3.-LSPU-RISK MANAGEMENT2024-MODULE 1 Handout.pdf

Full Transcript

Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
LSPU Self-Paced Learning Module (SLM)
Course Risk Management as Applied to Safety, Security and Sanitation
Sem/AY First Semester/2024-2025
Module No. 1
Lesson Title INTRODUCTION TO RISK MANAGEMENT
Week
2-4
Duration
Date August 26 – September 13, 2024
This lesson will discuss the definition of risk, its systematic process, and its different
Description types. Risk Assessment and its analysis will also be tackled. The matrix of identifying
of the risks and the interpretation of the risk ratings will also be discussed.
Lesson

Learning Outcomes
Intended Students should be able to meet the following intended learning outcomes:
Learning  Define risk management in general
Outcomes  Explain the importance of risk management and decision making in tourism
 Recognize risks in tourism and hospitality establishments
Targets/ At the end of the lesson, students should be able to:
Objectives  describe the process of risk analysis
 discuss the costs of not having risk management
 enumerate the categories of risks
 interpret risk ratings

Student Learning Strategies

Onsite Activities A. Onsite Activities
Class Discussion
Recitation
Module
Worksheet
Individual Performance Task
Group Projects
Group Presentations
(Provision of lesson handouts via Google Classroom)

B. Learning Guide Questions:
1. Define what is risk and its management process.
2. How can you recognize risks?

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
1.1 INTRODUCTION TO RISK MANAGEMENT
1.1.1. Definition of Risk

When thinking about small and medium-sized businesses today, risk should be
looked at from a 4.0 viewpoint and as a part of the future that is not completely
known and predictable. Probabilities and predictions are both based on how
people see the world. So, human understanding, culture, and the social
environment have a big effect on how risks are seen and thought about when
running a business.

So, uncertainty is the most important part of risk because, even though the
likelihood of an event happening can be predicted, this probability is based on
past events, which can't be used to predict the future, or people assume that a
certain event might happen based on events outside of the company.

Probabilities are ideas that people have, and they are not a part of nature or
something that can be measured (Holt, 2004). Also, when running a business,
the results of unplanned events could be either good or bad. So, taking a risk
always has some kind of result, no matter what it is.

The problem with risk assessment and management is that decisions need to
be strongly supported, especially in SMEs. It's very important to record both
subjective judgements and objective facts. Luhmann (1993) is right when he
Self-Learning says that the idea of risk means making decisions about the future and being
Module responsible for those decisions. In conclusion, risk is a part of every business,
and it could have either good or bad effects. Uncertainty is directly linked to
risk, and risk affects how decisions are made. All of these things, however, have
one thing in common: the central role of the human factor and intervention,
which Bernstein (1996) also stressed strongly. The Project Management
Institute, Inc. (PMI®)* has established a six-step set of processes and practices.
The PMI approach to risk comprises:

Plan risk management. In this area, we set up the project risk
infrastructure and create a plan for managing project-specific risks. This
includes making risk-related language, tolerances, and limits.
Identify risks. We describe events that could have bad or positive
effects on projects. These descriptions include the event that could happen and
its specific effect.
Qualify risks. We use non-numerical assessment protocols to analyze
risk.
Quantify risks. We rate the most important risks and/or the project as a
whole based on how likely they are to happen and how bad they will be.
Plan risk responses. We make, assess, and share plans to deal with or
avoid risks.
Monitor and control risks. We put risk management and response
plans into action.

* “PMI” is a service and trademark of the Project Management Institute, Inc.,

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
which is registered in the United States and other nations.

1.1.2. Protecting Tourism

The Importance of Tourism
Tourism is one of the things that helps industrialized, less-developed, and
emerging countries grow their economies. The travel and tourism industry
contributes substantially to:
strong economic growth,
creation of skilled and semi-skilled jobs,
greater export returns,
foreign investments and currencies, and
economic well-being and social stability.

One of the biggest businesses and job creators in the world is travel and
tourism. The tourism industry needs a lot of workers and offers a wide range of
jobs, especially for women and young people. This helps to break the cycle of
poverty by building human capital and giving future generations new chances.
The jobs are in many different fields and pay a wide range of wages. The
growth of small and medium-sized businesses gives jobs to people with and
without skills in cities and rural places. Spending by tourists in a place goes
directly to businesses that serve tourists and indirectly to the many other
businesses that offer goods and services to these tourism businesses.

In this way, the money that tourists spend helps the local, regional,
state/province, and national economies, as well as all the different groups.

1.1.3. Introduction to Risk Management for Tourism

Risk management is a useful and systematic way for small tourism
businesses to make good decisions about risk. It is a process of strategic
planning and management that uses a logical sequence of steps to help find,
analyse, assess, and treat possible risks. Effective risk management should
be a group effort that is understood and carried out by everyone who needs
to. To make and run a system like this for managing risk in a business
setting, you must first understand and be familiar with the idea of risk.

1.2. Risk Assessment and Identification

Risk management is conceptually presented in the figure below:

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited

Note: Adapted from the Philippine National Standards 31000:2018 (PNS ISO
31000: 2018)

Defining risk

Risk usually means the possibility of losing something. This loss is usually the
result of an action or event that was not wanted.

Risk is an intangible word that is usually linked with the dangers and
unknowns of life. In business, the word "risk" usually means the possibility of
losing money. More specifically, risk is linked to situations that could hurt a
business's ability to stay in business and/or make money.

Small tourism businesses face a wide range of risks and unknowns, just like
any other company. Some of these risks effect more than one tourism
business, such as sudden changes in interest rates, extreme weather and
climate, changes in the law, or changes in the number of tourists who visit.
Other risks, like theft of property, injury to staff, or loss of customers, could
affect just one or a small number of tourism companies.

Risk usually has both a cause and an effect. The reason may be direct physical
exposure, dynamic pressures, unsafe conditions, or a bad business practice.
Risk is the specific hazard or possible danger that has been identified. In this
order, the word "consequence" refers to any effects or effects that may happen
if the risk comes true.

A risk event could be a business action, the way a person acts or talks, an
accident, or something in the environment.

Risk as a core principle in risk management
With enough information about the cause and the effects, it is thought to be
possible to measure the risk associated with a given risk event. In this case, risk
is measured as a prediction or forecast (based on a chance estimate) of a given

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
outcome. By figuring out how likely an event is to happen, you can choose the
right actions or behaviors to prevent or reduce possible loss. Effective risk
spotting and analysis are the core of good risk management decision making.

Risk Assessment and Risk Identification
Risk assessment starts with finding the risks. The goal of risk identification is to find,
recognize, and explain the risks that might help or stop an organization from achieving
its goals. Information that is useful, accurate, and up-to-date is important for spotting
risks.

The following elements, as well as how these elements relate to one another, should be
taken into account when identifying risks.

 Tangible and intangible sources of risk
 Causes and events
 Threats and opportunities
 Vulnerabilities and capabilities
 Changes in the external and internal context
 Indicators of emerging risks
 The nature and value of assets and resources
 Consequences and their impact on objectives
 Limitations of knowledge and reliability of information
 Time-related factors
 Biases
 Assumptions; and
 Beliefs of those involved

For each potential hazard, the following factors need to be taken into account while
analyzing the nature of disasters:
Cause - Is it natural, technological, biological, etc?
Frequency - Is it a regular or seasonal event (eg, cyclone, floods) which can be
anticipated?
Duration - Will it last for a short time, like an explosion, or will it last for a long time,
like floods or diseases? This has big effects on the care and health of tourists and
people who work in the tourism industry. Disasters that can last for a long time will
require at the very least the creation of plans for how tourists can get back home.
Speed of onset - Will it happen quickly, giving little or no time to warn people (like
an airplane crash), or will it happen slowly, like a flood (except a flash flood), giving
time to warn people and maybe even take precautions? How well the public thinks
disaster management agencies in a place are prepared and able to respond will
depend on how much time they have to give warnings, give information, and take
steps to protect people.
Scope of impact - Will the disaster only affect a small part or parts of the
community, or will it spread out and affect the whole community, causing
infrastructure, services, and facilities to break down in many places? From a tourism
point of view, will the disaster be able to affect a single tourism operator or a whole
location, or could it affect the tourism industry all over the world, like the September
11 bombing of the World Trade Center in 2001?

Destructive potential - Could it hurt just one building or all the homes, buildings,

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
infrastructure, and services in the community? What kind of damage (bodily harm
and/or damage to property)? If there is a risk that could destroy a community and its
infrastructure, again, it will be necessary to make backup plans for moving visitors to a
safer place with important services and for their return home.
Even though crisis management agencies will look at each of these things from the
point of view of how they affect the community as a whole, the tourism industry
should also look at each of these things from the point of view of how they might affect
tourism facilities, infrastructure, and operations. Even though the tourist industry
should help with disaster management in the community, it is important at each step
to figure out how it will affect the industry and its operations.

1.3. Types of Risks

According to Hopkin (2018), risks can be categorized into four:

1. Compliance Risk
2. Hazard Risk
3. Control Risk
4. Opportunity Risk

Compliance (mandatory) risks involve licenses, business permits, and
standards set by the government. It could include business clearance from a
barangay, a municipality, or a city, the Internal Revenue Service, a security
exchange, a license to run, compliance with fire and building codes, and
insurance, among other things.

Hazard risks, also called "pure" risks, are those that can stop a company from
reaching its goals, aims, and objectives. Typical examples of insurable risks
include fire, typhoon, flood, earthquake, and injury, which can affect normal
operations through loss, breakdown, theft, and other threats.

Categories of Operational Disruption
Category Examples of Disruption
People L ow finances and a lack of
interpersonal skills
Improper management practices by a
manager
Sudden absence of important
partners
Associates’ illness, disease or injury
Premises Too few restrictions
Damage or contamination to
premises
Loss or damage to property
Theft of physical property
Processes IT equipment or software failure
Interference caused by computer

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
viruses and hackers
Information not handled well
Failures in communication or
transportation
Products Bad quality of a product or service
Supplier failure
Delivery of items that are broken or
have been used
Logistics failure

Control risks. These are risks that could make it hard or impossible for a
business to reach its goals, aims, and objectives. Protocols for internal financial
control are a standard example of a control risk. If control methods are taken
away, nobody knows what will happen. Also, control protocols rely on how
well the company's resources are managed and how well they are put into
place.

Opportunity risks. These are risks that are usually sought out or accepted by a
company because they are good for its long-term success. These risks happen
because the organization is trying to improve the way it meets its goals, aims,
and objectives. Some businesses are ready to invest in high-risk business
strategies in hopes of getting a high return on investment.

Role of Tourism Industry in Risk Management
Risk management has two important roles for tourism. The first is to work with
government and community groups to make plans, systems, procedures, and
processes for crisis management that meet the needs of tourism. The second step is to
make plans and procedures that are right for a location and the roles and
responsibilities of an organization, train staff on those plans, and put them into action.
No group that deals with disasters should work alone. Each tourist business and group
is part of the crisis management community and should work within the established,
coordinated, and integrated system.

The development of effective plans and procedures for disaster management depends
on:
regular meetings, networking, and communication between agencies;
implementation of a disaster risk management process;
development of plans and procedures;

formation and maintenance of partnerships;
consultation with the community;
effective communication;
training of staff;
testing of plans, procedures, and staff through exercises (mock disasters); and

efficient review and change procedures.

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited

Risk Analysis
Risk analysis is a part of evaluating risk, deciding if and how it needs to be treated, and
deciding on the best plan and methods for treating risk. The results give information
that can be used to make choices, where the choices involve different kinds and
amounts of risk.

The identification of possible threats is followed by a vulnerability assessment to
evaluate the facility, venue, or event's susceptibility as well as the potential financial
impact of a successful assault. The vulnerability assessment could include a thorough
analysis of how a loss from an explosive, chemical, or biological attack could affect the
organization. An effect of loss is the degree to which a successful attack from a given
threat hurts the facility or event, and it can be put into the following categories:
1. Devastating – the building or facility is too ruined or contaminated to be used.
2. Severe - the building or facility is slightly damaged/contaminated
3. Noticeable - Despite being momentarily shut down or unable to function, the
facility can keep going without an interruption longer than a day.
4. Minor - With less than four hours of downtime, the facility's operations are not
significantly impacted, and no important assets are lost.

Vulnerability. This is described as a combination of how appealing a facility or event is
as a target and how well the countermeasures stop or defend against attacks.

Vulnerability ratings:
1. Very High
2. High
3. Moderate
4. Low

Matrix Identifying Levels of Risk
Minimal Threat
Impact of Loss Low Medium High Very High
Vulnerability Vulnerability Vulnerability Vulnerability
Minor √ √ √ √
Noticeable √ √ √ √√
Severe √ √ √√ √√
Devastating √ √√ √√ √√
Potential Threat
Impact of Loss Low Medium High Very High
Vulnerability Vulnerability Vulnerability Vulnerability
Minor √ √ √ √
Noticeable √ √√ √√ √√
Severe √ √√ √√√ √√√
Devastating √√ √√ √√√ √√√
Credible Threat
Impact of Loss Low Medium High Very High
Vulnerability Vulnerability Vulnerability Vulnerability
Minor √ √ √√ √√
Noticeable √ √√ √√√ √√√

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited
Severe √√ √√√ √√√ √√√√
Devastating √√ √√√ √√√√ √√√√
Defined Threat
Impact of Loss Low Medium High Very High
Vulnerability Vulnerability Vulnerability Vulnerability
Minor √ √√ √√ √√
Noticeable √√ √√ √√√ √√√
Severe √√ √√√ √√√√ √√√√
Devastating √√ √√√ √√√√ √√√√

Potential Risks to Tourism and Tourism Enterprises
1. Diseases – disease that spreads to people, plants, or animals
2. Economic – changes in interest rates, the stock market, and currencies
3. Psychological/Emotional Association – bad perceptions, rumors, and
publicity, connections to misfortune, unhappiness among visitors, and
unfavorable travel advice
4. Environmental – pollution, erosion, loss of biodiversity, and noise
5. Financial – contract hazards, financial theft, fraud, and fines
6. Human – terrorism, violence, sabotage, strikes, riots, and war
7. Natural hazards – Climate, earthquakes, bushfires, pests, volcanoes,
and tsunami
8. Occupational health and safety - weak safety protocols, ineffective
safety management, inadequate sanitation, and poor water quality
9. Product liability – incorrect design, poor quality control, and
insufficient testing
10. Property damage - destruction by fire, water, earthquakes,
contamination, and human error
11. Professional liability – inaccurate information, carelessness, a flawed
design, and misrepresentation
12. Public liability – Access, exit, and safety for the public
13. Security - Cash transactions, criminal activity, theft, information
appropriation, unauthorized entrance, and vandalism
14. Technological – blasts, mishaps, accidents, dependability, and
invention
Risk Rating Interpretation
Rating Category Description
Very High The risk is not acceptable at all. Steps must
be taken right away to lower these risks and
lessen the dangers.
High The risk is unacceptable. As soon as possible,
steps should be taken to lower risks and
prevent dangers.
Medium The risk may be acceptable over the short
term. In future plans and funds, there
should be plans to lower risks and make
things less dangerous.
Low The risks are acceptable. Along with other
security and risk-mitigation changes, there
should be more steps taken to lower risks or
make things safer.

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited

Learning Resources
Asia Recovery Information Centre. (2003). Malaysia: Rapid Country Assessment of the Impact of SARS’. In
SARS Watch, [online] http://aric.adb.org/infocus/sars/SARSImpact_Malaysia.pdf,
accessed August 2003

Crovini, C. (2019). Risk Management in Small and Medium Enterprises. New York, Unites States of
America: Routledge-Giappichelli
Gurtner, Yetta & Morgan, Damian. (2016). Risk Management for Small Tourism Business. One Day
Training Programme and Practical Resource Guide - Training Manual. 10.13140/RG.2.1.2344.9203.
Retrieved from https://www.researchgate.net/publication/303991283
Husain, S. (2003). Malaysia’s Tourism promotion in West Asia Allays Fears of SARS’, Malaysian
National News Agency

Kean, I., Moore, S.. and Robertson, D. (2006). Tourism Risk Management: An Authoritative Guide to
Managing Cries in Tourism. Australia: Asia-Pacific Economic Cooperation Retrieved from
https://www.apec.org/Publications/2007/04/Tourism-Risk-Management-An-Authoritative-Guide-to-
Managing-Crisis-in-Tourism-December-2006
Pritchard, C.L. (2015). Risk Management Concepts and Guidance 5th Edition. United States of America: CRC
Press

Ricaforte, B.G.R. (2020). Risk Management as Applied to Safety, Security, and Sanitation: First Edition.
Rex Book Store, Inc., Quezon City, Philippines.
Tourism Malaysia 30 April 2003, ‘SARS cases in Malaysia’, [online]
http://www.visitmalaysia.nl/persbericht.htm, accessed June 2003

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)
 Republic of the Philippines
Laguna State Polytechnic University
ISO 9001:2015 Certified
Province of Laguna
Level I Institutionally Accredited

LSPU SELF-PACED LEARNING MODULE: Risk Management as Applied to Safety, Security and Sanitation (DRAFT) FUNDAN, A.C.(2023)