UNIVERSITY OF MUMBAI

PROJECT REPORT

ON

“STUDY OF RISK MANAGEMENT WITH RESPECT TO

RELIANCE INDUSTRY’’

SUBMITTED BY

RINKY JAYPRAKASH SINGH

THE AWARD OF THE DEGREE OF

BACHELOR OF FINANCIAL MARKETS (FM) SEM-VI

EXAMINATION NO:-

ACADEMIC YEAR 2018-2019

GUIDED BY

PROF.AKSHAY BHOIR

PADMASHRI ANNASAHEB JADHAV BHARATIYA SAMAJ UNNATI MANDAL’S

B.N.N. COLLEGE, BHIWANDI

DIST. THANE 421302

 DECLARATION

I Miss. RINKY JAYPRAKASH SINGH Exam No: Student of

B.N.N College, Bhiwandi of T.Y. B.com {Financial Markets}, Semester
VI, hereby declare that I have completed project on “STUDY OF RISK
MANAGEMENT WITH RESPECT TO RELIANCE INDUSTRY” is
a record of independent research work carried by me during the academic
year 2018-2019 under the guidance of
PROF. AKSHAY BHOIR.The information submitted is true and
original to the best of my knowledge.

RINKY JAYPRAKASH SINGH

Estd. June
1960 SELF-FUNDED COURSES
“A” NAAC Accredited
BACHELOR OF FINANCIAL MARKETS (FM)
CERTIFICATE
This is to certify that RINKY JAYPRAKASH SINGH Exam No.:-
___________ Of T.Y.B.Com (Financial Markets), B.N.N College,
Semester VI (Academic Year 2018- 2019) has successfully completed the
project entitled “STUDY OF RISK MANAGEMENT” and submitted
the project report in partial fulfillment of the requirement for the award
Of The Degree Of Bachelor Of Commerce (Financial Markets), of
University of Mumbai.

Mr. Akshay Bhoir Miss. Bhavana Khainar Dr. Ashok. D. Wagh

(Project Guide) (Co-ordinator) (Principal)

Examiner: -__________

Date: - __________

College Seal
 ACKNOWLEGMENT

To list who all have helped me is difficult because they are so numerous and the depth
is so enormous.
I would like to acknowledge the following as being idealistic channels and fresh
dimensions in the completion of this project.
I take this opportunity to thank the University of Mumbai for giving me chance to
do this project.
I would like to thank my Principal, Dr. Ashok D. Wagh for providing the necessary
facilities required for completion of this project.
I take this opportunity to thank our Coordinator Bhavana khainar, for her moral
support and guidance.
I would also like to express my sincere gratitude towards my project guide
Prof. Akshay Bhoir whose guidance and care made the project successful.
I would like to thank my College Nirlon Library, for having provided various
reference books and magazines related to my project.
Lastly, I would like to thank each and every person who directly or indirectly helped
me in the completion of the project especially my parents and peers who supported
me throughout my project.
 INDEX

Page
Sr. No. Particular
No.
1. Introduction to venture capital 6 - 24

 Objective Of The Study 7

 Scope Of The Project 10
 Concept of venture capital 12
 Features of venture capital 13
 Venture capital spectrum/stages 15
19
 Venture capital investment process
 Introduction to Softbank capital 22
 History of Softbank capital 23
 Softbank capital group 24
2. Literature review 25

3. Methodology of study 26 - 27

 Primary data 26

 Secondary data 27

4. Data analysis and Interpretation 28 - 55

5. Findings and suggestion 56

6. Conclusion 57
1. INTRODUCTION TO RISK MANAGEMENT

Literally speaking, risk management is the process of minimizing or mitigating

the risk. It starts with the identification and evaluation of risk followed by optimal
use of resources to monitor and minimize the same.

Risk generally results from uncertainty. In organizations this risk can come from
uncertainty in the market place (demand, supply and Stock market), failure of
projects, accidents, natural disasters etc. There are different tools to deal with the
same depending upon the kind of risk.

Ideally in risk management, a risk prioritization process is followed in which those

risks that pose the threat of great loss and have great probability of occurrence are
dealt with first. Refer to table below:

IMPACT ACTIONS

Considerable Extensive
Must Manage and
SIGNIFICANT Management Management
Monitor Risks
Required essential

Risk are bearable to Management effort Management effort

MODERATE
certain extent worthwhile required

Accept but monitor Manage and

MINOR Accept Risks
Risks Monitor Risks

LOW MEDIUM HIGH

LIKELIHOOD

The above chart can be used to strategize in various situations. The two factors that
govern the action required are the probability of occurrence and the impact of the risk.
For example a condition where the impact is minor and the probability of occurrence
is low, it is better to accept the risk without any interventions.

1
A condition where the likelihood is high and the impact is significant, extensive
management is required. This is how a certain priority can be established in dealing
with the risk.

Apart from this, typically most of the organizations follow a risk management cycle.
Refer diagram below:

According to this cycle there are four steps in the process of risk management. The
first step is the assessment of risk, followed by evaluation and management of the
same. The last step is measuring the impact.

Risk identification can start at the base or the surface level, in the former case the
source of problems is identified. We now have two things to deal with the source and
the problem.

Risk Source: The source can be either internal or external to the system. External
sources are beyond control whereas internal sources can be controlled to a certain
extent. For example, the amount of rainfall, weather over an airport etc!

Problem: A problem at the surface level could be the threat of accident and casualty
at the plant, a fire incident etc.

When any or both of the above two are known beforehand, certain steps can be taken
to deal with the same.

After the risk/s has been identified then it/they must be assessed on the potential of
criticality. Here we arrive upon risk prioritization. In generic terms ‘likelihood of
occurrence × impact’ is equal to risk.

2
 OBJECTIVES OF RISK MANAGEMENT

The main objective of risk management in ITIL is to detect, analyze and control the
risks.

 Detection of risks involves identifying the threats and vulnerabilities

which can affect the organization’s assets. It is essential to have experience for
identification of risks as they can originate from random sources and don’t
follow a fixed pattern. Detection is often the toughest part as risks can often be
overlooked.
 Analysis of risk deals with collection and calculation of data regarding risk
exposure. It is essential for the company to take appropriate decisions and
manage risks. Accurate analysis of the risk helps in implementing more
effective solutions.
 Control of risk deals with making decisions after monitoring the
surroundings in order to ensure that the older threats and vulnerabilities are
effectively countered.

Example of Risk Management in an Organization

If the organization dealing with e-commerce decides to enter into digital payments,
there is a lot of investment which needs to be made into acquiring adequate human
resources, capital, and digital infrastructure.

All 3 of these acquisitions are made over a period of time and can pose a financial,
business and organizational risk. Mismanagement of such resources can not only
cause the new venture to fail but can also affect the profitability and credibility of the
existing core competence of the company.

3
 SCOPE AND FRAMEWORK OF RISK
MANAGEMENT

By establishing the framework for the management of risks, the basic

parameters within which risks must be managed are defined. Consequently, the scope
for the rest of the Risk Management process is also set. It includes the definition of
basic assumptions for the organization’s external and internal environment and the
overall objectives of the Risk Management process and activities. Although the
definition of scope and framework are fundamental for the establishment of Risk
Management, they are independent from the particular structure of the management
process, methods and tools to be used for the implementation.
This approach is useful for clarifying and gaining common understanding of the
organizational objectives identifying the environment in which these objectives are set
specifying the main scope and objectives for Risk Management, applicable
restrictions or specific conditions and the outcomes required developing a set of
criteria against which the risks will be measured defining a set of key elements for
structuring the risk identification and assessment process.
In order to define an efficient framework it is important to understand the
background of the organization and its risks evaluate the Risk Management activities
being undertaken so far develop a structure for the Risk Management initiatives and
controls to follow.

