Disclaimer: This is an example of a student written assignment.
Click here for sample essays written by our professional writers.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.com.

Case Study in Creating Value from Uncertainty

Paper Type: Free Assignment Study Level: University / Undergraduate
Wordcount: 1147 words Published: 10th Jun 2020

Reference this

Introduction

JAA is a fictional company that overhauled their Enterprise Risk Management (ERM) structure and ended up with an organization that has been able to capitalize off the risk of uncertainty. JAA demonstrates how the strategic goals are linked to risk criteria and how the criteria is linked to the stakeholders and context. By creating a treatment plan based on risk criteria, such as JAA has done, closes the circle on risk management. Additionally, JAA created a Best-in-Class risk management plan that is sure to define how other companies make their plans in the future. However, none of the success would have been possible without the proper tone being relayed by upper management that put a spotlight on the importance of risk management to the organization.

Linkage between Strategic Objectives, Context, Stakeholders and Risk Criteria

JAA created their strategic goals with an aim to increase shareholder value and to address the needs of their other stakeholders (Narvaez, 2015).  They then went on to define the risk criteria by using the strategic goals they had created in 2008 with a six-step process. This process was effective because JAA had defined the context of the company within their ERM team by using the strengths, weakness, opportunity, and threats (SWOT) analysis. All these aspects are linked when an organization is creating their strategic goals. Many of the goals are made around increasing the shareholder value which is done by understanding the context of the organization and how the risk criteria are defined. Take maintaining market leadership for example, this goal ties in directly with stakeholders because the goal is to maintain the earnings they have currently, at the minimum, and ultimately increase the shareholder value if they maintain the leadership against emerging competition.

Risk Criteria and the Treatment Plan

By conducting a risk assessment, the organization must work with its’ stakeholders to establish the criteria for the risks that are present and their consequences and whether they are in line with the strategic goals set by upper management. Having a specific set of criteria to measure against is an effective tool for evaluating and making risk-based decisions (Setting the Scope and Limits of a Risk Assessment, 2018) . First, JAA had to define how they would measure the outcomes of their strategic goals, then they developed a scale to rate the consequence. The third step was to determine the likelihood of the risk and then developed a table to determine the level of the risk and how it would be expressed. Lastly, they decided on the rules for evaluating the risk. In order to have a treatment plan that will address all the risks of the organization the risk criteria must be defined. Otherwise, it would be like putting the cart before the horse, and we all know that     doesn’t work at all.

What Constitutes a Best-in-Class Policy from JAA

JAA created a risk management policy that can be used as a best-in-class policy for other organizations.  Their risk management plan is an easy to read and understandable document for all levels of the organization. JAA laid out the why, the who (was affected), the how (methodology), and the what (policies corelated to what department). The policies were broken down at a granular level that touched on all aspects of the organization. In total, there were 17 policies that ranged from ethics to business continuity. As well as an internal communications policy that handled how those in the company would be informed of information and an external communications policy that addressed how those outside the organization would be made aware information the company wanted to be made public.

Types of Policies to Manage Risks

All types of policies that are related to risk would be included in the risk management policy for an organization. Some of the top policies that should be included in any risk management policy are an ethics policy, business continuity policy, and a conflict of interest policy. An ethics policy is what guides an organization and can help to supplement the culture they are wanting to obtain and maintain. Business continuity is a big risk and is something that must be planned and prepared for in the unfortunate event that something happens to disrupt the business. Conflict of Interest is something that is need in nearly any organization. There is always going to be a way that the organization or someone with in it can benefit by abusing a lack of rules.

Tone at the Top is Critical for a Company’s Success

Many refer to setting a high tone as setting a high bar for honesty, integrity and ethical behavior, stating that it is a foundation for forming and shaping a strong and ethical culture (Barnett, 2019). A company’s culture is a critical part of their success and infiltrates all parts of the organization. It can be used to make everyone at the organization feel important within their role, knowing that they are aiding in the success of the organization. When there is no defined culture or the culture has been lost, that is where things can turn into a slippery slope. Once the culture has been compromised it can be hard to regain the trust and loyalty of the employees and get the culture that is needed to succeed in place.

Conclusion

Risk management is always about trying to create value from uncertainty. Especially when an organization is dealing with risks that have negative consequences. The organization sets the risk criteria and that is analyzed to find the risks within different sectors and how they will be addressed if they should come to be. For many organizations along the east coast, they should all have a business continuity plan as part of their risk management plan in case they are in the path of a hurricane. Doing business with an organization, you want them to have a risk management plan so you know that they are equipped to handle a multitude of risks that could be thrown at them.

References

  • Barnett, N. (2019, February). What is the role of “Tone at the Top” in setting culture? Governance Directions, 71(1), 25-28. Retrieved from linccweb.org: http://search.ebscohost.com.db24.linccweb.org/login.aspx?direct=true&db=bth&AN=134681961&site=eds-live
  • Narvaez, J. F. (2015). Implementing enterprise risk management: case studies and best practices. Hoboken: Wiley.
  • Setting the Scope and Limits of a Risk Assessment. (2018, December 18). Retrieved from American Society of Safety Professionals: https://www.assp.org/news-and-articles/2018/12/18/setting-the-scope-and-limits-of-a-risk-assessment

 

Cite This Work

To export a reference to this article please select a referencing stye below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this assignment and no longer wish to have your work published on UKEssays.com then please: