Embed Size (px)
Citation preview
1
ABSTRACT
This exploratory research is a study of how social enterprises manage risks using two social enterprise case studies. A review of relevant literatures was made to examine the conceptual and theoretical frameworks used in risk management. Qualitative data obtained from secondary sources were used to analyse the approach applied by the social enterprises in their management of risks. MITRE corporation risk management model was adopted to analyse the fundamental steps used by the social entrepreneurs in the management of enterprise risks. It was found that the social enterprise manage risks by identifying the risk events through environmental scanning, assessing risk impacts, prioritizing the risks, monitoring, tracking and managing the risk to an acceptable level. The study recommended a full participation of every member of the social enterprise in the identification and management of risks.
2
CHAPTER ONE
1.1 INTRODUCTION
Social enterprise is an organization which is involved in social and commercial activities. It is a business that trades to tackle social problems, improve communities, people’s life chances, or the environment (Social Enterprise UK, 2014). According to Upturn Enterprise Ltd (2013),"An organisation is regarded as a social enterprise if it applies commercial and business strategies that are focused upon delivering improvements in community and environmental well-being, rather than simply optimising profits for its shareholders". What makes it different from other enterprises is that it places a strong emphasis on tackling social problems.
A social enterprise can do things that enable it make money, such as selling goods or services. Example ranges from Apex Project Ltd in Leicester to Upturn Enterprise Ltd and many others that are committed to assisting individuals, private, public and third sector organisations.
Social enterprises always plough back their profits to the business instead of distributing it to investors (Smith et al., 2012). For example, a social enterprise providing affordable training or capacity building can use its surplus profits to open a new centre in another town.
Managing financial, social, operational and environmental factors can have challenges and risks. However, social enterprises face several risks in creating positive change for people and communities. This paper examines how social enterprises manage risks. To achieve this, case studies of two social enterprises that are similar in mission were used.
1.2 OBJECTIVE OF THE STUDY
The objective of this study is to undertake an assessment of the risk management of selected social enterprise using appropriate risk management model.
1.3 BACKGROUND OF THE SELECTED SOCIAL ENTERPRISE.
1.3.1 APEX LEICESTER PROJECT LTD
Apex is a registered social enterprise located in Leicester. They began as an organisation that helped ex-offenders by engaging them in education and training which will create employment opportunities for them (Apex Works Ltd, 2014). Apex work with a range of vulnerable and marginalised groups including homeless people, lone parents, unemployed people who are not in education or training, people with physical or learning disabilities and people with mental health difficulties by supporting them to overcome their barriers and
3
realise their potential through the provision of supports, learning and jobs (Apex Works Ltd, 2014). They offer training courses, tailored to specific organization needs, to staff of organizations and can also supply ready employees to organizations.
1.3.2 UPTURN ENTERPRISE LTD
Upturn is a social enterprise committed to assisting individuals, private, public and third sector organisations. It is located at Oldham, Greater Manchester and a registered member of Social Enterprise UK.
The main objectives of Upturn Enterprise Ltd include:
1. To develop the capacity and skills of the members of socially and/or economically disadvantaged communities in such a way that they are better able to participate meaningfully in society;
2. The advancement of education, training or retraining, particularly for unemployed people.
Their main approach is all about results that empower organisations and individuals to succeed, develop and become more sustainable (Upturn Ltd, 2014).
CHAPTER TWO
LITERATURE REVIEW:
Social enterprises pursue both social and economic goals while facing the associated risks. They can engage in delivery of social goods and services to disadvantaged groups and communities. The risks social enterprise faces are either in the form of threats or opportunities. Studies have been made to explain the management of these risks. This study reviewed relevant literatures to make addition to existing body of knowledge.
Conceptual Framework
Two conceptual models used in identifying risk factors were reviewed. The risk identification models reviewed are:
1. PESTEL Analysis
2. SWOT Analysis
1. PESTEL analysis:
4
PESTEL analysis is a tool used to analyse the macro-environmental (external environment) factors that have impact on an organisation (Professional Academy, no date A). It identifies threats, weaknesses and opportunities that effect enterprise success. Figure 2.1 below shows what PESTEL stands for:
Figure 2.1 PESTEL FACTORS (Professional Academy, no date)
• Political Factors:
This explains government policies and regulation of social enterprises especially as it affects grants, subvention or donation from government, political stability/instability, foreign policy which affects social enterprise, tax policy on profit of social enterprise, labour law, trade restrictions which affects social enterprise earning and so on (Professional Academy, no date A). Social enterprises identify and respond to these risk events accordingly.
• Economic Factors:
Social enterprises have significant level of economic risks (Organisation for Economic Co-operation and Development, no date). Factors such as economic growth, interest and exchange rates, inflation, disposable income of consumers and businesses effect social enterprises (Professional Academy, No date A). These factors can affect their source of funding, profitability and the demand for their goods and service. Social entrepreneur will need to understand these factors so as to manage economic risks.
• Social Factors:
These are the factors that involve the shared norms, values, belief and attitudes of the population and how they affect the success of the social enterprises (Professional Academy,
5
No date A). If a social enterprise intends to operate across culture, the risk of cross-cultural differences will be put into consideration. They can also face reputational risks arising from peoples’ high expectation of moral and ethical standards, and often, they may be expected to deliver more complex services using fewer resources.
• Technological Factors:
It is important for social enterprise to observe changes in technology and how it impacts their operations, products and services. Professional Academy (No date A) states that social enterprises can face technological risks in the following ways:
1. New ways of communicating with internal and external customers.
2. New ways of producing goods and rendering services
3. New ways of distributing goods and services
• Environmental Factors:
This factor has become important due to the increasing demand for doing business as an ethical and sustainable enterprise, scarcity of raw materials, pollution control and social responsibilities which can affect the success of a social enterprise. Consumers demand that the products and services they buy are sourced ethically and from a sustainable source (Professional Academy, No date A).
• Legal Factors:
Social enterprises should know what is legally required of them in order to operate successfully. Legal issues can include; product labelling and safety, equal opportunities, advertising standards, consumer rights, health and safety laws, etc (Professional Academy, No date A).
2. SWOT Analysis:
SWOT is an acronym that stands for Strength, Weakness, Opportunity and Threat. This model was developed by Albert Humphrey, an American business and management consultant, during his work at the Stanford Research Institute (SRI) between 1960 to 1970 (Schwaar, 2005).
SWOT analysis is a tool for evaluating enterprises’ Strengths, Weaknesses, Opportunities, and Threats. The analysis of social enterprises’ Strengths and Weaknesses (internal factors) will help them to identify their ability or inability to enhance available Opportunities and mitigate Threats (external factors). Figure 2.2 below illustrates this model.
6
Figure 2.2 SWOT Analysis. Source: Adapted from Consultants Online (No date)
7
A strategic analysis of the internal and external environment will enable the organisation to plan more effectively for the future, whilst taking into account opportunities and potential threats. According to Professional Academy (no date B), a SWOT analysis that does not produce or help towards producing realistic and achievable goals is useless. In planning any project, the social enterprise assesses the associated risks to identify the potential weaknesses and threats to its viability. SWOT analysis aims at identifying the extent to which current strategies of an organization and its strength and weakness are relevant to, and capable of dealing with the change taking place in the business environment (Kalpande et al., 2010). Every department must be aware of their Strength, Opportunity, Weakness and Threats (Pachpande and Singh, 2014). Kalpande et al., (2010) suggest that to succeed in any field, weakness must be overcome through strength, and threats must be transferred into opportunities. Professional Academy (no date), argues that a threat can be turned into an opportunity or something that is a weakness today might be turned into strength with some effort.
Ayub et al., (2013) state that SWOT analysis helps in identifying organization’s core competencies i.e. potential strengths and utilizing them in exploiting opportunities and counteracting threats; and identifying weaknesses in order to diminish them. SWOT analysis relates qualitative and quantitative aspect of decisions and improves the strategic process of planning and decision making (Ayub et al., 2013).