 Definition of external environment

This step includes the specification of the external environment in which the
organization operates and the definition of the relationship between this environment
and the organization itself.
The external environment typically includes: the local market, the business,
competitive, financial and political environment the law and regulatory environment
social and cultural conditions external stakeholders.
It is also very important that both the perceptions and values of the various
stakeholders and any externally generated threats and/or opportunities are properly
evaluated and taken into consideration.

4
  Definition of internal environment

As in every significant business process, the most critical prerequisite is to understand

the organization itself.
Key areas that must be evaluated in order to provide a comprehensive view of the
organization’s internal environment include key business drivers (e.g. market
indicators, competitive advances, product attractiveness, etc.) the organization’s
strengths, weaknesses, opportunities and threats internal stakeholders organization
structure and culture assets in terms of resources (such as people, systems, processes,
capital etc) goals and objectives and the strategies already in place to achieve them.

 Generating the Risk Management context

In business terms, Risk Management as a process should provide a balance between

(all kinds of) costs, benefits and opportunities. Therefore, it is necessary to draw the
appropriate framework and to correctly set the scope and boundaries of the Risk
Management process.
Setting the Risk Management context involves defining the organization, process,
project or activity (to be assessed) and establishing its goals and objectives duration of
the project, activity or function full scope of the Risk Management activities to be
carried out specifying any including inclusions and exclusions roles and
responsibilities of various parts of the organization participating in the Risk
Management process dependencies between the project or activity and other projects
or parts of the organization;

 Formulation of Risk Criteria

The criteria by which risks will be evaluated have to be decided and agreed. Deciding
whether risk treatment is required, is usually based on operational, technical,
financial, regulatory, legal, social, or environmental, criteria or combinations of them.
The criteria should be in line with the scope and framework defined above.
Furthermore they should be closely related to the organization's internal policies and
procedures and support its goals and objectives.

5
 INTRODUCTION TO RELIANCE INDUSTRIES

Reliance Industries Limited (RIL) is an Indian conglomerate holding

company headquartered in Mumbai, Maharashtra, India. Reliance owns businesses
across India engaged in energy, petrochemicals, textiles, natural resources, retail, and
telecommunications. Reliance is one of the most profitable companies in India, the
largest publicly traded company in India by market capitalization, and the second
largest company in India as measured by revenue after the government-
controlled Indian Oil Corporation.

On 18 October 2007, Reliance Industries became the first Indian company to

breach $100 billion market capitalization. The company is ranked 203rd on
the Fortune Global 500 list of the world's biggest corporations as of 2017.It is ranked
8th among the Top 250 Global Energy Companies by Platts as of 2016. Reliance
continues to be India’s largest exporter, accounting for 8% of India's total
merchandise exports with a value of Rs 147,755 crore and access to markets in 108
countries.Reliance is responsible for almost 5% of the government of India's total
revenues from customs and excise duty. It is also the highest income tax payer in the
private sector in India.

6
HISTORY

1960–1980

The company was co-founded by Dhirubhai Ambani and Champaklal Damani in

1960s as Reliance Commercial Corporation. In 1965, the partnership ended and
Dhirubhai continued the polyester business of the firm. In 1966, Reliance Textiles
Industries Pvt Ltd was incorporated in Maharashtra. It established a synthetic
fabrics mill in the same year at Naroda in Gujarat. In 1975, the company expanded its
business into textiles, with "Vimal" becoming its major brand in later years. The
company held its Initial public offering (IPO) in 1977. The issue was over-subscribed
by seven times. In 1979, a textiles company Sidhpur Mills was amalgamated with the
company. In 1980, the company expanded its polyester yarn business by setting up a
Polyester Filament Yarn Plant in Patalganga, Raigad, Maharashtra with financial and
technical collaboration with E. I. du Pont de Nemours & Co., U.S.

SHAREHOLDING

The number of shares of RIL are approx. 3.1 billion.The promoter group, Ambani
family, holds approx. 46.32% of the total shares whereas the remaining 53.68% shares
are held by public shareholders, including FII and corporate bodies. Life Insurance
Corporation of India is the largest non-promoter investor in the company, with 7.98%
shareholding.

In January 2012, the company announced a buyback programme to buy a

maximum of 120 million shares for ₹104 billion (US$1.4 billion). By the end of
January 2013, the company had bought back 46.2 million shares for ₹33.66
billion (US$470 million).

OPERATIONS

The company's petrochemical, refining, oil and gas-related operations form the
core of its business; other divisions of the company include cloth, retail business,
telecommunications and special economic zone (SEZ) development. In 2012–13, it
earned 76% of its revenue from refining, 19% from petrochemicals, 2% from oil &
gas and 3% from other segments.
7
 In July 2012, RIL informed that it was going to invest US$1 billion over the next
few years in its new aerospace division which will design, develop, manufacture,
equipment and components, including aircraft, engine, radars, avionics and
accessories for military and civilian aircraft, helicopters, unmanned airborne vehicles
and aerostats.

EMPLOYEES
As on 31 March 2013, the company had 23,519 employees of which 1,159 were
women and 83 were employees with disabilities. It also had 29,462 temporary
employees on the same date.As per its Sustainability Report for 2011–12, the attrition
rate was 7.5%. But currently, the same attrition rate has gone up to 23.4% in 2015 as
per latest report released by the organization.

In its 39th Annual General Meeting, its chairman informed the shareholders of the
investment plans of the company of about ₹1,500 billion (US$21 billion) in the next
three years. This would be accompanied by increasing the staff strength in Retail
division from existing strength of 35,000 to 120,000 in next 3 years and increasing
employees in Telecom division from existing 3,000 to 10,000 in 12 months.

AWARDS AND RECOGNITION

 International Refiner of the year in 2017 at Global Refining and

Petrochemicals Congress 2017
 International Refiner of the Year in 2013 at the HART Energy's 27th World
Refining & Fuel Conference. This is the second time that RIL has received this
Award for its Jamnagar Refinery, the first being in 2005
 According to survey conducted by Brand Finance in 2013, Reliance is the
second most valuable brand in India.
 The Brand Trust Report ranked Reliance Industries as the 7th most trusted
brand in India in 2013 and 9th in 2014.

8
  HISTORY OF RISK MANAGEMENT

Risk managers are concerned with the future. Still, it can be instructive and
inspiring to look back to the past sometimes. So, what's the history of risk
management? One very interesting book about this topic, "Against the Gods: The
Remarkable Story of Risk," contends that the true dividing line between what we
should call ancient times and modern times is mastering risk. In this book, Peter L.
Bernstein contends that when people began to understand how to predict and manage
risks, they also began to understand that the future did not just hold random events
generated by the will of the gods or the whims of nature.

How Did Risk Management Start?

Some historians believe that the earliest concept of managing risk arose because of
gaming. Thousands of years before Internet users could play online poker, people in
different ancient civilizations played games with dice and bones. Also, people played
games that evolved into chess and checkers well over two thousand years ago.

Some historical evidence that gaming gave rise to probability theory, important to risk
management, comes from writings by Dante and Galileo. The famous
mathematicians, Pascal and Fermat, wrote each other about games of chance in the
1600s, a correspondence that is believed to have given rise to modern probability
theory used today.

