Learning from controls
The various examples considered in this chapter give an oversight of the wide range
of hazard risks that can be faced by an organization. There are many other examples
of risks that have been discussed throughout this book. A constant feature of all
types of hazard risks is that decisions have to be made on the most appropriate and
cost-effective controls that should be introduced.
Uncertainty in terms of likelihood, impact and consequences is at the heart of risk
management. Both Figures 23.2 and 23.4 illustrate that judgement is required when
undertaking risk analysis and risk evaluation, as well as when consideration is being
given to existing controls and the need for additional controls. In all cases, judge-
ment based on the best available information is required.
Another important advantage of seeking to learn from controls is that unnecessary
and inappropriately complex controls will be identified and steps can be taken to
remove the control, modify it or replace it with a more cost-effective option. Risk
assessment activities should take account of the continuing review of controls that
FIgURE
23.3
Learning from controls
• Management oversight
• Post-implementation review
• Decide adequacy of control
4. Learning
(continuous improvement)
• Investment appraisal
• Design of control
• Feasibility study
1. Planning
(strategic and business objectives)
• Value added by control
• Monitor effectiveness
• Evaluate risk performance
3. Measuring
(key performance indicators)
• Project risk management
• Plan implementation
• Implementation of control
2. Implementing
(core processes and functions)
Risk strategy
Do'stlaringiz bilan baham: |
