Prelude
Centre Point Systems is a large organization involved in the manufacture and distribution of computer hardware and other accessories. Center Point Systems manufactures networking switches, computer systems, printers, among other products. Centre Point Systems has a huge employee base of over 1000 dedicated professionals spread across five departments i.e. administration, sales, human resource, logistics and finance departments. Each department has a departmental chief and several operational managers under the chiefs. This company has an annual turnover of over $7,950,000 accrued from the sale of its products around the world.
This report outlines the need to have a risk manager and the importance of risk management in Center Point Systems. The report further outlines tenets of the new international standard; AS/NZS 31000 standard, which when implemented at Center Point Systems will improve operations and sharpen the competitive edge of the organization. This report discusses in detail the benefits of adopting modern risk management approaches in an organization.
Need for Risk Manager at Centre Point Systems
A Risk can be defined as the probability of an unscheduled happening leading to dire consequences unless it is mitigated (BroadLeaf Capital International PTY Ltd, 2007). For established businesses like Center Point Systems, risks mean a devastating disaster in waiting; if left unchecked. Because of the services, it offers to its clientele around the world and the focus it places on growth and expansion, a risk manager, at Center Point Systems, is a necessity. The need for systematic risk management grows with the increase in organizational size. Further, the type of business also may warranty keenness on systematic risk management. Centre Point Systems manufactures items that are risk-averse.
Systematic risk management helps against any threat to the organization’s operations. Risk managers are an essential resource in an organization as they coordinate risk management-related functions in an organization. A risk manager has an enormous role. First, risk managers monitor, capture and analyze risks related information. The capacity to monitor, capture and analyze risk-related information makes the risk manager better positioned as a spokesperson for the organization to important external partners e.g. creditors. The risk manager is better placed to speak on behalf of the organization where major reviews and reporting on risk averseness is of essence
Another important role of a risk manager is planning for risk mitigation. The information gathered by risk managers is used in planning for risk mitigation. It means that from the data collected and analyzed, forecasts into possible risks and their characteristics are made. The risk forecasts help in planning for risk mitigation.
The final role of the risk manager is to ably apply his or her expertise and implement systems that ensure organizational or operational safety. This involves working closely with other departmental heads to ensure that all systems are working to the required standards; where there is a problem, the risk manager applies expertise and models to devise remedies.
The risk manager also ensures awareness about risks is enhanced in an organization. These can be done through formal training or organizing meetings at which risks are discussed. Such measures help to ensure that there is continuous improvement of safety measures in an organization. Continuous risk-related training also ensures all employees are involved in risk management thus yielding good results in the organization.
Importance of Risk Management in Centre Point Systems
Risk management is an important issue that has to be looked into by each organization’s management. The risk management plans, formulated for Center Point Systems, utilize the right procedures and processes to manage the occurrence of risks. An organization can be safeguarded and increase its survival rate by having in place an elaborate and efficient risk management policy to guide operations. By prompt identification of risks, prior to the occurrence, organizations have an opportunity and space to adjust and to instigate ways of harnessing the risk potential.
Inline with the new international Standard, AS/NZS 31000 Standard, a risk manager will introduce into Center Point System’s operations a number of elaborate risk management measures. The first concern in risk management is risk identification. Risk identification involves the process of locating, recognizing and analyzing risks. It encompasses factors such as identifying risk sources, events associated with it, the causes and the consequences the risks might have on an organization. Risks can be clearly identified by using forecasting bases such as historical data, informed or expert opinions, theoretical analysis and involving stakeholders, e.g. employees, in brainstorming sessions.
The second aspect or concern of risk management is risk analysis. Risk management helps in documenting all possible risks that an organization can face or has faced. Such risks may be strategic, financial, safety-related or operational, among others. Through analyzing the causes or sources of risks, Center Point Systems can apply prompt measures to protect itself hence improving its survival mechanisms and ensuring success is achieved. In the long run, risk management plays an integral responsibility of facilitating strategic planning and change management.
Once risks have been analyzed, ways of dealing with them are instituted. Risk management clarifies the essence of how to tackle the risks that are prevalent in an organization. Each risk is evaluated and possible ways of dealing with it advanced. From the different possible management ways, the best is chosen and implemented.
Further, proper risk management will help the management at Center Point Systems in making informed decisions and choices. Part of the choice process is prioritizing the courses of action and providing safety nets incase instituted measures or processes do not work. Having alternative courses of action is critical towards ensuring business recovery is guaranteed. Therefore, risk management is very important because it assists organizations in business recovery planning.
Part of the risk management process will consist in stipulating and outlining the framework for disaster planning and management. Proper disaster management or planning helps to minimize the effect of disaster in an organization. Equipment and other materials are very important in an organization and hence need to ensure they are protected or can be replaced in case of loss or damage. Risk management ensures clear and elaborate policies and frameworks are in place for dealing with any loss or damage to a company’s property.
In this information age, data security is of critical concern in organizations. Risk management helps an organization avoid information security-related risks such as a scam. A risk manager at Center Point Systems will institute measures to eliminate the risk of scams and the effect that they would have on the organization. Part of the measures in the offing includes providing mechanisms to investigate scam sources, filtering information and maintaining records of the filtered information so as to keep track of internet-related breaches of security.
Risk management is not just about threats from the external environment. It also ensures internal sources of risks are well looked into (BroadLeaf Capital International PTY Ltd, 2007). One example of internal risk is shop theft. Risk management looks into the effects of internal customer misconduct on an organization and devises ways of dealing with such.
AS/NZS 31000 Standard
The risk management plan to be implemented at Center Point Systems will be based on the new international standard called AS/NZS 31000. To effectively handle risk management, new risk management standards have evolved in keeping with modern technological changes. These standards have simplified work and made project and organization risk management simple.
One of the modern international risk management standards is the AS/NZS ISO 31000 standard. This is an enhancement of the previous, AS/NZS 4360 standard (Knight, 2009, 1). It is a standard that has been developed to aid both private and public organizations to improve by benchmarking their risk management processes. The standard is well structured and is viable for the achievement of needed results in any given project.
Just like in the AS/NZS 4360 standard, the AS/NZS ISO 31000 standard recommends a five-step implementation process. The initial step is the establishing of objectives and contextualizing the risk management process. The second step is to identify the risks. The third step involves analyzing the probability of given risks occurring and tabulating their consequences. The fourth step is evaluating and weighting identified risks according to likelihood to occur and consequences. Finally, the fifth step is dealing with the risks using the most suitable options and measures.
Despite the similarity in the implementation process, AS/NZS ISO 31000 standard differs from AS/NZS 4360 standard in a number of ways. The new standard focuses more on the harmonization of processes (Knight, 2009, 2). It requires that organizational objectives are harmonized with the risk management objectives. Secondly, this standard focuses on the decentralization of risk accountability. Finally, this standard entrenches an organization-wide risk reporting structure.
AS/NZS 31000 risk management standard is designed to cater to the special characteristics of both private and public organizations. Therefore, this standard is flexible and can be used in any organization. The implementation of this standard requires the setting up of risk management teams to facilitate the process of risk management. The teams, led by risk management experts or officers, are responsible for the inputs necessary for the implementation of the standard. The risk management experts need to have risk analysis expertise. Further down, the standard stipulates the identification of line managers or project managers that are knowledgeable in risk management. The teams follow a specific methodology in line with the standard stipulations to implement risk management mechanisms in the organization. Each operation has to comply with the risk standard and internal auditors are engaged to ensure compliance. Finally, there is the engagement of independent risk management practitioners who assure the process or implementation is to specifics. The methodology to be used is flexible enough and takes into account or requires that organizational objectives are well factored in its implementation.
One of the key concerns’ management may have about the implementation of the new standard is costs. The implementation of AS/NZS 31000 standard is very cost-effective. The standard requires the setting up of small teams thus managing budgetary constraints. Secondly, the standard requires that risks are weighted and prioritized. The prioritization of the risks and measures ensures that resources are spent only on warranting cases. This standard is detailed and once well implemented, it will help make risk control, maintaining of budgets and data security very easy. To guarantee success, the standard requires that all employees are trained to facilitate their proper participation in the process.
Finally, the introduction of AS/NZS 31000 has to be catered for in the company’s strategic plan and operational plans. Inclusion is important because the standard’s implementation necessarily leads to changes in the organization. In some cases, full implementation of the standard may require changes to the organizational structure. If the organizational structure is okay, then changes to individual employees’ roles may be affected to ensure proper risk management. Therefore, top management commitment and involvement are critical in the implementation of risk management programs. The top management has to be actively involved and participate in facilitating information sharing or awareness about the standard. Awareness is critical because AS/NZS 31000 requires input from both staff and management.
Impact of Adopting AS/NZS 31000 Standard on an Organization
The introduction of the new international risk management standard will impact positively on operations at Centre Point Systems. The new standard will transform how business is done by Centre Point System. One of the important contributions of the new standard is helping organizations towards continuous improvement. The new system enhances continuous improvement with regard to risk management by outlining and setting an overall continuous strategy that allows for improvement on a regular basis. The measurement and performance indicators stipulated by the standard are a good indicator of the organization’s overall performance.
The standard requires that, when setting risk management objectives, only measurable objectives both at strategic, business and operational levels are made. Further, it requires or demands from all employees and managers in organization transparency in all their engagements. The risk management performance assessment is a vital aspect of an organization’s growth and is used to quantify the quality of the system, departments and the individuals involved.
Apart from entrenching or supporting continuous management as a culture in Center Point Systems, the new risk management standard will help the organization to full accountability for risks. Full accountability for risks means that the established risk management system will delineate clearly all individuals’ responsibilities in relation to identified risks. The risk management plan will outline clearly the control actions that ought to be taken by responsible parties. Each individual employee will be liable and accept responsibility for what happens during their work.
Members of the risk management team should have the appropriate ability, skills and resources to analyze controls, monitor risks and disseminate information elaborately about the risks to both external and internal stakeholders. This is why bringing on board a risk management expert is of critical essence. The dissemination of information is critical because it helps the employees in the whole organization to become conscious of the risks, controls and available tasks for which they can be held responsible.
To achieve accountability in Centre Point Systems, job descriptions, available databases and information systems have to be elaborate and clear. The definitions of risk management responsibilities and accountabilities should be planned early enough and incorporated into new employee induction plans. This ensures that every employee knows his or her role to play in an organization. Infusing accountability measures into organizational operations is important because in an organization is important because it helps build a culture of trust. Trusting employees with authority, time and resources enables them to enjoy their duties and do their work with fortitude and integrity.
The adoption of the new risk management standard is crucial because it helps towards better decision-making and planning. Through the use of teams and project leaders at every level of operations risk management decisions are decentralized. Risk management will no longer be just a senior management’s concern. Instead of decision-making being a preserve of top management, lower cadre employees are empowered to make risk-related decisions in their daily work. The new standard encourages the participation of all employees. This leads to total risk management as opposed to top-directed measures.
Conclusion
In conclusion, for any large organization to realize growth and development, without having to deal with unanticipated changes or disasters, systematic risk management has to be embraced. Systematic risk management requires that a risk management expert is brought on board and risk management teams formed.
A systematic approach to risk management helps an organization to identify, analyze and address risks. This process is important because it helps give organizations a competitive edge and stability in the marketplace. Risk management when done properly encourages a quality culture in an organization. It roots for total employee participation in a process that ensures continuous improvement and quality deployment in all operations. Continuous improvement and quality deployment, as illustrated by success in Japanese firms, lead to customer delight.
There are international standards that provide guidelines or a blueprint; making risk management easy and effective. Center Point Systems, in line with AS/NZS 31000, a new international risk management standard, will have to create risk management teams and devolve risk accountability in the organization. The implementation of such a standard will help Center Point Systems realize its objectives without fear of the unknown. Compliance with international standards helps create credibility for organizations that trade internationally. If the new standard is successfully implemented at Center Point Systems, it will help position the organization higher up the scale of internationally credible companies. It is for these reasons that strategic risk management has to be embraced at Centre Point Systems and the New International Risk management standard Implemented.
References
BroadLeaf Capital International PTY Ltd, 2007, Tutorial Notes, the Australian and New Zealand Standard on Risk management: AS/NZS 4360, Web.
Knight, W. K., 2009, Future ISO 31000 standard on risk Management, ISO Focus, Web.