If one were to consider the role of insurance in risk management, it is still possible to
trace it back to ancient times. For example, mutual aid and burial societies have been
documented as far back as the earliest days of ancient Rome. These are considered the
precursors of modern insurance companies.

9
When Did Risk Management Become a Career?

Corporate risk management has been a career before people actually called
themselves risk managers. For example, the first actuaries worked for the precursor of
a modern life insurance company in England as early as the 1700s. However, it is
probably possible to find even earlier examples.

According to "Risk Management: History, Definition, and Critique," the modern

terms for managing risk rose after World War II, but the discipline mostly began as a
study of using insurance to manage risk. Later, from the 1950s to the 1970s, risk
managers began to realize that it was too expensive to manage every risk with
insurance, so the discipline began to expand to alternatives to insurance. For example,
training and safety programs might be considered insurance alternatives.

The Future of Risk Management ?

In Isaac Asimov's "Foundation" series of science fiction books, a mathematician has

developed a system to predict and control the future. We aren't quite there yet, but Mr
Asimov seems surprisingly prescient as Astounding Magazine published the first
story of the series in 1942. Today's risk managers can enjoy the benefits of
sophisticated risk management technology powered by Ventiv's suite of RISK
MANAGEMENT INFORMATION SYSTEM software. This set of tools helps
today's corporate risk managers use information from the past and present to help
minimize and manage all sorts of business risks in the future.

10
  FUNCTION OF RISK MANAGEMENT

Risk management has evolved from being just a discipline to a full-fledged profession
that lots of people are choosing these days. Reason, the discipline has become wider
and has assumed manifold dimensions making it a crucial function in organizations
these days.

No wonder there is an increasing number of universities that offer specialized courses

on risk management and the number of people enrolling themselves is increasing far
rapidly. There are entry level foundation courses at colleges and courses of higher
order to be found in seats of higher learning.

With uncertainty looming large in current world of business globally, risk

management profession and professionals have gained weightage. It is an essential
suite of defense and an equal source of competitive advantage to corporate.

 Risk management professionals generally start with positions that

involve broking or underwriting. The job portfolio widens with time as they
start looking after risk financing and risk control before finally applying it in the
domains of management, accounting, marketing and finance.

Apart from this there are avenues for risk management professionals in the fields of
fire, security and health also. Each field requires a specific qualification and there are
plenty of institutes offering such courses. But be sure that you opt for an institute of
repute after thoroughly assessing the curriculum and ensuring the credibility of the
same.

The primary job responsibilities of a risk management professional include assessing

and identification of operational risk. This is followed by preparation of strategies for
minimizing the risk and mitigating the effect of the risk. He/she works in tandem with
business managers on new business plans and takes care of the associated risk.

The role is specialized and requires special attributes like planning, prioritizing and
execution skills, and an eye for detail apart from the conventional managerial skills.

11
 Career opportunities in Risk Management: As mentioned earlier as a risk
management professional you may start your career as an underwriter working under
more experienced risk managers. Remember, experience counts more in this industry
than just qualifications!

Banking also offers many lucrative avenues. They need good risk management
professionals. Risk is an integral part of all banking activities and therefore the
requirement. However risk management positions and profiles are not floated on job
portals or advertised like other jobs. The hiring is mostly internal in nature, positions
get filled by references. Networking helps a great deal here.

Although risk management finds applications chiefly in the field of finance and
banking with Venture capitalists, insurance and banking companies and wealth
managers hiring qualified and experienced risk management people. However,
Government organizations nowadays also employ risk management professionals in
the fields of fire, earthquake and floods.

12
 ANTICIPATING AND MITIGATING ORGANIZATIONAL
RISKS IN THE DIGITAL AGE

Every era brings with its own share of risks for organizations and other entities. While
the Industrial Era was marked by risks in the form of Employee Unions, Labor
Strikes, and the ever present threat of competition and environmentally damaging
operations, the Services Era brought with it the risk of too much globalization leading
to a Race to the Bottom as well as the peculiar and unique challenges posed by local
conditions and risks.

The present Digital Age too is characterized by several risks, not the least of which is
the Threat from Rapid Obsolescence due to Accelerating Technological
advancements.

For instance, take the case of Apple and the iPhone and we have a situation where it
has to release a new version every Six Months or so, or risk losing ground to its
competitors.

This is something that applies to other Verticals as well where rapid technological
changes mean that organizations have to be always alert to fast changing business
trends.

DATA COLLECTION, DATA SECURITY, AND OTHER RISKS

In addition, business leaders also have to worry about how Data is the New Oil and
hence, the battles in the Corporate Landscape of the 21st Century are all about Access
and Control to the sources of Data.

Moreover, even if a particular organization has humungous amount of data at its

disposal, it has to ensure that such data has been collected in ethical ways and has to
safeguard it against Hackers and other nefarious elements who might want to lay their
hands on the precious data and profit from it.

13
TAKE THE CASE OF FACEBOOK AND GOOGLE BOTH OF
WHICH COLLECT PERSONAL DATA ON A LARGE BASIS.

As can be seen from the recent scandals concerning the controversial methods by
which these entities collected user data as well as shared it with Third Party entities, it
is not hard to see how in future, business leaders have to be wary about being Gung
Ho Pirates who can collect personal data and consumer data at will and share the
booty with others.

As for protecting the data, it is clear that leading corporates and their leaders fret and
worry about where and who the next target of hacking would be.

RISKS FROM 24/7 NEWS CYCLES AND THE CONSTANT

BARRAGE OF SOCIAL MEDIA MESSAGES

Thus, as can be seen from the preceding discussion, the Digital Age is giving
organizations and business leaders sleepless nights.

What adds to the potent mix of threats and risks is the very real threat from the 24/7
news cycle keeping them on their toes as unless they respond to the constant drumbeat
of news channels upending their carefully planned strategies, they would risk Losing
the Narrative.

Moreover, with the proliferation of Social Media and the constant buzz of Tweets and
Facebook posts, business leaders and organizations have nowhere to run or hide as
any small or big event brings with it a barrage of both praise and criticism.

As can be seen from the incessant Trolling on Twitter and Facebook, organizations
need to be always on the lookout for defamatory and derogatory streams of
information.

14
NEW AND OLD FASHIONED THREATS TO HUMAN
RESOURCE MANAGEMENT

Having said that, organizations are also at risk from plain old fashioned threats such
as Attrition and a labor market that has become an employer’s nightmare.

This is especially the case in the United States where the economic boom of recent
years has ensured that there are more jobs than jobseekers and consequently,
organizations and their Human Resource Managers have to confront the risks from the
asymmetric and the lopsided job market.

In addition, this glut of jobs has resulted in some potential candidates not turning up
for work after selection and this trend known as Ghosting where employees absent
themselves from work and disappear as well as do not join the organizations on the
date of commencement of employment.

Moreover, there are also instances of employees stealing data and other confidential
information with relatively old fashioned methods of carting away such organizational
data on Pen Drives and other memory storage devices.

MAN VS. MACHINE AND APOCALYPTIC SCENARIOS

A key threat for organizations and business leaders in the Digital Age is on how to
anticipate the next business trend and identify the risks and mitigate them and plan
accordingly.

The use of AI or Artificial Intelligence powered technologies and software leads to

both greater efficiency as well as the risk of the Machines Taking Over.

