce the damage that may arise as a consequence of the respective risk.28

The concept of risk management is relatively new being discussed in the business environment in the late 90s29. But there no risk management without addressing the concept of risk; the word risk coming from the Italian word riscare which means to dare.

It is very important for the proper functioning of an entity to implement a system to identify, assess and manage risks although, in general, the costs are quite high.

Thus, risk management becomes a process of identifying, analyzing and responding to the potential risks of an organization, of an information system or of a project. For example, when attention is on information security, one talks about security risk management.

When the field of analysis is the development of the software products, it is about software risk management. In Romania, the companies that allocate resources to the field of risk management are those from the banking and IT fields, but also the authorities of the Government. Unfortunately, organizations from other areas of activity, such as construction companies or NGOs, do not consider a necessity the allocation of resources to the field of risk management.

A good risk manager is beyond numbers, techniques and technology. Risk management involves building a genuine culture of risk warning for the

entire organization, learning the methods for implementing the risk elimination techniques, without a governing of these rules, creating at the same time, a rational

28 http://www.startups.ro/analize/ce-este-si-cum-te-ajuta-managementul-riscului 29Opran C., Paraipan L., Stan S. Managementul riscului, suport de curs (Risk management, course notes), SNSPA, Faculty of Communication and Public Relations David Oglvy, 2004, p. 10-13;

Access via CEEOL NL Germany

99

Management Marketing - Tourism decision-making process.30

Types of risks in business within a company For a complex managerial project the following risk categories can be

considered31: Technical risk appropriate to the operating probabilities of the components

of the technical and technological system; Commercial economic risk, generated by the emergence of new requirements,

of circumstantial events, of unfavourable exchange rates evolutions, dependence on one supplier, consequences of new regulations, new concepts, internal and international agreements;

Social risk, generated by the emergence of some inaccuracies of the staff in a narrow sense or at the labour force market in a broad sense (strikes, unemployment, confrontations of different interests);

Financial risk expression of the financial capacity to support the respective project;

Cultural risk changes in the company culture and in the impact it generates in the economic system ( the damage of some economic relationships because of different mentalities, traditions);

Country risk which offers a measure of the national economic environment climate and which can highly influence the foreign institutions;

To these we can add other types of risk: Informational risk (impossibility to keep pace with the new trends of the

market); Contractual risk refers to the non-fulfilment by the partner of the obligations

assumed by contract. This risk can occur either when the one of the contracts is no longer of interest

to the partner (fulfilment risk) or when the partner is no longer able to meet the contractual obligations (insolvency risk).32

The adoption of a system and/or strategies policies of quality is based, therefore, both for the dimensioning the resources of the necessary funds, and for the protection against risk (by methods of prevention, surveillance, damage coverage, performance of feasibility studies, technical, constructive and technological options and alternatives, change of the supply sources, professional and managerial training, etc).

3. Analyses

Risk management strategies Risk management is a process that requires a lot of effort but which is an

essential component in the success of the organization, contributing to the development of the added value.

30 www.rei.ase.ro/riskman/risc.html 31 Isaic Maniu A., Ene S., Tudose G.-G. Evaluarea, fezabilitatea, planul de afaceri i riscurile activitii economice (Assessment, feasibility business plan and risks of the economic activities), Ed. Independena Economic, Piteti, 2004, p. 157 32 http://www.manager.ro/articole/cum-sa-pornesti-afaceri/tipuri-de-riscuri-in-afaceri-din-cadrul-unei-firme-252.html

100

Revista Tinerilor Economiti (The Young Economists Journal) Every manager must think about the risk management issue, because,

otherwise, the activity they perform will suffer. Risk management involves: Risk identification, an activity which aims to detect and record all risks; Risk assessment represents the identification and analysis of the internal and

external factors which influence positively or negatively the entitys objectives. This activity being essential to the entitys management must be consistently carried out.

Risk control involves initiating controls and risk response activities; Analysis and reporting of risks aims to: identify the dangers from the audited

entity; preventing, eliminating or minimizing them; assessment of the internal control activity of the audited entity; as well as management reporting.

Source: Made by the authors after the source: Modern Risk Management Strategies for the Romanian State Treasury

Figure no. 1 The risk management process The overall goal of risk management is to help understand the risks which an

organization has to face so that they can be managed. Depending on the moment when the risks are analyzed, there are pre-event purposes (before the risk materializes), when the avoidance of the risk is pursued, and post-event purposes (when the risk has already materialized), when the insurance of the business continuity, the companys survival is pursued.

The main advantage of a risk management program is the economic cost-effectiveness: managers are aware of the risks which the organization has to face and they manage them accordingly, so they do not materialize. Risk management is an obligation of a companys entire team. This should be complemented by the existence of a risk management department or at least of a person to work in this direction.

In some cases there may be a certain level of risk accepted, in accordance with the specifications of a standard. It is a common situation in the financial-banking sector or in the big companies which use the services of an external audit. The compliance adds value to the image for the customers, business partners, etc.

Risk

identification

Risk control

Analysis and reporting of

risks

Risk assessment

101

Management Marketing - Tourism According to Dinu Bumbacea, the leader of PricewaterhouseCoopers

Consulting Department Romania33, the financial crisis has led to a more careful assessment of the management practices of the risks adopted by companies.

Given that many people have blamed the current crisis on the inadequate risk management standards, the executives from all economic sectors want to improve their risk management capacity to succeed in the new business environment which is extremely competitive and dynamic.

Managers attitude towards risk may be different. Theory says that a manager can have one of these three attitudes towards risk: risk taking, risk rejection or indifference towards risk.

