Risk Management: Role and Importance in Business Organization

Introduction

Risk, understood as the potential failure to realize plans and activities, is an inherent attribute of any business organization. Management science, especially in the decision-making process, focuses on the identification and evaluation of skills appropriate for handling risk. This in turn justifies the need for identifying, characterizing, and most importantly, developing plans for preventing or at least reducing the effects of risk occurrence.

Initially one should answer the question of what it actually is and what its sources are. This is not a simple task, because risk as a concept has been known for thousands of years and has attracted many different definitions and classification approaches. Therefore in this chapter attention will be paid primarily to those which apply to enterprises and enterprise management.

In a paper on defining risk Holton (2004) argues that two ingredients are necessary for risk to exist. The first is uncertainty about the potential outcomes of an experiment and the other is that the outcomes have to matter in terms of providing utility. In this sense a person jumping out of an airplane without a parachute has no risk, because it is certain s/he will die. Similarly, a casino game with red and black balls is not associated with any risk as long as money is not involved. On this basis two principal attributes of risk, i.e. uncertainty and consequences, can be identified and the equation determining their value (Damodaran, 2008):

It should be noted that Equation (1) can be applied to both the losses and the profits obtained as a result of risk occurrence. In such a context is seen, for example, investment risk, which is determined by the difference between the expected and the actual income of the investment, considered as risk consequences. From this follow three possible scenarios for the development of events: optimistic, pessimistic, and most likely.

Such a broad perspective, treating risk not only in the context of a threat but also as an opportunity (Zagst, 2002), is consistent with the most important and currently binding standard on risk management, ISO 31000:2009. Additionally, it strongly justifies the benefits of the implementation of risk management methods in an organization (Agrawal, 2009).

Handling of risk is not limited to the ability of identification, estimation and evaluation, but also includes the implementation of procedures that will ensure undisturbed operation of the organization, despite the occurrence of risk events. Such proceedings are called business continuity management (BCM) and should be part of the strategic management of the organization (Henderson, 2008).

The chapter provides an overview of risk definitions and classifications. It discusses aspects of risk management from identification, through analysis and evaluation, to methods for dealing with risk which ensure business continuity. The whole is summarized in the context of uses and development trends of risk management in business organization. The chapter attempts to provide answers to the following questions:

• •

  What are the risks and their impact on the management of business organizations?

• •

  How can businesses effectively protect themselves against the negative influence of risk, but use it to stimulate the development of the organization?

• •

  What methods will ensure the safe and sustainable operation of an organization?

Review Of Risk Definitions

Risk is a concept with numerous definitions, even though people understand and use the term in an intuitive way. As stated in the introduction it is a function of two basic attributes, i.e. the probability of its occurrence (materialization) and the predicted consequences (profit or loss). A thorough risk analysis allows determination of a more detailed structure. The literature describes the most important elements of this structure (Dionne, 2013):