Global Risk Report 2014–Risk Response Strategies


1.   Introduction

The first two parts of the Global Risk Report 2014 deal with processes that are analogous to some of the planning processes of Risk Management used in project management:  Plan Risk Management, Identify Risks, and Perform Qualitative and Quantitative Risk Analysis.   Part Three of the Global Risk Report 2014 deals with the next process, which is Plan Risk Responses.

2.  General Risk Strategies

There are four general strategies for dealing with risk, depending on whether they are negative risks (threats) or positive risks (opportunities).  Which strategy to use depends on two factors:  the probability of the risk occurring and the impact that it would have on the project if it were to occur.  For the sake of simplicity, let’s categorize both the probability and impact of a risk into high and low categories.  Then we have the following matrix for negative risks and positive risks:

Probability Impact Strategy (-) Strategy (+)
High High Avoid Exploit
Low High Transfer Share
High Low Mitigate Enhance
Low Low Accept Accept

3.  Strategies for negative risks or threats

a.  Accept

As can be seen, if the risk is low in terms of probability and impact, you can simply accept it.   Accepting a risk does not mean ignoring it:  risks in these categories that are accepted are put in a watch list.   During the course of the project, this watch list should be reviewed to see if the probability and/or impact of the risk has increased.

b.  Avoid

On the opposite end of the scale, if the probability and impact are high, you should so all you can to avoid that risk.    Some ways of avoiding risk are by clarifying requirements so that the potentially high-risk portions of the scope are excluded, or if the risk is to the schedule, by extending the schedule.

c.  Transfer

Now, if the impact is high and the probability is low, you may want to transfer  the risk to a third party.    Examples in the case of manufacturing would include the purchasing of product liability insurance or, if the risk has to do with a certain component, outsourcing the manufacturing of that component to a company that is better equipped to handle it.

d.  Mitigate

A fourth strategy occurs when either the impact or the probability is high, and that is to mitigate the risk by lowering the probability of it occurring, or reducing the impact on the project if it occurs.

4.   Additional Risk Strategies

Besides the basic four strategies listed above, there are more specific strategies that are mentioned in the Global Risk Report.    Most of these are for the reduction of the potential impact of a risk if it were to occur, so they can be considered specific examples of the general “mitigate” strategy listed above.

Risk Strategy Explanation
Accountability Measures Finding ways to incentivize individual employees   not to cut corners in ways that would normally be undetectable but would   increase a firm’s vulnerability in a crisis, such as failing to maintain   back-ups. Some firms hire external consultants to assess how effectively they   are mitigating risks identified as priorities.
Supply-chain Diversification Sourcing supplies and raw materials from   multiple providers in different locations to minimize disruption if one link   in the supply chain is broken. Another hedge against sudden unavailability of   inputs is to maintain an excess inventory of finished products.
Early-Warming Systems Some firms employ their own teams to scan for   specific risks that may be brewing, from political crises, for example, to   storms off the coast of Africa that may become hurricanes in the US in the   next fortnight.
Simulations and tabletop exercises Many firms simulate crisis situations; for   example, by making critical staff unexpectedly unavailable and assessing how   other employees cope. Such exercises can capture lessons to be integrated   into the risk-management strategy.
Back-up sites Many firms are set up so that if one or more   factory or office becomes unusable, others are quickly able to assume the   same functions.

5.  CONCLUSION

This gives an example of the kind of risk response thinking that firms use in project management and in enterprise-level risk management.   These principles must be adapted to global risks, and the next post will give examples of risk response strategies discussed in the Global Risk Report 2014.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: