Managing Business Risk

Transcription

1 Managing Business Risk A practical guide to protecting your business Consultant editor: Jonathan Reuvid KoganPage

2 CONTENTS Foreword, by Steve Fowler, Chief Executive, Institute of Risk Management xiii Contributors' notes xv Introduction 1 Jonathan Reuvid PART ONE Boardroom focus on risk issues Risk recognition in the boardroom and its management 5 Chris Hodge, Financial Reporting Council Introduction 5 The role of the board 6 The changing nature of risk Risk appetite: cut through the hype 11 Allan Gifford, DNV KEMA Introduction 11 The challenges 11 Designing a risk appetite 17 Expressing risk appetite 18 Using risk appetite as the basis for risk control 20 References Capital project risk management: foundations to mastery 25 Ben Cattaneo, Accenture Risk Management Capital project risk management and its benefits 27 Mastery - capital project risk management to drive capital effectiveness 31 Copyright and disclaimer 32 Notes 33 Sources and references 33

3 ^^ Contents 1.4 Asset integrity risk management 35 Allan Gifford, DNV KEMA Introduction 35 Overall approach to asset integrity management 35 Resources 42 The link and alignment of asset risk management with ISO Note 53 Reference Piercing the corporate veil: liability of parent companies for the actions of their subsidiaries 55 Paul Eccles, Rachel Reeves and Jocelyn Kirkwood, Shoosmiths The principles of the corporate veil 55 When a claim might be made against a parent company instead of its subsidiary 56 Parental responsibility 57 Practical steps to protect or reduce a parent company's liability to its subsidiary - the corporate angle 59 Practical steps to protect or reduce a parent company's liability to its subsidiary - the insurance angle 60 Summary A new dawn for board oversight 63 Amanda Morrison, KPMG LLP Corporate governance developments 63 Has it all gone horribly wrong? 64 What are we trying to achieve? 64 Do we understand who is doing what? 65 Has risk management been properly embedded into our business processes? 65 Have we considered our risk appetite? 66 Do we view risks in isolation? 66 Have we factored scenario planning into our risk management processes? 67

4 Contents 1.7 Positive risk: the upside issues 69 Simon King, DNV KEMA Introduction 69 Organizational challenges 70 How do we see positive risk? 70 Positive risk terminology 72 Reinforcing the paradigm of downside risk 74 Think like an entrepreneur? 74 What we can do in practice 74 Notes 75 References 75 PART TWO Approaches to operational risk management Risk-based security 79 Dr Morten Bremer Maerli, DNV KEMA Characteristics of security risks 80 Components of security risks 81 Reduction of security risk 83 Conclusion 84 Notes 85 References Preparing for uncertainty: using scenarios 87 Hans Laess0e, The LEGO Group Introduction 87 The first approach 87 Defining 'scenarios version 2' 89 Preparing for the scenario process 89 Preparing for the future: the process 91 Preparing for the future: the value 94

5 jm Contents 2.3 Operational risk in finance: lessons learned from safety-critical industries 95 Gunnar Hauland and Sverre Danielsen, DNV The evolution of a systems perspective on safety 95 What is human error? 96 Controls as barriers 97 Learning from incident registration and investigation 98 Learning from risk analyses 98 Organizational culture 99 Conclusion Managing risks in the supply chain: reaching new standards 103 Eric E Lehmann, Accenture Introduction 103 Improving the management of risks in the supply chain 106 Taking risk management live Software and Cloud escrow: an effective tool for managing risk and new business opportunities in Stephan Peters, Deposix Software Escrow GmbH Introduction 111 What can go wrong: negative examples and risky situations 112 What can go right - positive examples and opportunities gained 113 Escrow explained 114 Risk and opportunity management with software escrow 118 Conclusion 121 Notes 122 Reference Frugal enterprise risk management and ISO Steven Shackleford, Peter Maggs and Irvine Lauder, WMSNT Limited Introduction 125 The context for frugal risk management in the present decade 125 The application of ISO to the charity 126 The benefits of frugal risk management 133 References 134

6 Contents PART THREE Risk management applications Understanding cyber security risk 137 Martin Sutherland, BAE Systems Detica The new threats 137 Businesses are at risk 139 Managing the risk 140 Developing a strategy Managing business risk in the life sciences industry 143 Mukadder Erdonmez, XL Group Introduction and overview of the life sciences sector 143 Risks and challenges associated with innovation Independent assessment and certification: good for food safety - good for business 149 Cor Groenveld, Lloyd's Register Quality Assurance (LRQA) How it all began - the emergence of food safety 149, The drive to harmonization 151 Where we are today 152 The role of independent third-party certification 153 Key components of a robust assessment process 154 Summary Opportunities and pitfalls of distance learning 157 Eric Lynn, mylifeqs Attractions of distance learning 159 Ideal vs less suitable contexts for distance learning 159 Organization-specific learning programmes 160 Risks of distance learning programmes 161 Overcoming the challenges Current risk issues in employment 165 Kevin McCavish, Shoosmiths When an employee resigns without notice, what is the effective date of dismissal? 165 TUPE service provision changes: how to spot an 'activity' 167

7 ^0 Contents PART FOUR Risk assessments of high-growth emerging markets Managing business risks in Brazil 173 Geert Aalbers and Thomaz Favaro, Control Risks Introduction 173 The changing face of risk management in the BRICs 174 Business risks in Brazil 175 Closing remarks China: balancing opportunity and threat 181 Jonathan Reuvid, Hethe Management Services Political risk 182 Economic risk 184 Business environment risk 186 Summary 187 References Russia: business risk in Carlo Gallo Political risk 190 Operational risk 192 Security risk 194 Conclusion 196 Acknowledgement India: the risk environment 197 Chietigj Bajpaee, Vivekananda International Foundation Reform agenda on the back burner 198 Corruption reborn 199 Political pressures take precedence 202 Notes 203 References 204

8 Contents 4.5 Thailand: manageable business risk 205 Eric Lynn, mylifeqs Background 205 Business regulations for investors 207 Buildings 208 Political risk 208 People and everyday life 209 Summing up South-East Asia: managing risk regionally through delegation 213 Stephen Gill, Stephen Gill Associates Geography and population 213 South-East Asia's economics 214 Political landscape 214 Social, cultural and spiritual diversity 215 Business approach and risk 215 Authority, responsibility and accountability 216 Delegation of authority 216 Effective delegation of authority implementation 217 Corruption risk and managing corruption risk 217 A final word of caution 219 Appendix: Contributors' contact list 221 Index 225 Index of advertisers 231