Company: Tana Bana The Furnishing Identity (Manas Kasliwal)
1. Risks currently covered and mechanism of risk mitigation used
Risks covered are theft, accidental fires, According to CAS categorization, risks covered are: Strategic Risk Operational Financial risk Risk Technological risk Manpower risk Credit risk Fidelity Risk
Hazard Risk Damage to physical assets: theft, accidental fires Employee dishonesty: shrinkages Consequential loss
Risk mitigation used are
Insurance to secure against hazard risks including accidental fires and damage to physical assets Installation of hi-tech security systems to secure against employee dishonesty and fidelity risks Tie-up with consultancy firm to secure against manpower risk Installation of latest software, antivirus programs, inverter and UPS to secure against technological risk 2. Cost effectiveness of current arrangements Insurance is from National Insurance Company and the insurance covered all possible risks at a minimal cost of one lakh per annum. Hi-tech security mechanisms cost around INR 3-5 lakhs, the price could have been reduced as these systems often crash and every time company has to spend 5k on maintenance issues. The consultancy firm provides employees at no cost. The employees have to pay 50% of their first month salary to the consultancy firm, so it proved to be very cost effective for the company. Latest software like Tally and MacAfee are expensive but it is a one-time cost and when compared to performance, it proved to be cost effective. 3. Risks left uncovered Inability to control rising input prices Occupational Violence Employee Safety (slips, trips, falls, sprains, strains) 4. Proposal for coverage of uncovered risks Preventing occupational violence includes paying attention to: environmental design, safety and security devices, staffing levels, work practices, reporting, guidelines and training. The employer should provide with instructions and training about in prevention measures to deal with violence, such as the procedures to deal with shoplifting, robberies, abusive customers, the handling of money, racial and sexual harassment etc. Training by the company regarding risks and how to avoid them and trying to cover employees safety in the insurance. To prevent rising input prices, sourcing more from national and local suppliers and increasing the portfolio of suppliers.
5. Creation of a comprehensive Risk management program
A proper safety management program for employees and creating guidelines for employees safety. Company - Confluence Educational Services (Aditi) Education is a fundamental building block for poverty reduction, human development, and inclusive economic growth. Internship for Confluence Educational Services Pvt. Ltd. enabled assessment for the company which could be listed down as: Quality assurance for educational institutions is addressed through registration, certification, and accreditation Regulations include norms, procedures, and codes of practice for education and training providers, and establish minimum education standards. Qualification and competencies of graduates in relation to their knowledge, skills, and attitudes.
Learning content standardsmaterials and competencies required such
as the competency criteria of graduates, specific subject competency, basic structure of the curriculum, load of learning, curriculum within the units of education, academic calendar, and learning syllabi that the learners need to complete in every level and type of education. Teachers and education personnel standardspre-service criteria, eligibility of teachers and education personnel, and in-service education. Equipment and infrastructure standardsminimum criteria for a classroom, library, sports center, playing space, laboratories, and other resources that are needed to support learning, including the use of ICT. Education management standardsplanning, implementation, and monitoring of education activities at various levels to achieve efficiency and effectiveness in the conduct of learning. Educational assessment and evaluation standardsnational education assessment standards on the mechanism, procedure, and instruments for assessing learning outcomes. Risk of Competition Governments finance the provision of education, however, when faced with competing development priorities, national and subnational education budgets are at risk of being cut Area of Internship is dense with similar consultancies therefore risk of being substituted. Being a Small Start-up, hence scope for Risk mitigation had not been addressed to. Examining the formal and informal relationships among stakeholders can help identify where risks may lie. Creation of Risk Management Program: Through mitigation measures for passively retaining threat of competition. Forming a strong assessment system for Governance and Legal issues Evaluation systems for monitoring Learning systems.
