Upload
yee-kang
View
247
Download
0
Embed Size (px)
Citation preview
8/2/2019 Risk Management Assignment
1/15
Page 1
Table of Content
No Title Pages
1 Risk Management Committee 2
2 Risk Management Process 3
3 Risk Identification 3
4 Risk Measurement 7
5 Selection of Risk Management
Technique
10
6 Risk Reporting and Monitoring 12
8/2/2019 Risk Management Assignment
2/15
Page 2
Risk Management Committee
a) PositionDirectorSee Choong Leong
Vice directorLim Bing Huang
SecretaryNg See Kai
TreasurerSi Mingshan
b) Objective Establish a Risk Management Committee to oversee the Risk Management process as a
whole.
c) Role The Risk Management Committee advises the Universiti Utara Malaysia on risk
management, and submits its annual report to HEA (The University Executive Committee).
To oversee the Risk Management process of the University as a whole. To recommend an appropriate risk appetite or level of exposure for the University. To ensure compliance with government or relevant guidelines. To identify and quantify fundamental risks affecting the University, and ensure that
arrangements are in place to manage those risks.
To ensure that extreme risks are adequately dealt with in disaster recovery or businesscontinuity plans and these plans are up to date and regularly tested.
To help embed a risk management culture into a major decisions, through risk education,high level controls and procedures.
To identify and consider major decision affecting the universitys risk profile or exposure. To recommend to HEA (The University Executive Committee) a suitable risk management
policy for the University.
8/2/2019 Risk Management Assignment
3/15
Page 3
Risk Management Process
Significant risks are identified, ranked, monitored, and have appropriate controls. Where therisk appetite, probability or impact changes, or where the controls are found to be inadequate,
they will be enhanced accordingly.
Risk Management has and will continue to be embedded into the strategy, culture andoperations at the University, within a framework that links strategic plans, priorities, risks,
internal controls, audit strategy and performance management.
Risk Identification
Risk identification is generally considered to be the most difficult step in the risk management
process. In the process of identifying risks, a business entity is able to learn about the areas
where it is exposed to risks in order for it to develop information on the sources of risks,
hazards, perils and loss exposures. A strategic approach to risk management depends on
identifying risks against key universitys objectives. Operating within this framework helps to
ensure a consistent approach across the university and enables a clear structure to be established.
a) Finance Inadequate government funding
University failure to adequately government fund, Evaluation of over 50 projects in
university showed that around 25% of the projects scored low on community
participation and were compromised by inadequate government funding and weak local
health systems.
Inadequate Health Economic Unit fundingIt is commonly believed that economic evaluation is hostile to health promotion and that
the requirement for health programs to be cost effective will result in a distortion in the
allocation of funds towards programs that can demonstrate short-run benefits as defined
by inadequate outcome measures.
Poor financial planning
8/2/2019 Risk Management Assignment
4/15
Page 4
Having sufficient capital is essential for the survival and prosperity of the universitys
operation, and is a primary indicator of your financial' health. It is important to create a
high-quality financial plan to attract and secure the right type and amount of funding
that needed to make financial planning successful. Lacking of contingency plan may
result in poor financial planning also. Crime loss exposures
Despite the impact of the actual property loss, there are potential liability losses
resulting from criminal acts by employees or others directed or allowed to commit
crimes on the university assets. The starting point for analyzing and controlling the loss
is determining the function of the key employee and the resulting loss severity. Fidelity
losses result from employee dishonesty, robbery and burglary committed on insured
premises and cheque forgery.
Failure to manage pension costsFailure to manage pension costs identified as their number one concern the economic
risk of facing higher than expected pension costs. Among sponsors, 93% identified
accounting risk and the balance sheet volatility created by the difference between the
reported cost of pensions on the company's books and the real cost of pensions
provision. It is because of this separation of powers that many sponsors fail to manage
pension risks at all.
b) Academic Failure to articulate academic priorities
Articulating problems of living, personal, social and global that unable the university to
attract funding, new students, staff in order to articulate academic priorities.
Failure to recruit or retain academics and other senior staffThey indicated that they have difficulty recruiting staff at the same time as some of them
are losing those they have. Most of whom were of the rank of senior lecturer have, forexample, resigned in the last three years, mostly to take up positions with local and
international organizations outside of academia. In those departments where there is no
significant attrition, the problem of recruitment is nevertheless a reality. They cannot
compete with other institutions because, as one senior lecturer intimated, This is a
8/2/2019 Risk Management Assignment
5/15
Page 5
departure from the past where at the lecturer level salaries are very high, and markedly
better than those available in both the public and private sectors.
c) Governance and Compliance
Inadequate governance structureInadequate governance of organizational networks and the impact of governance on
network effectiveness. Three basic models, or forms, of network governance are
developed focusing on their distinct structural properties. Propositions are formulated
examining conditions for the effectiveness of each form.
Failure in research conductThey might faces the risk of misconduct in research such as fabrication, falsification,
plagiarism, or other practices that seriously deviate from those that are commonly
accepted community for proposing, conducting, or reporting research. They might fail to
oversee and facilitate the conduct of ethical research.
d) Administration Failure to manage or develop estate
They might faces the risk of unable to manage and analyze complex data, fail to
communicate effectively, bad team leadership; poor time management; the use of
information technology and unable to apply theory to its daily practice. They might
exposed to the risk of unable to clearly define and properly document the contractual
relationship, rights and obligations of the respective parties involved in the real estate.
Failure to provide adequate ICT systems or infrastructureThey may unable to provide adequate ICT infrastructures and the construction of new
buildings to accommodate the ever-increasing student number. They might also faces
lacking computer, outdated equipment and fail to satisfy the student needs. This might
give detrimental impact on research, teaching and administration. Failure to provide adequate student administration
The risk of bad service might exist and this might damage universitys reputation.
University might face the risk of being complain by the customer of its caf regard the
unreasonable food price and the service attitude of the hawker. Bad condition of the
8/2/2019 Risk Management Assignment
6/15
Page 6
hostel in university, the breakdown of university official website will also become a
questionable topic by students.
e) Health and Safety
Failure to manage Health and Safety issueUniversity exposed to hazards in relation to works at construction sites such as power
access equipment, ladder, roof work, manual handling, plant and machinery, excavation,
fire and emergency, hazardous substances, noise, protective clothing and protection to
public. They might also face the risk of fail to manage the accident which has happened
such as the injury due to the slippery road.
Health and Safety failure on building projectUniversity might suffering from the financial loss arise from accident due to unhealthy
behavior of a student or hazardous condition in the campus. Disease and disability
resulting from unhealthy habits like these impose enormous costs. There is also a
possibility for University to damage its reputation.
f) Fundamental Flood
A flood is an overflow of an expanse of water that submerges land. Flood is a temporary
covering by water of land not normally covered by water. In the sense of "flowing
water", the word may also be applied to the inflow of the tide. Floods can also occur in
rivers, when flow exceeds the capacity of the river channel, particularly at bends or
meanders. Floods often cause damage to homes and businesses if they are placed in
natural flood plains of rivers. While flood damage can be virtually eliminated by moving
away from rivers and other bodies of water, since time out of mind, people have lived
and worked by the water to seek sustenance and capitalize on the gains of cheap and
easy travel and commerce by being near water. That humans continue to inhabit areas
threatened by flood damage is evidence that the perceived value of living near the water
exceeds the cost of repeated periodic flooding.
http://en.wikipedia.org/wiki/Tidehttp://en.wikipedia.org/wiki/Tide8/2/2019 Risk Management Assignment
7/15
Page 7
Risk Measurement
Measuring risks is the second step in the risk management process. In measuring risks, abusiness entity evaluates loss frequency and loss severity and then ranks the risks according to
their importance.