15
In other words, while Automation might be good for profitability, it
is also a key threat since runaway AI can simply override the humans
in the organization and lead to apocalyptic outcomes.

This was seen recently when a flight originating from Thailand crashed mainly
because of the software overriding the Pilots commands and despite a Heroic battle
between Man and Machine, the latter won with tragic consequences.

This is the reason why many leading business leaders are calling for enhanced
supervision of automated operations so that the ultimate decisions are made by the
humans and not the machines.

SPEED AND DEPTH OF THE RISKS

Lastly, as mentioned in the introduction, each era has its own threats and risks.

However, what is different in the Digital Age are the Speed and the Depth of such
threats coming together at the same time creating a Perfect Storm of events that can
bring down the entire organization and who knows, the world itself.

With the interconnected web of people and the speed at which information flows,
organizations have seen more threats than before.

AUTOMATED CLAIMS PROCESSING

Claims processing is probably the most important function for any insurance
company. This is because this process is where the insurance company actually
delivers on its commitment. The speed and convenience with which the claims are
settled have a long bearing on the reputation of the insurance company.

Nowadays, most insurance companies have started automating their claims process.
This decision is obvious given the numerous benefits that a company stands to reap
after such automation has taken place.

16
 IN THIS ARTICLE, LET’S HAVE A CLOSER LOOK AT THESE
BENEFITS.

REDUCED DATA ENTRY

Customers are required to fill in numerous forms as a part of their claims process. The
information received from these forms has to be entered into a centralized system. No
processing can be carried out unless this information is available in electronic format.

Before automation was extensively implemented in the claims industry, entering this
data into the system was a manual, time-consuming as well as expensive process.
However, modern technology has made it possible for software to directly read the
information from forms and input it into the system. Hence, the conversion of data
from paper forms to electronic entries can be accomplished with very little manual
intervention.

Since data processing is one of the biggest costs which is incurred by any insurance
company, reduced data entry goes a long way in saving costs.

COMPLETENESS OF APPLICATION

The lack of complete data is a major hindrance to fast processing of insurance claims.
The reality is that in order to claim insurance, different types of documents need to be
submitted. The list of these documents varies on a case to case basis. Hence, it is not
possible to give a simple checklist which can be verified.

Since the requirements are complex, most insurance consumers miss out on providing
certain information in the first go. As a result, their application is sent back, and they
are asked to submit more documents. The process usually goes back and forth a
couple of times before the claim is actually processed.

The iterative nature of this process is a problem for both the insurance companies as
well as the consumers. This is because the consumers have to wait longer before they
can get the money which is owed to them. From an insurance company’s point of
view, the continuous back and forth means the efficiency of the back office, as well as
front office staff, is compromised leading to higher costs.

17
ELIMINATES NEED FOR STORAGE

As already mentioned in the first two points, the claims process involves a lot of
paperwork. Insurance companies are supposed to hold on to this paperwork for further
reference. This becomes a problem since it is very difficult to maintain a physical
archive.

With increasing automation in the claims processing industry, physical archives have
now become obsolete. They are now being replaced by electronic archives. Electronic
archives are easier to maintain. This is because the process of archiving as well as
retrieving documents can be automated. This means that considerably less manpower
and money needs to be spent on maintaining the archive. Also, since electronic
archive does not occupy much space in the real world, the real estate costs are also
saved.

AUDIT TRAIL

The best part about automating the claims process is that the audit becomes extremely
easy. If any insurance executive has accessed a particular claim file or has performed
any action related to the claim, their information is automatically recorded by the
system. The software, therefore, creates a trail which can be easily checked while
conducting audits. This feature is extremely valuable to insurance companies who
have lost a lot of money in the past due to the connivance of their support staff with
outsiders.

VISIBILITY TO THE CONSUMER

From the consumer’s point of view, the entire claims process is a black box. This
means that the consumer doesn’t know what is happening to their claim until they
receive the money. This creates a feeling of ambiguity and uncertainty. Consumers do
not mind waiting for some more time as long as they are in the loop regarding what is
happening with regards to their claims.

New and advanced automated claims processing software makes it possible to provide
this information to customers in a timely manner. Customers are often provided with a
flowchart to explain the various stages that their claim will have to go through. A

18
dashboard provides real-time to updates to customers whenever they log in to the
system. Hence, automated claims processing software not only reduces costs by also
enhances customer experience.

IDENTIFICATION OF FRAUDULENT CLAIMS

Automated claims processing software also has the ability to detect patterns in data.
Hence, whenever auditors detect a fraudulent claim, they are supposed to flag it to the
system. Over the course of time, the software has its own database of fraudulent
claims. The system can then run analytical operations on this data in order to identify
patterns which were common amongst those fraudulent claims. This data can then be
used by the software to flag new claim applications which follow the same pattern and
therefore may be fraudulent. Most claim processing software have the capability to
continuously learn as more and more data points are added to their database over an
extended period of time.

To sum it up, automating the claims settlement process has become a norm in the
software industry. Companies that do not automate this process in the next few years
may not survive since their administrative costs will be much more as compared to
their competitors.

19
 ADVANTAGES OF RISK MANAGEMENT:
Risk management process is considered as an important discipline that the business
has in its recent times.
Many organizations tend to realize the advantages of enterprise risk management.
Following are few benefits of risk management in projects:

 BENEFITS OF RISK IDENTIFICATION:

Risk identification helps in fostering the vigilance in times of discipline and calm at
the times of crisis. It implies all the risks in prior that are most likely to happen and
are planned to execute without any assumptions that run.
These positive risks are often held upon most of the occurrences. It helps in
opportunity risks so as to be aware of the forthcoming issues.

 BENEFITS OF RISK ASSESSMENT:

It focuses on the identified tasks on assisting the impact of business or projects. This
phase focuses on the ideas that are discussed among the stakeholders. It has greatest
advantage of dealing with the points that are finalized with more possible solutions.
It has sense of all views that turns into accountability of each and every social life.
Participation in these kinds of assessments will help one to tackle his/her risks.
It promotes organizational culture.

 TREATMENT OF RISKS:
It helps in treating one’s own risks that are the subsets of implementing a plan. It has
internal compliance that are brought and mitigated towards the forsaken actions.
Its opportunity falls in the lack of preparation and even more realized upon the
profitable data that relieves through internal controls.

 MINIMIZATION OF RISKS:
The risks that are handled within the given assessments plans are foreseen within the
business functions. It enables one to speed up the data to change policies and
contingencies that are made successful within the mapped business functions.
Here the cost beneficial analysis is to be revised within the ownership of risks. It
focuses on change of policies within the detailed structural behavior.

20
 AWARENESS ABOUT THE RISKS:
Here the terms that are noticed will create awareness among the scheduled terms of
risks that are a successful analysis and evaluation of exercising the modules of risks.
It enables one to concentrate on the risk treatments within the lessons learnt and are
scheduled into lack of preparation. It has subsequent phases regarding each module
within the identified data.

 SUCCESSFUL BUSINESS STRATEGIES:

Risk management strategy is not one-time activity and the grade points are finalized
within the recent status. It has different stages that modulate to lack of preparation,
planning and successful implementations of all the plans.
It has operational efficiency that is realized upon the mitigation of negative risks. It
has contingent policies over the preparation of business in the measures of treatment.

 SAVING COST AND TIME:

It threats to the task that is completed over the projects and the other business
strategies.
It always results in saving the costs that are consolidated within the items that are
practiced. It prevents wastage and make up the time for firefighting.