When risk is managed and one wants to obtain a response according to the three attitudes, the business peoples reactions can be the following:

Avoiding risk: managers or entrepreneurs consider that the exposure to risk is too high and then they decide to replace the factor that could cause the risk. This may mean avoiding an action, changing a supplier, the reconfiguration of a process, etc. However, you must take into account that not all risks can be avoided or eliminated. Most times, avoiding all risks would require changing the purpose of the project, the complete reconfiguration of the activities or of the calendar planning, changing the budget or the decisions related to other acquisitions.

Mitigation or reduction of the effects: involves the reduction of the risk exposure by decreasing the probability of its occurrence. For example, using a technology that has shown many times before that is trustworthy.

Risk acceptance: represents accepting the consequences and a response method especially when the risks are unknown to the project team or when the benefits obtained in case of non-materialization of the risk would be immense.

Transfer of risk: involves contracting an insurance policy or outsourcing a service. Typically, this practice attracts other risks arising from the outsourcing activity or resulted from the insurance contracts.

In response to this reality, the best companies no longer look at risk management as a simple matter of compliance, but as an integral part of the decision-making process.

The importance of risk management is illustrated by organizations that were devastated by the lack of effective risk management. Recent examples of collapse of some major companies, such as Parmalat, Arthur Andersen, Enron, WorldCom, or the industrial accidents such as the spillage of cyanide from Aurul Baia Mare or the nuclear accident at Chernobyl have become famous. Each of these catastrophes was caused by a chain of events that could have been prevented by proper risk management

3.1 Critical Risk identification methods Risk identification (for this list of potential risks can be done, internal and

external, established in meetings dedicated to risk analysis based on information already known and on risks suspected as possible). External risks may originate in various legislative changes or at the macroeconomic level, or they may occur as a result of promoting new technologies.

33 http://www.pwc.com/ro/en/Press_Room/assets/InternalAuditSurveyRo.pdf

102

Revista Tinerilor Economiti (The Young Economists Journal)To identify the potential risks, it is very useful, and even practiced, the formula

of participation of companies representatives to thematic scientific conferences or to a series of professional meetings.

The most commonly met method of risk identification is the checklist, since it is based on a standard which considers that a process must behave in a certain way. Thus, the risk manager verifies to what extent reality corresponds to what the standard says (whatever it may be) as being within normal limits. But this is not enough, because usually, standards are either general, not being able to capture all aspects of a particular organization, or individual, targeted to a specific area.

In the risk identification stages the documentation available in the organization must also be aligned, the companys historical data and the case studies (personal experience or of other organizations), the consultation of internal and external experts, the conducting of inspections in various units of the organization (those considered as being exposed to risk), brainstorming techniques or the interview with employees. During these sessions the employees experience is very useful since they can identify the risks that the managers did not notice.

The best framework to implement any of these tools is the value-vulnerability-risk analysis. More precisely, the property, the values of the organization is emphasized. For every good an analysis of the vulnerabilities is carried out, where the vulnerability involves the absence of a control measure, of protecting the value. Then, the sources of risk internal or external to the organization are identified.

4. Conclusions As a result of the economic climate in which we are, the entities managers face

a multitude of situations and risks. Risk management does not only prevent risks but also makes an entity function effectively as a result of a structured and organized approach.

Risk management is a current topic quite discussed in the last two years worldwide, due to the changes occurred both in economic and in social terms.

In terms of economic crisis, understanding and awareness of the risks, as well as of the way they are managed, contributes to a better management of the entities activities and allows identifying some optimal strategies which aim the survival, the overcoming of the current difficulties that the entities have to face and even the increase of the financial performance.

REFERENCES 1. Borghesi, A. Credit risk and the new economy, Risk management, October 2001,

Academic Risk Management Association; 2. Capman, C.,

Anderson, U. Implementing the Professional Practices Framework, Altamonte Springs, FL: The Institute of Internal Auditors, 2002;

3. Ghi, M., Briciu, S.

Guvernana corporativ i auditul intern (Corporate governance and internal audit), Editura Aeternitas, Alba Iulia, 2009;

4. Griffiths P Risk-Based auditing, Grower Publishing Limited, England, 1998; 5. IsaicManiu,

A., Ene, S., Tudose, G.-G..

Evaluarea, fezabilitatea, planul de afaceri i riscurile activitii economice (Assessment, feasibility business plan and risks of the economic activities), Ed. Independena Economic, Piteti, 2004;

6. Louisot, J. P.

Risk management for private and public entities, Academic Risk Management Association Italy;

103

Management Marketing - Tourism 7. Opran, C.,

Paraipan, L., Stan, S.

Managementul riscului, suport de curs (Risk management, course notes), SNSPA, Faculty of Communication and Public Relations David Oglvy, 2004;

8. Ratliff, R.L., Reding, K.

Introduction to Auditing: Logic, Principles and Techniques, Altamonte Springs. FL: The Institute of Internal Auditors, 2002;

9. Treasury, H. M. Risk management, principles and concepts, 2004; 10. *** http://www.manager.ro/articole/cum-sa-pornesti-afaceri/tipuri-de-

riscuri-in-afaceri-din-cadrul-unei-firme-252.html 11. *** http://www.plandeafacere.ro/Tutorial/Idei-de-afaceri/Riscul-noilor-

afaceri.html 12. *** http://www.pwc.com/ro/en/Press_Room/assets/InternalAuditSurvey

Ro.pdf 13. *** http://www.startups.ro/analize/ce-este-si-cum-te-ajuta-

managementul-riscului 14. *** http://www.rei.ase.ro/riskman/risc.html