Development áhà | ttustýringarstefnunni


All organizations aim to run a risk free activity, although the truth is that no matter how careful they are there is always a risk of exposure to unexpected and unplanned for threats.

perform risk management policy of the organization is the best way to identify and manage these threats before they become costly problems.

Embedding such a policy within the daily operations also helps to make well-informed decisions that take decisions to better understand and assess the wider impact their actions have

For organizations that do not yet have such policies in place, there are a few basics to include within its development :.

a) Risk assessment and analysis

What threats are presented to the organization now and in the future? Are there any weaknesses that leave the organization at risk? Consider information, assets, personnel, reputation, legal, financial and technical factors that may be at threat.

This stage of the process should also consider what controls and measures already in place to deal with risks. This will help to identify any weaknesses in the current risk strategies that need strengthening.

b) Risk ranking

To help carry out this task and it is a good idea for companies to adopt some kind of risk classification. This helps identify and assess risks in a consistent manner and focus on budgets.

Ranking of risk within regulated is a useful exercise. Categories for ranking could how significant the risk is. High, medium or low priority. And the activity, is it financial, legal, management or strategic?

c) Action Plan

Action Plan details how each risk will actually covered and by whom. The program will allocate each risk class person or department and make clear expectations to deal with the threat.

plan will also discuss resources available to deal with risk, the feasibility of the proposed remedial activities and a

Reviewing risk needs to be an ongoing process deadline for completion.

d) Evaluation and review .. Risk management activities should be reviewed periodically to ensure its effectiveness’ and uncover any weaknesses.

Where weaknesses emerge this gives the opportunity to update and strengthen the process repeated threats.

e) Compliance

If necessary, the strategy should also ensure monitoring and measures in place in accordance with the quality standards and corporate governance.

f) Review and improvement of

risk are evolving beast and should be constantly monitored to ensure that they remain relevant and effective. New threats require incorporation, less significant risks may need to be removed. Budgets may need to update and responsibilities transferred to the outcome. All this will ensure strong policy that is ready to meet the threats of the organization now and in the future.

When implemented exit strategy requires careful management to ensure that it meets the statutory and obligations. Using risk management software is an effective, consistent and cost effective approach to automating the main risks for the operator processes throughout the organization, while meeting the necessary checks and actions.


Leave a Reply

Your email address will not be published. Required fields are marked *