The risk management process

The main risks from the "Risk identification and assessment" phase must be analyzed in detail.

This analysis helps integrate the main risks. The company's governing body must come up with a reasonable strategy and define the necessary measures adapted to all of the risks.

Risk management process

The analysis must include the following elements:

analysis of causes and effects,
quantitative assessment, and/or
qualitative assessment

Detailed analysis of the risks in three steps

Graphic. Shows the three stages of detailed risk analysis

Holding a meeting to analyze the main risks in detail ensures a uniform understanding of risk within the company and within each department/production center. The risks must be attributed to the people (risk managers) in charge of constantly monitoring them.

Risk management strategies should be developed and implemented for all of the main risks. These risks may be:

accepted
reduced
avoided
transferred

They should be monitored constantly so that changes may be accounted for. A combination of risk-management strategies is often used and implemented in the planning of measures.

Sample action plan

Risk no. and name	1	Technological changes that could put the company in danger
Risk manager	Hans Mustermann, Head of Technology
Risk category	O external	O strategic	O operational	O financial
Description of the risk	Different technologies have launched recently on the market that may endanger the company's commercial model. If competitors release new products on the market faster than Muster SA, the consequences could be serious.
Factors/causes of the risk	Reports of new products being released on the market Insufficient investment in R&D Poor strategy in establishing the product portfolio
Risk strategy	O accept	O reduce	O avoid	O transfer
	Aggressive adaptation of strategies and measures in order to put together a high-yield portfolio Market leader in developing substitute products and analyzing opportunities
Existing measures	250% increase in R&D budget for the previous fiscal year Introduction of new measures to recruit employees with R&D skills

Action plan	Manager	Major step	Date	Status
1. Prepare prototypes for marketing	Hans Muster	Prototype 1 Prototype 2	09/30/20XX 12/31/20XX	open open
2. Acquire a replacement supplier	Fritz Muster	Acquisition offer	06/30/20XX	initiated
3. Recruit two new R&D employees	Anna Muster	Hiring of employee 1 Hiring of employee 2	06/30/20XX 07/31/20XX	completed completed

Action plan

Manager

Major step

Date

Status

1. Prepare prototypes for marketing

Hans Muster

Prototype 1

Prototype 2

09/30/20XX

12/31/20XX

open

2. Acquire a replacement supplier

Fritz Muster

Acquisition offer

06/30/20XX

initiated

3. Recruit two new R&D employees

Anna Muster

Hiring of employee 1

Hiring of employee 2

06/30/20XX

07/31/20XX

completed

Source: KPMG Schweiz, Methodik zur Einführung eines Risikomanagementsystems, 2008

Sign up to our SME newsletter to stay informed.

Informations

Download

Risk Management Action Plan (2008) (DOC, 39 kB, 14.11.2019)KPMG Switzerland