Fundamentals of Risk Management
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
- Bu sahifa navigatsiya:
- Risk strategy 230
|
ensuring compliance
The reasons for undertaking risk management activities are described as mandatory, assurance, decision making, and effective and efficient core processes (MADE2). Core processes are identified as strategic, tactical, operational and compliance (STOC). There is a clear link between the reasons for undertaking risk management and the effectiveness and efficiency of core processes. Mandatory requirements are fulfilled by organizations, because they are required by stakeholders. Stakeholders who can impose mandatory requirements include regulators, customers/clients and financiers. Mandatory requirements have to be fulfilled and this will be undertaken by the organization by ensuring that effective and efficient compliance core processes exist within the organization. Failure to comply with stakeholder requirements can have significant implications for most organ- izations. In the extreme, failure to comply with the mandatory requirements of a licence may result in that licence being withdrawn by the regulator and that could jeopardize the existence of the organization. In almost all cases, there will be a number of ways in which the mandatory requirements imposed by stakeholders can be fulfilled. Although compliance core processes need to be effective and efficient, there will be risks involved, and risk Risk strategy 230 management input will have a significant role to play in designing the compliance processes, protocols and procedures. This is an example of how risk management expertise and support can enable an organization to achieve compliance in a way that is not only effective, but also can be efficient to the extent that it becomes a competitive advantage. The culture within many organizations will be highly compliant with a strong desire to comply with the mandatory obligations placed on the organization. This is a positive attribute and underpins the ethos of the organization, but if compliance is not achieved in an effective and efficient manner, wasted resources and competitive disadvantage will result. Part of the role of risk management professionals is to facilitate the development of effective and efficient compliance core processes that achieve compliance in the most cost-effective manner. For example, most organizations will have mandatory health and safety requirements placed on them by legislation and enforced by a regulator. Some organizations may complain about the statutory obligations that are placed on them, and seek to avoid compliance if they believe there will be no consequences, or they think that they can ‘get away with it’. An organization with a more sophisticated approach to risk man- agement, as illustrated in Figure 4.2, will adopt the approach that achieving compliance with health and safety requirements will not only improve operational efficiency, but a good safety record could be a factor in securing new contracts and new clients. Download 3.45 Mb. Do'stlaringiz bilan baham: 
|