 NEW OPPORTUNITIES:
The opportunities that are emerging are held within the new ways of communicating
on the unravel issues.
It has collective and least significant part that matches with most of the scenarios. It
prepares for the future endeavors and the related exhaustive efforts as inputs.

 HARVESTING KNOWLEDGE:
Here one must try to spend the knowledge about the stakeholder’s experience of the
preemptive approach that are made applicable for the unprepared threats towards the
knowledge gained and this provides a template to face the readymade risks.

21
 PROTECTING RESOURCES:
The risk management plans and policies under help in protecting the resources of the
organization. This helps in promoting the resources instead of using them illegally.
It also equips safety among the adaptive changes to the staff alternatives and is
bundled together with the other resources. It builds production plans and the
alternative plans or the process of re-routing.

 IMPROVEMENT IN CREDIT RATINGS:

The improvement in credit ratings evolves numerous agencies that support the
accomplished tasks resulting in lower budget investments.
It has capital volatility that translates the greater confidence issues particularly with
the stakeholders. It aims at building multiple business aspects that have tangible
benefits.

 REGULATORY COMPLIANCES:
This framework helps in meeting regulatory needs. It performs and measures the risk
managements. This improvement helps in attaining the higher credit aspects.
It also derives higher efficiency towards the capital volatility and even the rating
metrics that are assigned to the compensated business plans. It translates into greater
confidence of improved stakeholders that are made applicable within the insured
business.

 VALUES SHAREHOLDERS:
It aims at the borrowing capacity of the shareholder that has significant effort within
the management and assumes the determinant roles that the company can extend to.
It has exact decision making process within the current models and also the expected
regulatory recruitment.

22
 DISADVANTAGES OF RISK MANAGEMENT:

Managing the risks provides the waste of time to compensate the projects. It
persuades the projects that reciprocate to improve the funds in the company. It is
spent on the research and development of the allocated issues that hold to ensure
project management.

 COMPLEX CALCULATIONS:
Risk management involves complex calculations in terms of managing risks. Without
the automatic tool, each and every calculation regarding risks becomes difficult.
It involves the ideal data that contributes to the employee’s standards. This process is
really difficult to predict.

 UNMANAGED LOSSES:
If the organization meddles with a loss, then that pay will be delivered to the pay loss
of the firm.
Here, the organization is responsible for the loss that happened due to improper
schedule about the risk management.

 AMBIGUITY:
Even if the ambiguity is out of loss then people have to cover it within the planned
scale of losses of the discounts and even the consideration into unnecessary insurance
discounts.

 DEPENDS ON EXTERNAL ENTITIES:

Managing risks depends on the external entities that are modulated within the
organization, usually depends on the external data.
It includes all the dependent information about the risks regarding other valid
resources. The transferable resources depend on the external entities that tend to have
data.

23
 MITIGATION:
Usually, mitigation guarantees losses of the concealed impairment of money which
may cause improper management of risks. This leads to unsafe acceptance of data
within rare company losses.

 DIFFICULTY IN IMPLEMENTING:
Risk management takes a long time to gather the information regarding the strategic
plans. It has universal standards that are mitigated and accepted according to the
monetary values.
It matches with the hard understanding without recent experience without
compensation of the required quantity of data.

 PERFORMANCE:
Since the risk management can be processed only with subjectivity, it holds on the
control of prospects within each issue. It can be identified with the difficult
implementation of controls.
It manages the cost benefits analysis that is not implemented. This process
concentrates more on the implementation of controls.

 POTENTIAL THREATS:
These potential threats are to be maintained carefully so as to organize and disappear
from the market. This implementation reduces the level of risk and proportionally
increases the control over it.
Any kind of process will have its own limitations and benefits of project risk
management. Thus to build an effective risk management one has to focus on the
mitigated strategic plans of risks that are effective on the risk takers. It is to identify
the maximum of the entire management to overcome forthcoming dangers.
Risk management becomes the major case when the organization has targeted results
apart from the potential threats, damages and vulnerabilities.

24
 PRINCIPLES OF RISK MANAGEMENT

Various organizations have laid down principles for risk management. There are risk
management principles by International standardization Organization and by Project
Management Body of Knowledge.

The Project management body of knowledge (PMBOK) has laid down 12 principles.
This article carries an amalgamation of both PMBOK and ISO principles. The
various principles are:

1. ORGANIZATIONAL CONTEXT: Every organization is affected to

varying degrees by various factors in its environment (Political, Social, Legal, and
Technological, Societal etc). For example, an organization may be immune to
change in import duty whereas a different organization operating in the same
industry and environment may be at a severe risk. There are also marked
differences in communication channels, internal culture and risk management
procedures. The risk management should therefore be able to add value and be an
integral part of the organizational process.

2. INVOLVEMENT OF STAKEHOLDERS: The risk management

process should involve the stakeholders at each and every step of decision
making. They should remain aware of even the smallest decision made. It is
further in the interest of the organization to understand the role the stakeholders
can play at each step.

3. ORGANIZATIONAL OBJECTIVES: When dealing with a risk it is

important to keep the organizational objectives in mind. The risk management
process should explicitly address the uncertainty. This calls for being systematic
and structured and keeping the big picture in mind.

4. REPORTING: In risk management communication is the key. The

authenticity of the information has to be ascertained. Decisions should be made on
best available information and there should be transparency and visibility
regarding the same.

25
5. ROLES AND RESPONSIBILITIES: Risk Management has to be
transparent and inclusive. It should take into account the human factors and ensure
that each one knows it roles at each stage of the risk management process.

6. SUPPORT STRUCTURE: Support structure underlines the importance of

the risk management team. The team members have to be dynamic, diligent and
responsive to change. Each and every member should understand his intervention
at each stage of the project management lifecycle.

7. EARLY WARNING INDICATORS: Keep track of early signs of a risk

translating into an active problem. This is achieved through continual
communication by one and all at each level. It is also important to enable and
empower each to deal with the threat at his/her level.

8. REVIEW CYCLE: Keep evaluating inputs at each step of the risk

management process - Identify, assess, respond and review. The observations are
markedly different in each cycle. Identify reasonable interventions and remove
unnecessary ones.

9. SUPPORTIVE CULTURE: Brainstorm and enable a culture of

questioning, discussing. This will motivate people to participate more.

10. CONTINUAL IMPROVEMENT: Be capable of improving and

enhancing your risk management strategies and tactics. Use your learning’s to
access the way you look at and manage ongoing risk.

26
2. LITERATURE REVIEW

In this section, we try to provide an idea about the basics concepts of risk
management based on the liturature review. This includes a generic definition of risk,
risks management and their method. The risk The thematic of risk management is not
new, but it is recent and not very studied in logistic chain (or supply chain), the first
work that explicitly addresses for the risk management in the supply chain dating
from 2003. The risk is present in many activities including the logistic in which one
consequence of the risk that it is increasing and affect around all the logistic networks,
therefore the managers need to make a great deal of effort to identify and manage
risks. The meaning of risk can be differ from one person to another depending on their
point of views, attitudes and experience what makes the study of risk more and more
complex. Aven , proposed a basic risk theory based on brief selected review that over
the last 15-20 years and he presented the evolution of risk concept in Oxford English
Dictionary since 1679, we think that definition followed the environment evolution.
Veland and Ave, proposed the same based classification of risk given by Aven and
they used theses definition to discuss how the risk perspectives influence the risk
communication between the decision-makers, the risk analysts, experts and lay
people. Indeed, for Karimiazari et al , engineers, designers and contactors view risk
from the technological perspective, lenders and developers tend to view it from the
economic and financial side.
So, the question is: what is a risk? The first answer, the risk is the probability that
an event or action may adversely affect the organization . For Mazouni, the risk is an
intrinsic property of any decision, it is measured by a combination of several factors
(severity, occurrence, exposure to, etc.), although it is generally limited to two factors:
severity and frequency of occurrence of a potentially damaging accidents that
incorporate some exposure factors.

