Company: Tana Bana The Furnishing Identity (Manas Kasliwal)

1. Risks currently covered and mechanism of risk mitigation used

Risks covered are theft, accidental fires,
According to CAS categorization, risks covered are:
Strategic Risk
Operational
Financial risk
Risk
Technological risk Manpower risk Credit risk
Fidelity Risk

Hazard Risk
Damage to physical
assets: theft, accidental
fires
Employee
dishonesty:
shrinkages
Consequential loss

Risk mitigation used are

Insurance to secure against hazard risks including accidental fires and
damage to physical assets
Installation of hi-tech security systems to secure against employee
dishonesty and fidelity risks
Tie-up with consultancy firm to secure against manpower risk
Installation of latest software, antivirus programs, inverter and UPS to
secure against technological risk
2. Cost effectiveness of current arrangements
Insurance is from National Insurance Company and the insurance covered all
possible risks at a minimal cost of one lakh per annum. Hi-tech security
mechanisms cost around INR 3-5 lakhs, the price could have been reduced as
these systems often crash and every time company has to spend 5k on
maintenance issues. The consultancy firm provides employees at no cost. The
employees have to pay 50% of their first month salary to the consultancy firm,
so it proved to be very cost effective for the company. Latest software like Tally
and MacAfee are expensive but it is a one-time cost and when compared to
performance, it proved to be cost effective.
3. Risks left uncovered
Inability to control rising input prices
Occupational Violence
Employee Safety (slips, trips, falls, sprains, strains)
4. Proposal for coverage of uncovered risks
Preventing occupational violence includes paying attention to: environmental
design, safety and security devices, staffing levels, work practices, reporting,
guidelines and training. The employer should provide with instructions and
training about in prevention measures to deal with violence, such as the
procedures to deal with shoplifting, robberies, abusive customers, the handling of
money, racial and sexual harassment etc. Training by the company regarding
risks and how to avoid them and trying to cover employees safety in the
insurance. To prevent rising input prices, sourcing more from national and local
suppliers and increasing the portfolio of suppliers.

5. Creation of a comprehensive Risk management program

A proper safety management program for employees and creating guidelines for
employees safety.
Company - Confluence Educational Services (Aditi)
Education is a fundamental building block for poverty reduction, human
development, and inclusive economic growth. Internship for Confluence
Educational Services Pvt. Ltd. enabled assessment for the company which could
be listed down as:
Quality assurance for educational institutions is addressed through
registration, certification, and accreditation
Regulations include norms, procedures, and codes of practice for
education and training providers, and establish minimum education
standards.
Qualification and competencies of graduates in relation to their
knowledge, skills, and attitudes.

Learning content standardsmaterials and competencies required such

as the competency criteria of graduates, specific subject competency,
basic structure of the curriculum, load of learning, curriculum within the
units of education, academic calendar, and learning syllabi that the
learners need to complete in every level and type of education.
Teachers and education personnel standardspre-service criteria,
eligibility of teachers and education personnel, and in-service education.
Equipment and infrastructure standardsminimum criteria for a
classroom, library, sports center, playing space, laboratories, and other
resources that are needed to support learning, including the use of ICT.
Education management standardsplanning, implementation, and
monitoring of education activities at various levels to achieve efficiency
and effectiveness in the conduct of learning.
Educational assessment and evaluation standardsnational education
assessment standards on the mechanism, procedure, and instruments for
assessing learning outcomes.
Risk of Competition
Governments finance the provision of education, however, when faced
with competing development priorities, national and subnational
education budgets are at risk of being cut
Area of Internship is dense with similar consultancies therefore risk of
being substituted.
Being a Small Start-up, hence scope for Risk mitigation had not been
addressed to. Examining the formal and informal relationships among
stakeholders
can
help
identify
where
risks
may
lie.
Creation of Risk Management Program:
Through mitigation measures for passively retaining threat of competition.
Forming a strong assessment system for Governance and Legal issues
Evaluation systems for monitoring Learning systems.

Company- Integral Coach Factory (Jabez Oliver)

1. Risks currently covered & mechanism of risk mitigation used
Operational risks (Electricity, coaches, transportation), financial risks (machine
losses/depreciation, failure of coach production process)
2. Cost effectiveness of current arrangements
It is highly effective as very few coaches are wasted without production
maintained at the optimum level.
3. Risks left uncovered
Hazardous working conditions for laborers.
4. Proposal for coverage of uncovered risks
Automating more processes that are hazardous and leave labor to only those
processes that require high levels of skill and design as well as human touch.
5. Creation of a comprehensive Risk Management program
Create automation processes, cover all labor risks, improve overall safety
standards.
Company- Spar Hypermarket (Phani Kiran)
1. Risks covered and mechanisms of risk mitigation used
Hazard Risk: Damage to property assets, occupational injuries, injuries to
third parties, auto incidents, employment related lawsuits and faulty
products.
Business Risk: Increasing competition, economic conditions, borrowing
capacity, cash flow, key employees and business continuity following a
catastrophe.
Strategic Risk: The probability of loss inherent in an organizations
business strategy such as consumer preferences, product innovation,
brand management, acquisitions and supply chain.
Business & Strategic Risks:
Brand Reputation
Significant Loss of Revenue Opportunity
Retailers Greatest Asset is its Brand
Lengthy Restoration Period
Cash Flow & Balance Sheet Protection
Prohibit Growth
Decrease Competitiveness
Decrease Shareholder Value
Fluctuating inputs like Gasoline & Diesel
Access to Capital
Human Capital
High Employee Turnover Typically Greater Than 100%
Low Employee Engagement Typically Less Than 60% Engaged
Quality of Customer Service
2. Cost effectiveness