THEORITICAL FRAMEWORK
COSO Enterprise Risk Management (ERM) Framework
According to Committee of Sponsoring Organizations of the Treadway Commission (COSO) "Enterprise Risk Management (ERM) is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite and to provide reasonable assurance regarding the achievement of entity objectives" (Steinberg et al., 2004).
COSO ERM framework defined eight essential components which organisations should address (Weller, 2014). These are:
1. Internal environment:
This establishes the tone of the organisation, in influencing risk appetite, attitudes towards risk management and ethical values (Weller, 2014). In evaluating strategic alternatives, management will align the entity’s risk appetite to the strategic objectives, and develop mechanisms to manage related risks (Steinberg et al., 2004).
2. Objective setting:
8
Management should set objectives that are consistent with the mission of the organisation and its risk appetite.
3. Event identification:
This involves the identification of risk factors or events (internal and external) that affect the achievement of enterprise objectives. COSO ERM framework suggests that enterprises should undertake analysis to identify potential risk events, and more importantly respond to threat and opportunity as soon as they arise.
4. Risk assessment:
This involves the assessment of the likelihood and impact of enterprise risks to form the basis for determining how to manage them and how individual risks interrelate. The COSO ERM framework emphasizes the importance of combining qualitative and quantitative risk assessment methodologies. After assessing the inherent risk level, the organization should also assess the residual risks left behind after taking risk management actions.
5. Risk response:
Appropriate actions are taken to align risks with enterprise risk appetite and tolerance (Weller, 2014). The response action can be to reduce, accept, transfer, enhance, or avoid identified risk. The risk response action to be adopted must be realistic considering the impact as well as the costs of responding to the risk.
6. Control activities:
The policies and procedures of enterprise operate to ensure that effective risk responses are maintained. COSO ERM guidance emphasizes that there is need to perform control across all levels of the enterprise and at different stages of the business processes.
7. Information and communication:
The information and communication system should provide relevant information to support the responsibilities of the enterprise personnel. The system should be able to identify, capture and communicate data in an appropriate quality, format and timeframe. The communication of information regarding a risk event that is relevant to a staffès duty will help in strengthening the internal environment by creating risk awareness in staff (embedding).
8. Monitoring:
The COSO ERM framework suggests that enterprise risk management should be continuously monitored and modified where it is necessary (Weller, 2014). When control system is not monitored, it tends to degenerate over time. COSO ERM model provides guidance to monitoring internal controls. Whenever risks are identified, it should be reported, assessed and their root causes corrected. The framework stresses the importance of feedback and action.
9
Research Methodology
This exploratory research examines the risk management model used by selected social enterprises in the management of risks. The selection of the social enterprise was narrowed to those that fit within common criteria such as mission, target population, and legal form. Secondary sources of data collection such as the social enterprises websites, online news articles, journals and books were utilized.
The analysis of the social enterprises’ risk management approach was conducted using a qualitative description. MITRE Corporation Risk Management model was used in this study to analyse the risk management approach of the selected social enterprises. MITRE is a not-for-profit organization that operates federally funded research and development centres (FFRDCs) in USA. MITRE Corporation often design risk management approach and strategies for government projects.
The analysis was conducted based on the four steps identified by MITRE risk management model and from which the research objective was achieved.
Analysis
The MITRE corporation risk management model below explores the risk management approach of the selected social enterprise.
10
Figure 4.1 MITRE Risk Management Model
(Source: Adapted from MITRE Systems Engineering Guide)
1. Risk identification:
The critical first stage is that the social enterprise, through environmental scanning, identifies the risk events that could potentially prevent the realization of its objectives. These risks can arise from government legislation, policies and regulations, reputational risks and high expectation from stakeholders, inadequate funding, technological challenges, security and safety of enterprise members and properties, withdrawal of grants and donations, legal restrictions, inadequate staff strength, people’s value, norms and culture, climatic hazards and managerial incompetence. These and many other risk factors are identified for impact assessment.
2. Risk Impact Assessment:The social enterprise assesses the frequencies and consequences of each identified risk. Assessment criteria are used to measure the impact of these risks on the enterprise objectives. It can consider how the risk events affect cost, schedule, quality, program scope or performance.