27
3. METHODOLOGY OF STUDY

Your company has an elaborate group risk management framework which is

designed toenable risks to be identified assessed and mitigated appropriately. The
risk management committee of the company has been entrusted with the
responsibility to assist the board in

(a) Overseeing and approving the company enterprises wide risk management
framework.
(b)
(c) Overseeing that all the risks that the organization faces such as strategic and
commercial safety and operations compliance and control and financial
risks have been identified and assessed and there is an adequate risk
management infrastructure in place capable of addressing those risks

28
4. DATA ANALYSIS AND INTERPRETATION

Risk is made up of two parts: the probability of something going wrong, and the negative
consequences if it does.Risk can be hard to spot, however, let alone prepare for and
manage. And, if you're hit by a consequence that you hadn't planned for, costs, time, and
reputations could be on the line.

This makes Risk Analysis an essential tool when your work involves risk. It can help you
identify and understand the risks that you could face in your role. In turn, this helps you
manage these risks, and minimize their impact on your plans.
In this article and video, we look at how you can use Risk Analysis to identify and
manage risk effectively.

Risk Analysis is a process that helps you identify and manage potential problems that
could undermine key business initiatives or projects.
To carry out a Risk Analysis, you must first identify the possible threats that you face,
and then estimate the likelihood that these threats will materialize.
Risk Analysis can be complex, as you'll need to draw on detailed information such as
project plans, financial data, security protocols, marketing forecasts, and other relevant
information. However, it's an essential planning tool, and one that could save time,
money, and reputations.

29
INTERVIEW QUESTIONS

Q1. What Are The Company’s Top Risks, How Severe Is Their Impact And
How Likely Are They To Occur?
Answer :Managing enterprise risk at a strategic level requires focus, meaning
generally emphasizing no more than five to 10 risks. Day-to-day risks are an
ongoing operating responsibility.

Q2. How Often Does The Company Refresh Its Assessment Of The Top
Risks?
Answer :The enterprise wide risk assessment process should be responsive to
change in the business environment. A robust process for identifying and
prioritizing the critical enterprise risks, including emerging risks, is vital to an
evergreen view of the top risks.

Q3. Who Owns The Top Risks And Is Accountable For Results, And To
Whom Do They Report?
Answer :Once the key risks are targeted, someone or some group, function or unit
must own them. Gaps and overlaps in risk ownership should be minimized, if not
eliminated.

Q4. How Effective Is The Company In Managing Its Top Risks?

Answer :A robust process for managing and monitoring each of the critical
enterprise risks is essential to successful risk management, and risk management
capabilities must be improved continuously as the speed and complexity of
business change.

Q5. Are There Any Organizational “blind Spots” Warranting Attention?

Answer :Cultural issues and dysfunctional behavior can undermine the effectiveness
of risk management and lead to inappropriate risk taking or the undermining of
established policies and processes.

30
 RISK MANAGEMENT PROCESS

There are several bodies that lay down the principles and guidelines for the process of
risk management. The steps involved remain the same more or less. There are small
variations involved in the cycle in different kinds of risk.

The risks involved, for example, in project management are different in comparison to
the risks involved finance. This accounts for certain changes in the entire risk
management process. However the ISO has laid down certain steps for the process
and it is almost universally applicable to all kinds of risk. The guidelines can be
applied throughout the life of any organization and a wide range of activities,
including strategies and decisions, operations, processes, functions, projects, products,
services and assets.

As per ISO 31000 (Risk Management - Principles and Guidelines on

Implementation), risk management process consists of the following steps and sub-
steps:

 Establishing the Context

 Identification

 Assessment

1. ESTABLISHING THE CONTEXT: Establishing the context means all

the possible risks are identified and the possible ramifications are analyzed
thoroughly. Various strategies are discussed and decisions are made for dealing
with the risk. The break-up of various activities in this stage is as follows:

 Identification of a risk in one particular domain.

 Planning out the entire management process.

 Mapping the manifestations of the risk, identification of objectives of risk etc.

 Outlining a framework.

 Designing an analysis of risks involved at each stage.

 Deciding upon the risk solution/s.

31
2. IDENTIFICATION: Once the context has been established successfully, the
next step is identification of threats or potential risks. This identification can be at
the level of the source or the problem level itself.

Source analysis means that the source of risks is analyzed and appropriate
mitigation measures are put in place. This risk source could be either internal or
external to the system. Examples of the risk source could be employees of the
company, operational inefficiency in a certain process etc.

Problem analysis on the other hand means the effect rather than the cause of the
risk is analyzed. For example a drop in production, threat of losing money etc!

The choice of the method varies across industry, organizational culture and other
factors. However some common methods of risk identification are:

 Taxonomy based Risk Identification: The possible risk sources are broke down,
hence taxonomy. A questionnaire is made best on existent knowledge; the answers
to the questions are the risk.

 Objective based Risk Identification: An organization or any business activity has a

certain objective/s. Any activity that is deemed an obstacle in the achievement of
the same is perceived as risk.

 Scenario based Risk Identification: Here various scenarios, which may be

alternative ways to achieve an objective, are created. If an undesired scenario is
created, a threat is perceived with the same.

 Common Risk Check: There are certain risks that are common to an industry.
Each risk is listed and checked on time.

3. ASSESSMENT: Once the risks have been identified, they are then assessed on
their likelihood of occurrence and the impact. This process can be simple as in
case of assessment of tangible risks and difficult like in the assessment of
intangible risks. This assessment is more or less a guessing game and the best
educated guess decides the success of the plan.

32
RISK MANAGEMENT PLAN

Any project immaterial of the size of the same carries a lot of risks, which may be
financial, non-financial, legal or physical. Having an effective risk management plan
is first and foremost to the success of any project. The task is to anticipate these risks
well in advance before the project takes off.

A good risk management plan carries number of tools and strategies

to mitigate risk. The strategy may be to avoid risk or transfer a
component of it another project so that the impact is reduced.

Other risk management strategies may suggest the acceptance of the risk. This is
decided after a thorough cost/benefit analysis. The risk management plan also
depends on how the risks are prioritized by the organization. Based on relative
priorities risks are given weightage, for example a certain organization may be more
concerned about the physical and legal risks, whereas another organization may be
focusing on operational or strategic risks. Risk priority defines the strategy and finally
the plan.

Besides keeping the risk management cycle in mind; before the final draft, an

effective risk management plan may traverse through following:

 MAKE A LIST: Before starting or deciding on anything else it is important to

make a list of potential risks. Even the minutest details need to be taken care of.
Something that appears a minute threat now may transform into a potential risk in
the near future. This is especially true for project management. Enlist the
categories of the project and then evaluate each for risks. For example there may
be a cost category; determine the factors that may increase cost and make a list.

 PRIORITIZE THE RISKS: Arrange the risk in order of priority. Those that
need to be dealt with first are listed first. Risks are prioritized on the basis of
degree of impact and the likelihood of occurrence.

