-to insert a zurich picture click on the "camera"-icon in the zurich ci toolbar and follow...
DESCRIPTION
© Zurich Insurance Company CONFIDENTIAL 3 © Zurich Why do we bother with risk management?TRANSCRIPT
CONFIDENTIAL
Risk Management 13 October 2015 Alan RossGlasgow Caledonian UniversityZurich Risk Engineering
CONFIDENTIAL 2© Zurich
Introduce you to the principles of effective risk management
Discuss the benefits of risk management
Prepare a mini Risk Register for– Your school or department – A project you are involved in
Provide an overview of Risk management in GCU
Purpose of the session
CONFIDENTIAL 3© Zurich
Why do we bother with risk management?
CONFIDENTIAL
Why do we bother?
03/05/23 4
Push Factors
Reasons we have to: -•Auditors & inspectors •Corporate governance / good management practice •Stakeholders & partners
Pull Factors
Reasons we like to: -•Feel more confident about achieving aims & objectives•Look forward to predict & avoid problems •Proactive approach rather than reactive; or knee jerk •Protect and enhance your reputation •Feel better about taking risks•Ensure risks taken are within the University's ‘appetite for risk’
CONFIDENTIAL 5© Zurich
Ensures risks and uncertainties are considered early in the project management process
Provides increased confidence in investment and management decisions
Allows appropriate contingency plans or exit strategies to be put in place - without the delay of figuring out what to do
Risks and responses can be documented as an historic record for future reference; helps learn lessons for the future
Enables more effective communication between partners and stakeholders about risk
Benefits of Project Risk Management
CONFIDENTIAL 6© Zurich
Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.
A definition
CONFIDENTIAL 7© Zurich
How do we do risk management ?
CONFIDENTIAL
GCU Risk Management Framework
8
CONFIDENTIAL
Risk Management Process
9
Manage
Evaluate
Identify
RisksMonitor & Review
CONFIDENTIAL 10© Zurich
Your turn – risk identification
In your view what are the most significant risks to your project?
– What might stop you delivering your aims & objectives? – Where have problems occurred in the past?– Are there lessons we can learn from others?– What can we not afford to go wrong?– What could prevent us from delivering?– What could impact on the quality of the ‘end product’?– What assumptions have we made that could turn out
differently? Think about each risk in terms of its cause(s) & possible
consequences
CONFIDENTIAL
Case Study
Heart of Campus
Major capital project for campus renovation - approx £25m over 5 years.
Step change in attractiveness of University to potential students
Increased opportunity for income
If successful will help the sustainability of the University in the medium to long term
11
CONFIDENTIAL
Risk Management Process
12
Manage
Evaluate
Identify
RisksMonitor & Review
CONFIDENTIAL
Evaluation / Prioritisation
1305/03/23
CONFIDENTIAL
Risk Management Process
14
Manage
Evaluate
Identify
RisksMonitor & Review
CONFIDENTIAL 15© Zurich
Risk Control / Management
What are our options for managing a risk?
Broadly there are 4 options:
1. Tolerate the risk2. Transfer the risk (critical when working with 3rd
parties) 3. Terminate the risk 4. Treat the risk
CONFIDENTIAL 16© Zurich
Risk Control / ManagementOptions: Early warning indicators, can be formal or informal Strategies and policies Quality assurance process Checking and control procedures Managerial and supervisory controls Monitoring key indicators Staff skills , training & qualifications Planning, budgeting & reporting Internal & external reviews Contractual arrangements Vetting of partners & suppliers Internal & external communications Physical controls Back up & recovery arrangements / contingencies or exit
strategies Project management governance arrangements
CONFIDENTIAL
Risk Management Process
17
Manage
Evaluate
Identify
RisksMonitor & Review
CONFIDENTIAL 18© Zurich
Risk Monitoring Discussion
Key questions to answer?
Reporting – Internal & External Who must see the risk register, when, and how often? Who should we share the risk information with, and how
often?
Updating How often should we review risk information?
– Monthly, quarterly etc
CONFIDENTIAL 19© Zurich
Risk Appetite – Overview
Definition “the amount or type of risk the University is prepared to
tolerate in order to achieve its strategic aims and objectives”
CONFIDENTIAL 20© Zurich
Risk Appetite – Overview
Why?Underpins the decision making process
Gives an indication of the risks which are acceptable to the University
Helps ensure the response to risk is appropriate
It’s about balancing risk and costs with benefits
CONFIDENTIAL 21© Zurich
Risk Appetite – Key Points
Little appetite for risks to University’s mission
Open to risks related to global engagement & enterprise & innovation
Significant risk exposure should only be accepted when benefits are also significant
If exposure exceeds appetite then this should be discussed with whoever signs off your project
CONFIDENTIAL 22© Zurich
Risk Appetite – Key Points
Even if the financial limitsare within an individual’s delegated authority, where the activity will result in a level of risk exposuregreater than the University’s risk appetite in that area, then delegated authority must be escalatedto Executive Board
CONFIDENTIAL
GCU Risk Management
CONFIDENTIAL 24© Zurich
Questions ?
CONFIDENTIAL
Risks you face?
Political situation (UK and abroad)
Over reliance on 1 or 2 income streams, e.g. 1 or 2 key customers, or students from a particular country
Economic situation Academic reputation Change management Major events or field trips Data protection / management
of information Skill sets & other workforce risks Recruitment & retention of staff Funding cuts or changes
• Compliance with regulations, law or internal policies & procedures, e.g. UK Visas & Immigration
• Loss of IT or other important infrastructure
• Contractual, supplier or partnership risks
• Change in government policies • Health & safety • Student / customer satisfaction • Competition with other
institutions • Major projects • Compliance
03/05/23 25