3. Risk Prioritization Analysis:
11
The identified risk events, their impact assessment, probability of occurrence and consequences are collated to derive a most–to–least critical rank–order of risks. The main purpose of prioritizing these risks is to form a basis for allocation of scarce resources and urgency of attention.
4. Risk Mitigation Planning, Implementation, and Progress Monitoring:At this stage, the social enterprise develops and implements actions designed to enhance opportunities, eliminate or mitigate threats to an acceptable level. After implementing a plan, the result is often monitored with the view of revising any course-of-action if needed. The risk mitigation strategy or option (ie accept, avoid, transfer, enhance or reduce) will be based on the assessed combination of the probability of occurrence and severity of the consequence for an identified risk. The iterative process continues.
Discussion of Findings
The study found that many factors contribute to the success or failure of social enterprises. These factors can be political, economic, social, technological, environmental and legal (PESTEL). The analysis of these external factors will give rise to an assessment of the enterprise strength, weaknesses, opportunities and threats (SWOT) to ascertain how to manage the internal environment and cope with the external environment. The COSO Enterprise Risk Management (ERM) framework identified eight essential enterprise risk management components, which involve enterprise-wide application.
Using the MITRE risk management model for analysing the risk management approach of the selected social enterprises, it was found that four iterative steps were applied in the risk management process.
Conclusions:
In the course of providing social services and adding value to the community, social enterprises are faced with risks. Identifying, assessing, prioritizing and mitigating these risks become imperative for the social enterprise management. If an enterprise fails to identify risks and steps taken to avoid or mitigate these risks, it may incur significant loss or additional costs. This describes why risk management is necessary for successfully managing social enterprise. Effective risk management is a proactive and ongoing process whereby organizations seek to identify risks as early as possible and implement controls to accept, mitigate, transfer, enhance or avoid those risks.
Since environmental changes (internal and external) often take place and the need for new strategies required; regular update of PESTEL and SWOT analysis is eminent. The risk assessment criteria are tailored to the enterprise objective. The risk impact assessment, probability of occurrence and consequence will help to communicate the significance of the risk on enterprise objective. This process need to be monitored and if condition or environment changes, the assessment will be revisited.
12
Recommendations
After carrying out this research, the study made the following recommendations which be applied by other social enterprises:
1. Full participation and embedded practice – It is imperative that the full extent of all risks are identified and managed. This can be achieved when every member of the enterprise participate in the management of risks and when this is seen as a norm or considered as their day-to-day activity. Success depends on identifying all possible risks and in order to accomplish this everyone should participate actively.
2. Simplicity – Complex and cumbersome risk tracking and management techniques are not necessary and should be discouraged to avoided resistance from enterprise members. What matters is effective risk management.
3. Periodically revisit the basic assumptions, assessment criteria and risk premises to see whether the situation has changed in a way that affects the nature or impact of the risk. The risk may have changed sufficiently so that the current mitigation is ineffective and needs to be scrapped in favor of a different one. On the other hand, the risk may have diminished in a way that allows resources devoted to it to be redirected.
4. Include risk monitoring as part of risk management and manage continuously. Monitoring risks should be a standard part of risk management.
5. Revisit risk analysis as plans and actions are successfully completed. Evaluate the current environment for new risks or modification to existing risks.
Recommendations for further study
Since the current study is based on a qualitative analysis, future studies therefore may extend the body of knowledge by empirically testing the model, which may contribute additional insights to this study.
REFERENCE
Agarwal, R., Grassl, W., and Pahl, J. (2012). Meta–SWOT: Introducing a new strategic planning tool. Journal of Business Strategy. Vol 33. No 2. pp 12-21.
Barney, J.B. (1996). Gaining and Sustaining Competitive Advantage. Addison-Wesley. Reading, MA.
Coman, A. and Ronen, B. (2009). Focused SWOT: Diagnosing critical strengths and weaknesses. International Journal of Production Research, Vol 47. No 20. p 10-12.
13
Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise Risk Management – Integrated Framework, 2004. http://www.deloitte.com/assets/DcomUnitedStates/Local%20Assets/Documents/IMOs/Governance%20and%20Risk%20Management/us_grc_coso_riskassessment_102312.pdf (Accessed on 31st October, 2014).
Consultants Online (2014). SWOT Analysis. http://www.consultants-on-line.com (Accessed on 31st October, 2014 ).
Fraser, J.R.S, Schoening–Thiessen, K. and Simkins, B.J. (2008). Who Reads What Most Often? A Survey of Enterprise Risk Management Literature read by Risk Executives. Journal of Applied Finance. Vol 18. No 1. pp 73 – 91.
Hill, T. and Westbrook, R. (1997). SWOT Analysis: It’s time for a Product Recall. Long Range Planning. Vol 30. No 1. pp 46-52.
Kangas, J., Pesonen, M., Kurttila, M. and Kajanus, M. (2001). A’WOT: Integrating the AHP with SWOT analysis. Finnish Forest Research Institute, Kannus Research Station. ISAHP 2001, Berne, Switzerland. August 2-4, 2001. http://isahp.org/2001Proceedings/Papers/037-P.pdf (Accessed on October 30, 2014).
Lackman, C., Saban, K. and Lanasa, J. (2000). The contribution of market intelligence to tactical and strategic business decisions. Marketing Intelligence & Planning. Vol 18. No 1. pp 6–9.
Lam, J. (2003). Enterprise Risk Management: From Incentives to Control. John Wiley & Sons. New Jersey.
Menon, A., Bharadwaj, S.G., Adidam, P.T. and Edison, S.W. (1999). Antecedents and consequences of marketing strategy making. Journal of Marketing. Vol 63. No 2. pp 18-40.
MITRE corporation risk model, 2007. http://www.mitre.org/publications/systems-engineering-guide/acquisition-systems-engineering/risk-management/risk-mitigation-planning-implementation-and-progress-monitoring (Accessed on 31st October, 2014).
Monahan, G. (2008). Enterprise Risk Management: A methodology for achieving strategic objectives. John Wiley & Sons. New Jersey.
Nasri, W. (2011). Competitive intelligence in Tunisian companies. Journal of Enterprise Information Management. Vol 24. No 1. pp 53-67.
PESTLE and SWOT analyses (2014). http://www.jiscinfonet.ac.uk/tools/pestle-swot/ (Accessed on 31st of October, 2014).
Professional Academy (2014). Marketing Theories – PESTEL Analysis. http://www.professionalacademy.com/news/marketing-theories-pestel-analysis (Accessed on 31st October, 2014).
14
Ragsdale, C. T. (2004). Spreadsheet Modeling & Decision Analysis. Thomson. South-Western.
Ridley-Duff, R. J. and Bull, M. (2011). Understanding Social Enterprise: Theory and Practice. Sage Publications. London.
Schwaar, R. (2005). SWOT Analysis for Management Consulting. Stanford Research Institute (SRI) Alumni Association Newsletter. December, 2005.
Smith, B.R., Cronley, M.L. and Barr, T.F. (2012). Funding Implications of Social Enterprise: The Role of Mission Consistency, Entrepreneurial Competence, and Attitude Toward Social Enterprise on Donor Behavior. Journal of Public Policy & Marketing. Vol 31. No 1. pp 142–157.
Upturn (2013). http://upturnenterprise.org.uk/ (Accessed on 31st October, 2014).
Weisbrod, B.A. (1998). The Non-profit Mission and Its Financing: Growing Links Between Non-profits and the Rest of the Economy, in To Profit or Not to Profit: The Commercial Transformation of the Non-profit Sector. Cambridge University Press. Cambridge.
Weller, N. (2014): COSO Enterprise Risk Management Framework. http://www.accaglobal.com/uk/en/student/acca-qual-student-journey/qual-resource/acca-qualification/p1/technical-articles/coso-enterprise-risk-management-framework-part-1.html (Accessed on 31st October, 2014).
Wheelan, T.L. and Hunger, J.D. (1998). Strategic Management and Business Policy (5th edn.). Addison-Wesley. Reading, MA.