33
 DEVELOPING AND ACTION PLAN: Plans are designed to minimize
the impact of the risk and to check the occurrence. In addition, an action plan in
developed against each risk i.e. in event of occurrence how do we respond to the
risk, who all will be responsible and what are the contingencies.

 HUMAN RESOURCE DEPLOYMENT: Now people are deputed at

specific points with specific roles. They work in tandem with the entire team and
are specially deployed to undertake planned actions in case the anticipated risks
come true. These actions are to be taken at specific points in time; a timeframe is
necessary.

 COMMUNICATION: Finally, communication of the plan to stakeholders

(both internal and external becomes necessary). Present the plan to those who are
supposed to make key interventions. Explain the timeframes and the actions and
the responsibilities.

The formulation of the plan is in tandem with the risk management cycle which acts
as the basic guideline. Both work in sync, in fact the interventions in step 3 discussed
above cannot be without a thorough understanding of the cycle.

34
EVALUATION OF A RISK MANAGEMENT PLAN

A risk management plan can never be perfect. However, the degree of its success
depends upon risk analysis, management policies, planning and activities. A well-
defined management plan can be successful only if risks are properly accessed. And if
not, the main objective of risk management plan itself is defeated. Critical evaluation
of a risk management plan at every stage is very necessary especially at an early
stage. It will allow companies to discover the flaws before it gets into the action. Once
you’re through the process, you can address the issues and then introduce it.

The below mentioned steps can help in analyzing and evaluating a risk
management plan:

 PROBLEM ANALYSIS: Keep a note of all the events and activities of a

risk management plan. Check out the problems arising from their implementation
and assess if they have a serious impact on the whole process. Make a note of
those that have serious implications.

 MATCH THE OUTCOMES OF A RISK MANAGEMENT

PLANS WITH ITS OBJECTIVES: Ends justify means. Check if the
possible outcomes of a risk management plan are in tandem with its pre-defined
objectives. It plays a vital role in analyzing if the plan in action is perfect. If it
produces desired results, it does not need to be changed. But if it fails to produce
what is required can be a really serious issue. After all, an organization deploys its
resources including time, money and human capital and above all, the main aim of
the organization is also defeated.

 EVALUATE IF ALL THE ACTIVITIES IN THE PLAN ARE

EFFECTIVE: It requires a thorough investigation of each activity of a risk
management plan. Checking out the efficiency of all the activities and discovering
the flaws in their implementation allow you to analyze the whole plan
systematically.

35
 EVALUATE THE BUSINESS ENVIRONMENT: A thorough study
and critical evaluation of business environment where a risk management plan is
to be implemented is essential. Take time to assess, analyze and decide what
exactly is required.

 MAKE POSSIBLE CHANGES IN FAULTY ACTIVITIES: After

evaluating the effectiveness and efficiency of all the activities, try to make
possible changes in the action plan to get desired results. It may be very time
consuming but is necessary for successful implementation of your risk
management plan.

 REVIEW THE CHANGED ACTIVITIES: After making changes in

already existing activities and events of a risk management plan, go for a final
review. Try to note down the possible outcomes of the changed activity and match
them with the main objectives of the risk management plan. Go ahead in case they
are in line with them.

Evaluating a risk management plan sometimes can be very frustrating. It is definitely

a time consuming process and also requires more of human efforts. Therefore, it is
always better to analyze and evaluate a plan at every stage otherwise it will result in
wastage of time, finances and efforts. In order to keep a check on it, specialized teams
of risk managers can be appointed. The whole event can be outsourced to a risk
management firm. The professionals at the firm can help you design, develop,
implement and evaluate a risk management plan for your company.

36
 RISK TREATMENT - RISK RESPONSE PLANNING

A risk treatment is mandatorily a part of an effective risk management plan. The plan
here means how you respond to the reported potential risks. It details on strategies on
how to deal with the various risks - low or high, acceptable or unacceptable. The plan
also outlines the role and responsibilities of the team members.

Literally speaking, risk treatment also known as risk control, is that part of the risk
management where decisions are made about how to deal with risks either in the
external or internal environment. Various options like risk reduction, risk avoidance,
risk acceptance and risk transfer.

Before you embark on risk treatment there is something called as risk response
planning that needs to be taken care of. It is explained in detail below:

RISK RESPONSE PLANNING

Risk response planning no doubt is an integral aspect of risk treatment. The planning
covers discusses and evaluates inputs like risk register, risk profiles and cause control
matrix. Strategies are formulated and documented in this stage. The following four
different strategies are discussed upon.

 AVOIDING RISK - Risk avoidance requires identification of the risks first

and foremost. This can be achieved through previous project experiences and
histories. An analysis is then made upon those that have a tendency to arise
upfront at project initiation. Then finally a course of action is arrived upon after
assessing the relative impact of the risks.

 TRANSFERRING RISK - Risk transfer is one of the better means to dilute

the impact of the risk. In project management as in finance a risk is often
transferred to a third party. It only means the impact of risk is diluted to an extent
that event or activity or project for that matter does not suffer a body blow. It also
means that a special team outside of the project that bears the impact of the risk.

37
 MITIGATING RISK - Risk mitigation is a control process that essentially
stops a risk before it starts making an impact and bringing it to an acceptable
level. Often a contingency plan is put in place to prevent the risk.

 ACCEPTING RISK - Finally, there are certain risks that are unavoidable.
This strategy is the best when the risk is low. But there has to be a due plan for the
same such as determining when the project will be exposed to the risk and making
small adjustments accordingly. A risk that is acceptable can be considered passive
since no action at all is taken upon the same.

By the end of risk response planning various risks and the corresponding strategies
are documented. A risk register is ready that contains all details vis-à-vis the time of
occurrence, priority and the people involved in handling the risk. The risks have
already classified as either internal or external. Relevant risks are assigned to relevant
stakeholders accordingly.

38
 ENTERPRISE RISK MANAGEMENT

The CAS committee on Enterprise risk management has given the following
definition of the same - ‘The discipline by which any organization in any industry
assesses, controls, exploits, finances and monitors risk from all the sources for the
purpose of increasing organizations short-term and long-term value to its
stakeholders’.

In simpler terms enterprise risk management includes all the tools and processes
employed by an organization to manage and control risks and grab more opportunities
in the market place. It provides a framework for better risk management.

Enterprise risk management starts with identification of events that are of relevance to
the organization, the risks and opportunities. These events are evaluated on the basis
of their impact and probability of occurrence and a strategy is designed to counter or
meet the same; all this to add more value to stakeholders.

It is an approach where in risk is looked upon as an opportunity and at the same time
is monitored such that it may not affect an organization to a large extent.

Typically the following four strategies, called as ‘risk response strategy’ are adopted
by organizations while facing a risk.

 Exit strategy: Avoiding the activities that lead to risk.

 Reduction strategy: taking certain actions that decrease the impact of the risk.

 Share or Insure strategy: Transferring a certain component of risk so that

impact is reduced.

 Accept strategy: No step is taken to mitigate risk. This is taken due to

cost/benefit considerations.

39
Conceptual Framework: ERM in the table below has been conceptualized in two
dimensions, one showing the types of risk and other the various risk management
process steps.

A brief explanation of the various kinds of risk is as follows:

Hazard Risk: Natural disasters, liability damages, Property damages due to fire,
tornado etc, injury or illness to its employees.

Financial Risk: Risks like foreign exchange risk, commodity risk, pricing risk,
asset risk, liquidity risk.

Operational Risk: labor relations, customer satisfaction, product failure etc.

