Most everyone has an awareness of “Risk”. While risk can be personal, I want to address business risk in this post, albeit at a high level as well as the CFO’s role in the risk management process. There are three aspects of risk that I will cover in the post – risk identification, risk quantification and risk planning.
Risk Identification: Sometime the presence of risk is fairly obvious such as when an owner is directly confronted with a situation in which there is risk – rising flood water that threaten a plant or warehouse. Other times the possibility of risk may have to be sought out by the management team, possibly during the strategic planning process. Because of virtually all risk has financial implications for a business, the CFO plays an integral role in the risk management process.
Risk Quantification: Not all risks are of equal importance. Once possible risks have been identified, the potential financial impact must be assessed. Sometimes this can be a challenge, such as placing a value on a tarnished reputation due to poor customer service. Other time quantification of the impact may be easier such as the consequences of a flawed product design and the resulting correction of the problem. Regardless, the quantification of the risk is obviously a function that fall within the CFO’s purview.
Risk Planning: Once risks have been identified and quantified, what does one do about it? There are four possible courses of action a business can take regarding risk. Steps can be taken to avoid the risk, mitigate the risk, the risk can be accepted or the impact of the risk can be shifted elsewhere.
Risks can sometimes be avoided. A conscious decision can be made to avoid risky markets or not produce risky product lines, for instance. The risk of not having your products available for customers may be avoided by NOT having them manufactured in China.
Mitigating risk involves taking specific action to prevent the particular risk from occurring. For instance, if you have a manufacturing plan in the flood plane, the plan can be relocated to an area where natural hazards are not a factor. If the is growing political unrest in a country in which the business has a presence, a decision can be made to withdraw from that country.
Is some instances, such as when the financial impact is minor, it might be prudent to simply accept the possibility of the risk occurring. In this instance the decision is simply to take no action while acknowledging that the occurrence of the event is a distinct possibility but is of such minor consequence that it is worth the risk.
The fourth way to plan for risk is to pass that risk along to someone or something else. This is usually applicable to those things that rarely happen but when they do they are quite costly. The most common way to transfer risk is through insurance. There are many types of insurance coverage including automobile, errors and omissions, general liability insurance, and others.
This post has discussed three aspect of assessing risk – Identification, Quantification and Planning. Business owners would be wise to establish a risk management program before a risk occurs that could threaten the continued viability of the company.