My OpenLearn Profile

Personalise your OpenLearn profile, save your favourite content and get recognition for your learning

Create account / Sign in

Course content Course content

Understanding and managing risk

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

More free courses

Summary

So far, we have been concerned with defining risk and with answering two questions: what types of risk and how much risk is an organisation exposed to?

In this context, risk can be described as an uncertain future outcome that will improve or worsen the organisation’s position. Risk can be expressed in probabilities of an upside or a downside outcome.

Risk management is the process whereby an organisation assesses the types and degrees of risk to which the business is exposed, the effects of those exposures and then formulates a risk mitigation strategy. The process as we have described it can be broken down into five stages:

Stage 1: Identify risk exposures
Stage 2: Measure and estimate risk exposures
Stage 3: Assess effects of exposures
Stage 4: Form a risk mitigation strategy
Stage 5: Evaluate performance.

The major risk categories include market, credit, liquidity, operational, legal and regulatory, business, strategic and reputational.

There are two main ways of thinking about the possible results of risk exposure: either by focusing on the expected return method or upon possible outcome versus return. Expected return can be calculated by estimating the total of every outcome multiplied by its probability. This then allows the organisation to accept avoidable risk only if the expected return is positive. It also allows the organisation to choose the option with the highest expected return and to avoid, where possible, catastrophic outcomes.

This expected return analysis leads to the collection of data on:

why the organisation is exposed and whether the risk is avoidable
the size of the risk – graded perhaps from 1 to 10 (an exercise that is admittedly difficult if you are solely relying on qualitative assessments)
the warnings of possible catastrophic outcomes
the costs of accepting or avoiding risks
the identification of links to other risks.

The allocation of risk capacity can then be done by ranking risks as follows:

risk unavoidable except by ceasing non-core activity
avoidable risk, core activities
avoidable risk, non-core activities
selectable risk.

We now turn to examine in some detail one of the risks faced by all organisations – operational risk.

Previous Stage 5: Evaluate performance

Next 3 Operational risk

Take your learning further

Making the decision to study can be a big step, which is why you’ll want a trusted University. We’ve pioneered distance learning for over 50 years, bringing university to you wherever you are so you can fit study around your life. Take a look at all Open University courses.

If you’re new to university-level study, read our guide on Where to take your learning next, or find out more about the types of qualifications we offer including entry level Access modules, Certificates, and Short Courses.

Want to achieve your ambition? Study with us and you’ll be joining over 2 million students who’ve achieved their career and personal goals with The Open University.

Browse all Open University courses

My OpenLearn Profile

About this free course

Become an OU student

Download this course

Share this free course

Summary