Strategic Risk: Competition, fluctuation in demand and market price, regulatory

and political trends, social trend, capital availability.

The other dimension of the table carries the steps of entire risk management process.
The process starts from an understanding the conditions in which organization
operates (Establishing context). In the next stage various threats are identified
(Identifying threats) proceeded by analysis of risks.

The risks are then integrated and prioritized. In the penultimate stage strategies are
designed for controlling risks (Treat Risk). Finally, the risk environment is
continually monitored and the strategies are evaluated.

40
 RISK MANAGEMENT AND STOCK MARKET

In stock market there is strong relationship between risk and return. Greater the
risk, greater the return generally! In financial terminology risk management is the
process of identifying and assessing the risk and then developing strategies to manage
and minimize the same while maximizing the returns.

Every investment demands a certain amount of risk and for an investor to assume
this risk he has to be compensated duly. This compensation is in the form of
something called as the risk premium or simply the premium. Risk is therefore central
to stock markets or investing because without risk there can be no gains. Successful
investors use stock market risk management strategies to minimize the risk and
maximize the gain.

In financial markets there are generally two types of risk; first the Market risk and
second the Inflation risk. Market risk results from a possibility in increase or decrease
of financial markets. The other risk i.e. the Inflation or the purchasing power risk
results from rise and fall of prices of goods and services over time.

The inflation risk is an important consideration in long term investments where as

the market risk is more relevant in the short term. It is the market risk that can be
managed and controlled to a certain extent, inflation risk cannot be controlled.

There are certain strategies that can be employed to mitigate the risk in a stock
market. The strategies are as follows:

1. FOLLOW THE TREND OF THE MARKET: This is one of the

proven methods to minimize risks in a stock market. The problem is that, it is
difficult to spot trends in the market and trends change very fast. A market trend
may last a single day, a month or a year and again short term trends operate within
long term trends.

41
2. PORTFOLIO DIVERSIFICATION: Another useful risk management
strategy in the stock market is to diversify your risk by investing in a portfolio. In
a portfolio you diversify your investment to several companies, sectors and asset
classes. There is a probability that while the market value of a certain investment
decreases that of the other may increase. Mutual Funds are yet another means to
diversify the impact.

3. STOP LOSS: Stop loss or trailing tool is yet another device to check that you
don’t lose money should the stock go far a fall. In this strategy the investor has the
option of making an exit if a certain stock falls below a certain specified limit.
Self-discipline is yet another option employed by some investors to sell when the
stock falls below a certain level or when there is a steep fall.

Ask warren buffet, the greatest investor of all time, what is your advice to investors
and he says ‘don’t lose money!’ But stock market connotes risk and fortunately there
are enough strategies for a wise investor to safeguard his money and ensure gain. A
careful and timely exercise of these options helps you see of the risk involved.

42
 OUTSOURCING RISK MANAGEMENT FUNCTION

Managing risk efficiently and effectively can be a determining factor in the overall
success of any organization. Most of the companies try to develop a risk management
plan on their own and some outsource this function. Outsourcing risk management
function is not a new concept and is being widely used by many organizations
nowadays. However, contracting out risk does not guarantee an organization’s success
at all but yes; there are greater chances of success. Reason being, the program is
designed, developed, implemented and reviewed by risk management professionals
and therefore, can improve the quality of your overall plan.

Outsourcing may or may not be necessary. There are several factors that influence this
decision including type of firm, type of risk, company’s current financial status,
interior and exterior business environment and level of human intellect. If company
possesses and retains intellectual and knowledgeable people, requirement of
outsourcing risk is less. But if, it is an entirely different situation to deal with or
company does not possess that level of people, chances of hiring services from
outside increase.

Outsourcing or contracting out non-core services may deliver good

results and substantial benefits to the organization. In today’s world, any
company can employ external sources and utilize their specialized services. The main
benefit is that it reduces your cost as well as saves your time. You no longer need to
employ all your resources for this particular task. Once you outsource risk, the routine
work within and outside the organization will not be affected. Moreover, it will save
your human hours. In addition to this, these specialized services are far less expensive
than an in-house risk management plans. So, in wider terms, contracting out risk
management can give you triple benefit.

Even after considering all above advantages, outsourcing risk is still a critical decision
and needs careful considerations and planning. Unbiased advice from experts is one
of the most essential requirements so that they can advice you if you really need to
develop a risk management plan or if it so, should you purchase external services.

43
There are several companies offering such specialized services. The need is find one
that understands your requirements and suits your budget. Therefore you need to
decide before something terribly goes wrong.

Another major issue is that controlling risk is not always required. Sometimes, you
can simply let it go. But it doesn’t mean to be careless about it. It simply means you
don’t need to develop a full-fledged risk management plans. Initial two-three steps
can help averting risk. A defensive strategy can prove to be extremely useful in some
cases. It not only saves your efforts but also your time, money and human resource. If
you require only minor alterations avoid contracting out.

Outsourcing risk has its own advantages and disadvantages. The major
advantages are reduction in cost, development of specialized plan, decreased time
consumption and lessened employee hours. On the other hand, the process itself can
be very risk as you may need to disclose the confidential information to the
outsourcing firm so that they can better understand the current standing of your
organization. It may also bring undesirable changes in your company. The need is to
keep a check on outsourcing companies and taking a note of their activities.

44
5.FINDINGS AND SUGGESTIONS

Make a record of your significant findings - the hazards, how people might be
harmed by them and what you have in place to control the risks. Any record
produced should be simple and focused on controls.

If you have fewer than five employees you don’t have to write anything down.
But it is useful to do this so you can review it at a later date, for example if
something changes. If you have five or more employees you are required by law
to write it down.
Any paperwork you produce should help you to communicate and manage the
risks in your business. For most people this does not need to be a big exercise -
just note the main points down about the significant risks and what you concluded.

An easy way to record your findings is to use our risk assessment template .
When writing down your results keep it simple, for example 'Fume from welding:
local exhaust ventilation used and regularly checked'.

Risk management professionals should not take lightly the complexity associated
with providing healthcare services. While regulations, third-party payer
requirements, and licensing/accreditation standards contribute to this complexity,
formalized policies and procedures can mitigate it.

45
46
6.CONCLUSION

Institute’s International Project Risk Assessment (IPRA) tool. It provides a

systematic method to identify, qualitatively assess, and determine the relative
importance of specific risks across a project’s life cycle. IPRA consists of 82 pre-
identified risk elements that can be assessed according to the likelihood of occurrence
and relative impact based on data from a large sample of projects.
Program managers and DOE senior management can contribute to effective risk
management by ensuring that project directors and IPTs effectively carry out the
actions listed above and by requiring projects to report on the status of all risks and
risk management activities in every project status report and at every project review
meeting.
Conventional project management is reactive: Senior owner management becomes
involved when the project is already over budget, over schedule, and—possibly—
underperforming, when it is too late to correct the situation by improving project
management.

47
 7.BIBLIOGRAPHY

SR.NO. BOOK NAME AUTHOR NAME

1 RISK MANAGEMENT DHAVAL PAREKH

2 ESSENTIAL OF RISK Michel Crouhy

MANAGEMENT

WEBLIOGRAPHY
https://en.wikipedia.org/wiki/List_of_companies_of_India
https://www.mindtools.com/pages/article/newTMC_07.htm
https://www.ncbi.nlm.nih.gov/pubmed/12122845

48
49
50
51
52
53
54
55
56