Size of Risk Impact Guide
The Impact guides are only use for guidance, the table below showed the risk rating usually used.
Severity descriptors Possible consequences Examples*
1 - Insignificant No impact
2 - Minor
Negative outcomes from risks
or lost opportunities that are
unlikely to have a permanent
or significant effect on the
Universitys reputation or
performance
Less than
8/2/2019 Risk Management Assignment
8/15
Page 8
term but do not threaten the
existence of the institution in
the medium term
consequence
Negative headlines in thenational press
Irreversible injury or death
terrorismmay have the
potential to escalate to very
serious
University financialsystems fail completely andcannot be recovered
5Very serious
Negative outcomes from risks
or lost opportunities which if
not resolved in the medium
term will threaten the existence
of the institution
Financial loss (or loss ofpotential financial surplus)
over 2% of turnover for
consecutive years
Substantial regulatoryconsequence
Sustained negative headlinesin the national press
Closure of major part ofbusiness
Irreversible multiple injuryor death
Major accident due toUniversity negligence
Major fire that prevents asubstantial part of the
University delivering
courses
Collapse in studentapplication numbers
Sustained failure to recruitstaff
Frequency of RiskLikelihood
Descriptor Likelihood
1Very low 2% likely to happen
2Low 5% likely to happen
3Medium 10% likely to happen
4High 20% likely to happen
5Very high 50% likely to happen
8/2/2019 Risk Management Assignment
9/15
Page 9
Severity of risk
1Insignificant
2Minor
3Moderate
4Serious
5Very serious
Total risk score guide (frequency x severity)
Descriptor Guide
06 Low Low level of risk, should not require much attention but should be reviewed at
least annually
712 Medium Medium level of risk, should be monitored and reviewed annually as a
minimum, 6 monthly if necessary
1318 High High level of risk, should be constantly monitored and reviewed quarterly or 6
monthly.
1920 Very high Top level of risk, should be constantly monitored and reviewed monthly.
8/2/2019 Risk Management Assignment
10/15
Page 10
Selection of Risk Management Techniques
Selection of risk management techniques is the third step in the risk management process. Aftermeasuring the risks, it is able to rank the risks according to their importance and select
appropriate techniques to manage these risks.
Three major types of risk management technique are risk avoidance, risk control (lossprevention and loss reduction) and risk financing (risk retention and risk transfer).
Risk area Code Risk Frequency Severity Risk
score
Measures
Finance F1 Inadequate
government
funding
High Serious 15 Lobbying, cost control
(recruitment protocol,
budget savings, capital
moratorium)
F2 Inadequate Health
Economic Unit
funding
Moderate Serious 12 Costing policy, monitoring
of trends, research health
economic unit
F3 Poor financial
planning
Low Moderate 9 Financial planning system,
longer-term planning
F4 Crime loss
exposures
Low Moderate 10 Criminal activities report,
managerial controls,
procedural controls
F5 Failure to manage
pension costs
High Serious 16 Review financial
statement, planning related
to proposals
Academic A1 Failure to
articulate
academic
priorities
Moderate Serious 11 Planning process, work of
academic department,
planning of new
arrangement
A2 Failure to recruit
or retain
academics and
other senior staff
Moderate Moderate 10 Research on teaching and
lecturing
8/2/2019 Risk Management Assignment
11/15
Page 11
Governance
and
compliance
G1 Inadequate
governance
structure
Moderate Moderate 9 Review by the executive
committee
G2 Failure in
research conduct
Moderate Moderate 9 Policies, leadership and
trainingAdministr
ation
E1 Failure to manage
and develop
estate
Moderate Moderate 9 Maintenance and
refurbishment programmes
E2 Failure to provide
adequate ICT
systems or
infrastructure
Moderate Serious 13 ICT governance and
strategy
E3 Failure to provide
adequate student
administration
Moderate Serious 14 Planned projects
Health and
Safety
H1 Failure to manage
Health and Safety
issues
Low Serious 12 Policies and oversight,
departmental self-
assessments and
inspections
H2 Health and Safety
failure on
building project
Moderate Serious 14 Policies and oversight by
related department,
oversight by individual,
report on accidents
Fundamen
tal
B1 Flood High Very
serious
19 Report on damage of
property, inspections
8/2/2019 Risk Management Assignment
12/15
Page 12
Risk Reporting and Monitoring
Final step in the risk management process, which is the reporting and monitoring of risks.Accurate and timely information is needed in order to make good decisions.
A good risk management information system to gather information into a database for furtheranalysis, and to produce reports that meet health economic.
Code Risk Risk technique Consequences Action
F1 Inadequate
government
funding
Loss reduction Inability to carry out planned
activities; possible need for
major change in operations
Continue lobbying
and scenario
planning
F2 Inadequate
Health Economic
Unit funding
Loss reduction Reduction in quality of
education offered unless
funds diverted from other
purposes, in which case
impact on those purposes
Continue lobbying ,
scenario planning,
and preparing for
new agreement and
fee and bursary
arrangements
F3 Poor financial
planning
Loss reduction Inability to carry out planned
activities;
damage to reputation
Planned the financial
activities carefully,
improve the financial
planning system, well
planning on long-term
financial investments
and allocations
F4 Crime loss
exposures
Risk transfer Damaging the financial assets,
loss exposures increase result in
insufficient financial to cover
the loss exposures
Physical controls
include alarms,
security patrols and
cameras. Securely
perform particular
tasks making it
difficult for persons to
commit crimes or
make crime detection
more prompt for an
8/2/2019 Risk Management Assignment
13/15
Page 13
example individual
enter through a
security sign-in area
with provided
passwords.F5 Failure to
manage pension
costs
Loss
prevention
Increased costs or requirement
to fund scheme deficits, with
consequent impact on
operations
Continue
investigation of
options
A1 Failure to
articulate
academic
priorities
Loss
prevention
Inability to attract funding,
staff, and students
Prepare new Strategic
Plan
A2 Failure to recruit
or retain
academics and
other senior staff
Loss
prevention
Impact on research, teaching,
student experience, and on
wider operations
Planning for new
arrangements
G1 Inadequate
governance
structure
Loss
prevention
Negative impact on work,
management, and governance
throughout the University;
qualification of audit opinion;
damage to reputation
Improve the
governance structure
with a clear
governance structure
chart or bar
G2 Failure in
research conduct
Loss reduction Damage to reputation; impact
on operations; loss of funding
Improve the research
conduct, well planned
before conduct a
research
E1 Failure tomanage and
develop estate
Loss reduction Impact on research, teaching,and administration
Update estates strategy
E2 Failure to provide
adequate ICT
systems or
Loss
prevention
Detrimental impact on research,
teaching, and administration;
failure to keep up with other
Improve ICT
governance structure
8/2/2019 Risk Management Assignment
14/15
Page 14
infrastructure universities
E3 Failure to provide
adequate student
administration
Loss
prevention
Inefficiency and perception of
poor service; damage to
reputation
Work towards
replacement for
administration services
H1 Failure tomanage Health
and Safety issues
Lossprevention
Consequences for health andsafety of staff and students;
financial loss, disruption to
work, damage to reputation
Implanted safety aidsin workplace, study
room, more inspection
to oversight the often
place accident happen
and improve it with
safety equipments
H2 Health and Safety
failure on
building project
Loss reduction Financial loss; reputational
damage; delay to project
Oversight the building
project, cover the
places under
construction to reduce
frequency of accident
happen
B1 Flood Loss reduction Damaging the property, affect
the study life in campus,
damaging the plants, may even
result a drowning cases for
curious teens
Improve the draining
system, alarm the flood
place and evacuate
before it happens
8/2/2019 Risk Management Assignment
15/15
Page 15
Analysis by using diagram
0
2
4
6
8
10
12
14
16
18
20
1
2
3
4
5