Company- Integral Coach Factory (Jabez Oliver)
1. Risks currently covered & mechanism of risk mitigation used Operational risks (Electricity, coaches, transportation), financial risks (machine losses/depreciation, failure of coach production process) 2. Cost effectiveness of current arrangements It is highly effective as very few coaches are wasted without production maintained at the optimum level. 3. Risks left uncovered Hazardous working conditions for laborers. 4. Proposal for coverage of uncovered risks Automating more processes that are hazardous and leave labor to only those processes that require high levels of skill and design as well as human touch. 5. Creation of a comprehensive Risk Management program Create automation processes, cover all labor risks, improve overall safety standards. Company- Spar Hypermarket (Phani Kiran) 1. Risks covered and mechanisms of risk mitigation used Hazard Risk: Damage to property assets, occupational injuries, injuries to third parties, auto incidents, employment related lawsuits and faulty products. Business Risk: Increasing competition, economic conditions, borrowing capacity, cash flow, key employees and business continuity following a catastrophe. Strategic Risk: The probability of loss inherent in an organizations business strategy such as consumer preferences, product innovation, brand management, acquisitions and supply chain. Business & Strategic Risks: Brand Reputation Significant Loss of Revenue Opportunity Retailers Greatest Asset is its Brand Lengthy Restoration Period Cash Flow & Balance Sheet Protection Prohibit Growth Decrease Competitiveness Decrease Shareholder Value Fluctuating inputs like Gasoline & Diesel Access to Capital Human Capital High Employee Turnover Typically Greater Than 100% Low Employee Engagement Typically Less Than 60% Engaged Quality of Customer Service 2. Cost effectiveness
Cost drivers in a retail companys cost of risk:
Workers Compensation Largest Driver of Cost Both Direct & Indirect Costs Occupational Injuries Create Significant Indirect Costs Significantly Impacted by Escalating Medical Costs General Liability High Percentage of Litigation Claim Frequency High Business Insurance Premiums Costs Driven by Litigation The cost to insure hazard related risks can range anywhere from 0.6% to a staggering 1.5% of total revenues. This means they spend more on risk than the owners take home in a year. Lowering the cost of risk will allow the organization to optimize the bottom line without necessarily increasing sales, which is key in todays economic climate. 3. Uncovered risks Reputational risks Cyber risks 4. Proposal In todays interconnected society, user-generated content provides unlimited avenues for consumers to express criticism regardless of accuracy or bias. With this capability, reputation risk should be considered and plans should be developed to reduce the probability of negative publicity and lessen the impact severity. Additionally, the interconnected society offers benefits to companies through cyber-powered business processes. With this comes the need to secure infrastructure and protect information entrusted to retailers by their employees and customers. Historically, cyber threats have been focused on large institutions; however, the trend is shifting and small/medium sized businesses must be just as vigilant as the large ones Contracting a part-time computer security expert to implement the lessons learned from other major retailers who had already experienced a significant data breach. And purchase an insurance policy that would minimally cover the cost of providing identity protection to every member of their loyalty program. Identifying protection services after a data breach is an emerging best practice and then it would be costly and could potentially devastate their financial posture. In addition, a disaster recovery plan should be developed that includes sending the expert IT to a basic seminar teaching industry best practices for incident response, posting cyber emergency contact information for law enforcement next to the server room, and researching third-party cyber emergency response team companies to call in case of a breach. 5. Comprehensive Risk Management program The first step, Risk Identification, begins with clearly identified business objectives. Information is gathered from senior leadership identifying the top five risks that will keep them from meeting those business objectives over the next 18 to 24 months. This results in a listing of 20 to 30 risks which are taken into a four- to five-hour risk identification workshop where consensus is achieved on the top four or five risks. During the risk identification workshops, risks are based on seven categories broken down into either internal or external risk subcategories. External risk
categories are identified as legal/regulatory, political and business environment.
Internal risk categories are identified as financial, strategic, operational, and integrity. The organization then utilizes a risk map to evaluate risks on an XY-axis charting probability and impact in order to prioritize what are seen as SPARs biggest risks. After risks are identified, the second step of the five-step process, Risk Mitigation, begins with another facilitated workshop. Here, the three to five most important risks are further defined and quantified. A project team is created that conducts an initiative inventory of the procedures already in place that may address the specific risk and evaluates those mechanisms The third step of the five-step process, Action Planning, occurs within the project teams for each risk. These teams meet and create simple project plans that assign responsibility and actions to people to mitigate those risks. Those project plans assign metrics, which is identified as the fourth step that measure results as having either a positive or negative impact on the identified risks. This is achieved by identifying the target performance compared to the actual performance over time The final step of the five-step process, return on Investment, is to evaluate whether or not the project increased their overall returns through an increase in sales or a decrease in expenses. Through this overall five-step process, SPAR believes that they are more focused on what major risks exist and what they can do about them. Company- L&T Capital Markets (Pramit Arora) 1. Risks currently covered & mechanism of risk mitigation used
Strategic Risk M & A
Financial risk Compliance Risks
2. Cost effectiveness of current arrangements
The current arrangement is cost effective as most of these mechanisms are regulated by government organizations. 3. Risks left uncovered
Operational Risk Client On Boarding, Experience
Hazard Risk
4. Proposal for coverage of uncovered risks
The wealth management industry continues to operate in a strategically high-risk environment due to competitive pressures from the nonbank firms that are expanding into the banking industry, low interest rates, changing business models, and banks outsourcing critical functions to third parties. Operationally, these face increasing risks due to increased legal settlements and regulatory penalties, an increase in sophisticated cyber-attacks and greater interconnectedness that increases information security risk.
5. Creation of a comprehensive Risk Management program
Upgrade KYC/suitability procedures
Improve cybersecurity across attack surfaces Identify the activities / processes that can be automated Improve processes in place Upgrade technology