Cost drivers in a retail companys cost of risk:

Workers Compensation
Largest Driver of Cost Both Direct & Indirect Costs
Occupational Injuries Create Significant Indirect Costs
Significantly Impacted by Escalating Medical Costs
General Liability
High Percentage of Litigation
Claim Frequency
High Business Insurance Premiums
Costs Driven by Litigation
The cost to insure hazard related risks can range anywhere from 0.6% to a
staggering 1.5% of total revenues. This means they spend more on risk than the
owners take home in a year. Lowering the cost of risk will allow the organization
to optimize the bottom line without necessarily increasing sales, which is key in
todays economic climate.
3. Uncovered risks
Reputational risks
Cyber risks
4. Proposal
In todays interconnected society, user-generated content provides unlimited
avenues for consumers to express criticism regardless of accuracy or bias. With
this capability, reputation risk should be considered and plans should be
developed to reduce the probability of negative publicity and lessen the impact
severity.
Additionally, the interconnected society offers benefits to companies through
cyber-powered business processes. With this comes the need to secure
infrastructure and protect information entrusted to retailers by their employees
and customers. Historically, cyber threats have been focused on large
institutions; however, the trend is shifting and small/medium sized businesses
must be just as vigilant as the large ones
Contracting a part-time computer security expert to implement the lessons
learned from other major retailers who had already experienced a significant
data breach. And purchase an insurance policy that would minimally cover the
cost of providing identity protection to every member of their loyalty program.
Identifying protection services after a data breach is an emerging best practice
and then it would be costly and could potentially devastate their financial
posture. In addition, a disaster recovery plan should be developed that includes
sending the expert IT to a basic seminar teaching industry best practices for
incident response, posting cyber emergency contact information for law
enforcement next to the server room, and researching third-party cyber
emergency response team companies to call in case of a breach.
5. Comprehensive Risk Management program
The first step, Risk Identification, begins with clearly identified business
objectives. Information is gathered from senior leadership identifying the top five
risks that will keep them from meeting those business objectives over the next
18 to 24 months. This results in a listing of 20 to 30 risks which are taken into a
four- to five-hour risk identification workshop where consensus is achieved on the
top four or five risks.
During the risk identification workshops, risks are based on seven categories
broken down into either internal or external risk subcategories. External risk

categories are identified as legal/regulatory, political and business environment.

Internal risk categories are identified as financial, strategic, operational, and
integrity.
The organization then utilizes a risk map to evaluate risks on an XY-axis charting
probability and impact in order to prioritize what are seen as SPARs biggest
risks.
After risks are identified, the second step of the five-step process, Risk
Mitigation, begins with another facilitated workshop. Here, the three to five most
important risks are further defined and quantified. A project team is created that
conducts an initiative inventory of the procedures already in place that may
address the specific risk and evaluates those mechanisms
The third step of the five-step process, Action Planning, occurs within the project
teams for each risk. These teams meet and create simple project plans that
assign responsibility and actions to people to mitigate those risks.
Those project plans assign metrics, which is identified as the fourth step that
measure results as having either a positive or negative impact on the identified
risks. This is achieved by identifying the target performance compared to the
actual performance over time
The final step of the five-step process, return on Investment, is to evaluate
whether or not the project increased their overall returns through an increase in
sales or a decrease in expenses. Through this overall five-step process, SPAR
believes that they are more focused on what major risks exist and what they can
do about them.
Company- L&T Capital Markets (Pramit Arora)
1. Risks currently covered & mechanism of risk mitigation used

Strategic Risk M & A

Financial risk
Compliance Risks

2. Cost effectiveness of current arrangements

The current arrangement is cost effective as most of these mechanisms are
regulated by government organizations.
3. Risks left uncovered

Operational Risk Client On Boarding, Experience

Hazard Risk

4. Proposal for coverage of uncovered risks

The wealth management industry continues to operate in a strategically high-risk
environment due to competitive pressures from the nonbank firms that are
expanding into the banking industry, low interest rates, changing business
models, and banks outsourcing critical functions to third parties. Operationally,
these face increasing risks due to increased legal settlements and regulatory
penalties,
an
increase
in
sophisticated
cyber-attacks
and
greater
interconnectedness that increases information security risk.

5. Creation of a comprehensive Risk Management program

Upgrade KYC/suitability procedures

Improve cybersecurity across attack surfaces
Identify the activities / processes that can be automated
Improve processes in place
Upgrade technology