Risk Management: Safety, Security & Sanitation (PDF)

Summary

This document covers the basics of risk management, particularly as applied to safety, security, and sanitation. It defines risk and hazard, and discusses the benefits of a risk management framework. Key questions and core principles in risk management are detailed.

Full Transcript

Lesson 1

Risk Management

What is Risk Management?

Risk Management is the process of identifying, assessing and controlling
threats to an organization’s capital and earnings. These threats, or risks, could stem
from a wide variety of sources, including financial uncertainty, legal liabilities,
strategic management errors, accidents and natural disasters.

Risk Defined

It is the possibility of something bad happening. Risk involves uncertainty
about the effects/implications of an activity with respect to something that humans
value (such as health, well-being, wealth, property or the environment), often
focusing on negative, undesirable consequences. Many different definitions have
been proposed. The international standard definition of risk for common
understanding in different applications is "effect of uncertainty on objectives".

Risk according to UNWTO is a situation that exposes someone or something
to danger harm or loss. Risk can be a physical safety matter, a risk of property loss, a
financial business risk, and more. From the moment a person engages himself in the
business, whether a sole proprietorship, partnership, or corporation, the risk
immediately attaches.

Example:

1. Food handling is one issue that must be adequately addressed whenever
someone prepares food for the customers. The danger of food poisoning due to the
contamination of food is high if the necessary precaution based on standards will
not be followed. The government has provided regulations that must be complied
with by any business ventures to make sure that the danger or harm is mitigated.
Food sanitation permit is a mandatory requirement for businesses in the food
industry.

2. It is an inevitable practice in both tourism and hospitality businesses to get
the necessary information about their guests and clientele for security reasons, not
only on the part of the guests but also on the part of the management as well. The
giving and obtaining information per se is considered risk in itself that must be
safeguarded accordingly.

What is Hazard?

It defined as a potential source of harm. Substances, events, or
circumstances can constitute hazards when their nature would allow them, even just
theoretically, to cause damage to health, life, property, or any other interest of value.
The probability of that harm being realized in a specific incident, combined with the
magnitude of potential harm, make up its risk, a term often used synonymously in
colloquial speech.

RISK VS. HAZARD

Accordingly, hazard pertains to any source of potential damage, harm or
adverse health effects on something or someone, while risk is the chance or
probability that a person will be harmed or experience an adverse health effect if
exposed to a hazard. It may also apply to situations with property or equipment loss,
or harmful effects on the environment.

According to work SMARK, (n.d.) a hazard is something that can cause harm
while a risk is a chance that any hazard will cause harm to somebody.

What are the Benefits of a Risk Management Framework?

 Enables identification of threats and opportunities for an agency.

 Improves and informs the planning process.

 Reduces likelihood of costly "surprises".

 Contributes to improved resource allocation.

 Improves efficiency and performance.

 Improves accountability.

 Encourages continual improvement.
Seven Key Questions

A good risk management framework seeks to answer these basic questions:

 What are we trying to achieve?

 What events or circumstances that could affect the achievement of our
objectives?

 What are the consequences?

 How likely are these events?

 What can we do to manage these outcomes?

 How will we maximize opportunities?

 Can the organization recover if a risk eventuates?
Principles of Risk Management

There are specific core principles in regards to risk management. When
looking to perform an actual risk assessment, the following target areas should be
part of the overall risk management procedure (as defined by the International
Standards Organization; ISO):

 The process should create value

 It should be an integral part of the organizational process

 It should factor into the overall decision-making process.

 It must explicitly address uncertainty

 It should be systematic and structured

 should be transparent and all-inclusive

 It should be dynamic and adaptable to change

 It should be continuously monitored and improved upon as the project moves
forward

 When first addressing a risk management procedure for a project, take note
of the aforementioned principles to ensure that your specific assessment is
matching up with the core ideals as defined by ISO

 It should be based on the best available information

 It should be tailored to the project

 It must take into account human factors

Risk Management Process

There is a specific procedure that one should follow when it comes to performing a
risk assessment. The overall process can be itemized as follows:

1. Identification - Perform a brainstorming session where all conceivable risks
are itemized
 2. Planning - Once defined, plan for contingencies as part of the overall
project plan; implement controls as needed

3. Derive Safeguards - Place specific 'fallback' into the overall project plan as
contingencies for risks if they arise

4. Monitor - Continuously monitor the project to determine if any defined (or
un-expected) risks manifest themselves

Content of a Typical Risk Management Plan

A statement of the risk management policy

Details of the scope and objectives of risk management in the agency

Consistent risk management language and definitions

Integration with other management practices and procedures

Risk assessment criteria (consequence and likelihood ratings)

Description of the internal and external context in which the agency operates

List of analyzed risk

Summary of the risk treatment plan

Outline of the risk reporting protocol

Outline of the monitoring and review program

Embedding Risk Management

Fit for purpose? Risk management should be embedded in all the
organization's practices and processes in a way that it is relevant, effective, and
efficient. The risk management process should become part of, and not separate
from, those organizational processes. In particular, risk management should be
embedded into the policy development, business and strategic planning and review,
and change management processes.
 Lesson 2

Sources of Risk

Sources of Risks

Risk can come from different sources like the following:

1. Uncertainty in financial markets.

2. Threats from project failures (at any phase in design, development,
production, or sustainment life cycles).

3. Legal liabilities.

4. Credit risk.

5. Accidents.

6. Natural causes and disasters.

7. Deliberate attack from an adversary, or

8. Events of uncertain or unpredictable root-cause
1. Uncertainty in the financial markets.

One consideration that a manager should take into in the conduct of his or her
business is the uncertainty in the financial markets. Managers must be vigilant
enough in determining those uncertainties that could give more impact in the entirety
of his business.

2. Threats from project failures.

Based on Taylor Jr. (2014)., the compelling business development requires
taking on calculated risk. Throughout the whole process of project development, the
managers could direct their teams on the right actions utilizing establishing the
distinction between risks and effects. Consequently, late projects and its failure to
meet the quality guidelines could produce an adverse impression on the new
members.

3. Legal liabilities in tourism and hospitality industry.

As discussed, the risk may be defined as a potential loss or harm to persons
and property. When applied to tourism and hospitality industry, it could be any of the
following: financial loss, damage to property, or injury to workers or guests. It is a
given fact that most people in the hospitality and tourism industry would like to get
rid of any legal responsibility attaching to the risks, the reason why they have been
using risk management as a precautionary measure. To emphasize, risk
management is a tool to avoid injury to guests and employees and to protect their
business operations from financial or physical inconveniences.

4. Credit risk.

Credit is another source of risk that could impact the tourism and hospitality
industries. Credit risk as defined in Principles for the Management of Credit Risk,
https://www.bis.org/publ/bcbsc125, is the potential that a bank borrower or
counterparty will fail to meet its obligations following agreed terms. The effective
management of credit risk is a critical component of a comprehensive approach to
risk management and essential to the long-term success of any banking
organization.
5. Accidents.

Risks and accidents are sometimes being used interchangeably, but they are
different, though they complement each other. Accidents are reactive while risks are
preventive. The effects are well known in an accident. There is a possibility of shock
on the part of the injured, anger at the one in fault, and confusion on the thing that is
supposed to be done immediately after the accident. Accident management is
necessary to reduce the costs pertinent to the accident, to wit: damage to property,
costs of rental, maximization of subrogation recovery.

6. Accidents due to fortuitous events or acts of God.

Accidents in connection with this category are beyond the contemplation of
man. The causes are not within the bounds of man. Who would ever forget the
horrible Indian Ocean earthquake and tsunami which killed almost 250,000 people,
including tourists in Phuket Thailand and 13 other countries? Listed below are some
of the natural phenomena identified around the world: Earthquakes; Volcanic
eruption; Flood; Landslides; Erosion; Fire; Storm; Typhoon.

7. Security-related accidents

No matter how careful the management of a hotel and similar establishment
is, there were still some reports of accidents that could be attributed to accident and
negligence cases like robbery and theft.

8. Events of uncertain or unpredictable root-cause.

The strategies to manage risk typically include transferring the risk to another
party, avoiding the risk, reducing the adverse effect or probability of the risk, or even
accepting some or all of the potential or actual consequences of a particular risk.
Certain aspects of many of the risk management standards have come under
criticism for having no measurable improvement on risk, whether the confidence in
estimates and decisions seem to increase.
Risk Identification

How can you identify the causes and effects of the risks in your company?
What can happen?

In this first stage of the methodology, the possible specific causes of
business risks are identified in a systematic manner, together with the range
and possible effects thereof, which an entrepreneur must confront.

The proper identification of risks calls for a detailed knowledge of the
company, of the market in which it operates, of the legal, social, political and
cultural environment in which it is set.

Risk identification must be systematic and begin by identifying the key
objectives of success and the threats that could upset the achievement of
these objectives.

Perception of the Risk

The perception of risk as a threat is the system most often used in order to
identify it in this context, managing the risk signifies installing control systems that
will minimize both the likelihood that adverse events will occur as well as the severity
of such events (the financial loss that would be involved for the entrepreneur). It is a
focus of a defensive nature, its aim is to allocate resources in order to reduce the
likelihood of sustaining adverse impacts.

From the perception of risk as an opportunity, risk management signifies
using techniques that will maximize the results, limiting the possible damages or
costs. The focus is aggressive in nature.

Risk management from the perspective of risk as uncertainty is aimed at
minimizing the deviation between the results that entrepreneur wishes to obtain and
those that he or she actually does obtain.

Strength

Location of establishments

Highly flexible cost structure

Proximity to customers
Weaknesses

Commercial fragmentation

Limited access to Financing

Lack of specialized and trained personnel

Opportunities

Sector in expansion

Specialization in market niches

Increasingly better-informed consumers

Threats

Regulatory changes

Entry of new competitors

Customer tastes change quickly
Classification of Risks

1. SECTOR

A risk that external factors independent from the entrepreneur's management
sold directly or indirectly influence the achievement of his or her objectives and
strategies to a significant extent.

Examples: Strong exposure to regulatory changes, Business fragmentation,
Appearance of new markets

2. OPERATIONAL

The operational risks are associated with the entrepreneur's ability to convert
the strategy chosen into specific plans, by means of an effective allocation of
resources.

Examples. Need for making an advertising effort, High staffing costs, Lack of
operational and financial planning, Tendency toward subcontracting, Tendency
towards concentration

3. TECHNOLOGY

This measures the entrepreneur's exposure to the technological risks derived
from the need to undertake heavy investment in order to ensure the feasibility of his
or her business project within a specific period of time or the need for training the
company's employees in the use of the technology

Examples: Significant investments, Low level of implementation, Low level of
technological training

4. COMPETITORS

The size, the financial and operational capacity of the agents in a sector
determine the degree of rivalry in that sector and set the rules of the game that any
new agent has to consider in order to operate in the marketplace; this can involve
risks for the entrepreneur.

Examples: Appearance of new competitors, Intense competition, Specialized
competition
5. SUPPLIERS

The role played by the suppliers in the sector could generate risks for an
entrepreneur due to variations in the price of raw materials, to the availability of a
variety in the supply and for a continuous period of time, as well as the degree of
concentration of the suppliers which will determine the method of payment
traditionally accepted in the sector.

Examples: Exposure to changes in the price of goods, Dispersion in the supply
non-determination of the quality of the service provided, Increase in power of
negotiation

6. CUSTOMERS

The customer can be a crucial focal point of risk for an entrepreneur, since
they are the generators of revenues; the risk can stem from changes in their tastes
and needs, from generating pressures forcing prices down or from lengthening the
payment period, among other factors, in such a way that the entrepreneur's value
proposal must always be customer-oriented

Examples: Increase in power of negotiation, Lack of loyalty, Social and
demographic changes, Seasonality and decline in the demand

7. FINANCIAL

The financial risks refer to the uncertainty associated with effective
management and the control of finances carried out by the entrepreneur, as well as
to the effects of external factors such as the availability of credit, exchange rates,
movements in interest rates, etc.

Examples: Long-term financial incapacity, Exposure to interest rate changes,
Lack of knowledge of advantageous sources of financing, subsidies, etc.

Sources of Identifying Risks

Sources of risk are all of those company environments, whether internal or
external, that can generate threats of losses or obstacles for achieving the
company's objectives. A procedure that facilitates the identification of risks is to ask
oneself, respect to each of the sources, whether weaknesses or threats exist in each
case. A brief list is set out below.

Pressure by competitors

The employees

The customers

The new technologies Changes in the environment

Laws and regulations

Globalization

The operations

The suppliers