implementing an effective risk management strategy based upon knowledge peter scott

Implementing an effective risk management strategy based

upon knowledge

Peter Scott

PETER SCOTT CONSULTING

What is Risk?

“Chance of bad consequences”

The concise Oxford Dictionary


What is Knowledge?

“The sum of what is known”

The concise Oxford Dictionary


Risk

Management

Knowledge

Management

An integrated strategy


Law Firm Risks

Peop

le

Op

eration

alRegulatory

IT

Co

mp

etit

ion

/bu

sin

ess

Eco

no

mic

,p

olit

ical

,fi

scal

Financial

Asset

Reputational

Management


Risk/KM

Risks are inter-related

Failure to manage knowledge

involves widespread risk

KM is an essential part of an

integrated risk management

strategy


Example: Reputational Risk

OperationalPeopleRegulatoryIT Competition & Business MarketsEconomic, Political & FiscalFinancial Assets

Interaction with Knowledge/KM?


Law Firm Risks

Peop

le

Op

eration

alRegulatory

IT

Co

mp

etit

ion

/bu

sin

ess

Eco

no

mic

,p

olit

ical

,fi

scal

Financial

Asset

Reputational

Management


Management Risks

Is your management in control of its knowledge and managing your risk?


Your Risks?

Where does the knowledge relating to your risks reside?

Can you access it?

Can you capture it?

Can you maintain and upgrade it?


Implementing a Risk Strategy

DIAGNOSIS

Identification and assessment

MITIGATION

Control, transfer and avoidance

MONITORING

Tracking and reporting

When a risk crystallises

LIMITATION

Minimising the effect of

crystallised risks


Risk Identification Involves:

Being management drivenBrainstormingFacilitated discussionsQuestionnairesTop down/bottom up


Risk Diagnosis

Assess severity of high-level risks

Identify high level risks

Set criteria for assessing risks

Identify detailed risks

Assess severity of detailed risks

Risk map

Risk summary


Risk Assessment

Incidence - probabilityImpact - severity


Risk Mapping


Risk Mitigation

Designed to:ReduceAvoidAcceptTransfer


Risk mitigationRisk map

Risk summary

Consider impact/probability

correlation

Required controls

summary

Insurance requirements

summary

Contingency plan

requirements

Residual risk

summary

Consider available mitigation techniques


Monitoring involves

Tracking and reportingComparing actual outturns to preset indicatorsConfirming effectiveness of risk responsesReporting compliance and exceptions


Risk monitoringRequired controls

summaryContingency

plan requirements

Insurance requirements

summary

Set risk indicators and methods to monitor them

Annual Risk Management

Report


Limitation involves

Risk crystalisation scenarios Contingency plansLimitation proceduresPost event assessment


Use of IT Use an integrated risk management system to quantify, assess and control risk by :

streamlining diagnosis, mitigation and monitoring

embedding common risk management procedures

providing information access to all who need it

creating and maintaining one central, up to date risk database


Example – Risk Summary – an overview of risks


Example – Detailed Risks


Example - Controls


Example - Questionnaires


Example – Final Evaluation


Advantages of a formal risk management process?

Structured approach focuses on key risksElimination of redundant proceduresComfort / assurance to PI insurersUniversal application to all risk areasContinuous monitoring ensures management of risk is “lived” day to day


Risk/KM

Risk

Management

Knowledge

Management


Implementing a Risk Strategy

DIAGNOSIS

Identification and assessment

MITIGATION

Control, transfer and avoidance

MONITORING

Tracking and reporting

When a risk crystallises

LIMITATION

Minimising the effect of

crystallised risks


Any questions?

implementing an effective risk management strategy based upon knowledge peter scott

Documents

knowledge peter scott

peter scott consulting

peter scott consulting

control risk

widespread risk

transfer slide

annual risk management

integrated strategy