Developing Risk Management Strategies
Assignment Brief
Indicative content: Assignment 7022- Developing risk management strategies
Task 1
Assessment Criteria & Indicative Content
A.C. 1.1 – Explain the Meaning of Risk Management to an Organisation
-
Define risk management in an organisational context.
-
Reference relevant academic and industry sources.
-
Discuss:
-
Strategic risk and risk management.
-
Risk in organisational/operational contexts.
-
Risk vs. uncertainty.
-
Strategic integration of risk management.
-
Unforeseeable risks (e.g. Nassim Taleb).
-
Predictability vs. unpredictability.
-
Types of strategic risk: operational, financial, corporate, environmental, and project risks.
-
Risk and legislation.
-
Risk and stakeholder perception.
-
A.C. 1.2 – Determine Roles and Responsibilities at Senior Management Level
-
Build upon A.C. 1.1 with focus on senior management.
-
Discuss:
-
Senior management responsibilities.
-
Attitudes to risk (Hurwicz, Wald, Savage, Laplace).
-
Managing irrational risk (Taleb).
-
Risk vulnerability (Allan and Beer).
-
Managing complexity, uncertainty, and ambiguity.
-
Dynamic risk management.
-
Senge’s ladder of inference.
-
A.C. 1.3 – Evaluate Risk Management Models
-
Evaluate at least two risk management models.
-
Include:
-
ERM approach – COSO ERM framework (pros/cons).
-
MoR (Management of Risk) framework (pros/cons).
-
GRC capability model – OCEG Red Book (pros/cons).
-
ISO 31000:2009 standards (pros/cons).
-
Organisation’s risk policy, objectives, and plan.
-
Slywotzky and Drzik’s six steps to managing strategic risk.
-
Strategic objectives, KPIs, and risk.
-
Guideline Word Count: 800–900 words
Task 2
Assessment Criteria & Indicative Content
A.C. 2.1 – Evaluate Risk Management Criteria
-
Evaluate six risk management criteria.
-
Discuss:
-
Risk management process – ISO 31000:2009.
-
Rational approach to decision-making.
-
WBGU risk classes and strategies.
-
Risk profile and risk appetite.
-
Strengths and weaknesses of each criterion.
-
A.C. 2.2 – Critique Techniques to Identify and Quantify Risk (Including Interdependencies)
-
Critically analyse techniques used for risk identification and quantification.
-
Discuss:
-
Risk identification and interdependency – ISO Guide 73:2009.
-
Risk analysis techniques and factors.
-
Scoring methods – limitations and issues.
-
Tools/techniques: radar charts, FMECA, probabilistic risk analysis, Monte Carlo analysis.
-
Guideline Word Count: 800–900 words
Task 3
Assessment Criteria & Indicative Content
A.C. 2.3 – Develop Strategies to Eliminate, Mitigate, Deflect, or Accept Risk
-
Select 4 risks:
-
Eliminate 1.
-
Mitigate 1.
-
Deflect 1.
-
Accept 1 (include reduction plan if applicable).
-
-
Justify chosen strategies and compare with alternatives.
-
Discuss:
-
Risk evaluation.
-
Types of risk treatment strategies: avoidance, reduction, transfer, retention.
-
Real-world/workplace examples encouraged.
-
A.C. 2.4 – Communicate, Resource, and Manage Risk Strategies
-
Detail communication and resource management.
-
Discuss:
-
Communication methods – Shannon and Weaver.
-
Role allocation and resourcing.
-
Financial controls and corporate governance.
-
Policy dissemination – Stafford Beer’s VSM (optional).
-
Risk treatment plan.
-
Cost-benefit analysis and funding.
-
Guideline Word Count: 800–900 words
Task 4
Assessment Criteria & Indicative Content
A.C. 3.1 – Evaluate the Outcomes of Risk Management Strategies
-
Evaluate potential outcomes of Task 3 strategy.
-
Assess impact on organisation and stakeholders.
-
Discuss:
-
Strategic risk evaluation – Hubbard.
-
Scope of evaluation.
-
Issues with control systems (Hubbard).
-
Tools: HM Treasury, EFQM Model.
-
A.C. 3.2 – Determine Actions to Respond to Strategy Outcomes
-
Identify actions arising from outcomes.
-
Discuss:
-
Improving strategic risk management – GRC capability.
-
Over-optimism – Hubbard.
-
Treasury and Risk’s 2009 ERM.
-
Guideline Word Count: 800–900 words
Task 5
Assessment Criteria & Indicative Content
A.C. 3.3 – Devise a Disaster Recovery Plan
-
Develop a disaster recovery plan for a familiar organisation.
-
Include:
-
Planning for disaster.
-
Business impact analysis (BIA) – BCI.
-
Ingredients and format of a BIA.
-
Resource implications.
-
A.C. 3.4 – Examine Influences on Reviewing the Disaster Plan
-
Identify and explain influences affecting plan reviews.
-
Discuss:
-
Organisational review processes.
-
Best practices for review.
-
Access to individuals and data.
-
Size of organisation.
-
Environmental and legal issues.
-
Guideline Word Count: 800–900 words