formulate hard questions coming from topics below: RISK Risk is usually associated with the possibility that things might go wrong, that events might turn out worse than expected or that something bad might happen. Risk exists whenever a future outcome or future event cannot be predicted with certainty, and a range of different possible outcomes or events might occur.

Categories PURE RISK-Also known as DOWNSIDE risk.-is a risk where there is a possibility that an adverse event will occur. Events might turn out to be worse than expected, but they cannot be better than expected.-For example, there might be a safety risk that employees could be injured by an item of machinery. This is a pure risk, because the expectation is that no-one will be injured but a possibility does exist. SPECULATIVE RISK-Also known as TWO WAY risk.-is a risk where the actual future event or outcome might be either better or worse than expected.For example, an investor in shares is exposed to a speculative risk, because the market price of the shares might go up or down. The investor will gain if prices go up and suffer a loss if prices go down.

Companies face BOTH pure and speculative risks.

-Pure risks are risks that can often be controlled either by means of internal controls or by insurance. These risks might be called internal control risks or operational risks.

-Speculative risks cannot be avoided because risks must be taken in order to make profits. As a general rule, higher risks should be justified by the expectation of higher profits (although events might turn out worse than expected) and a company needs to decide what level of speculative risks are acceptable. Speculative risks are usually called business risk, and might also be called strategic risk or enterprise risk. Categories of business risk

1) Market risk - is the risk from changes in the market price of key items, such as the price of key commodities. Market prices can go up or down, and a company can benefit from a fall in raw material prices or incur a loss from a rise in prices. 2) Credit risk - is the risk of losses from bad debts or delays by customers in the settlement of their debts. All companies that give credit to customers are exposed to credit risk. The size of the credit risk depends on the amount of receivables owed to the company, and the 'credit quality' of the customers. 3) Liquidity risk - is the risk that the company will be unable to make payments to settle liabilities when payment is due. It can occur when a company has no money in the bank, is unable to borrow more money quickly, and has no assets that it can sell quickly in the market to obtain cash. Companies can be profitable but still at risk from a liquidity shortage.

4) Technological risk - is the risk that could arise from changes in technology (or inadequacy of technological systems in use). When a major technological change occurs, companies might have to make a decision about whether or not to adopt the new technology.

5) Legal risk - which includes regulatory risk, is the risk of losses arising from failure to comply with laws and regulations, and also the risk of losses from legal actions and lawsuits.

6) Health, safety risks and environmental risk - are risks to the health and safety of employees, customers and the general public. Environment risks are risks of losses arising, in the short term or long term, from damage to the environment - such as pollution or the destruction of non-renewable raw materials.

7) Reputation risk - It is the risk that a company's reputation with the general public (and customers), or the reputation of its product 'brand', will suffer damage. Damage to reputation can arise in many different ways: incidents that damage reputation are often reported by the media.

8) Business probity risk - Probity means honesty and integrity. Business probity risk is the risk of losses from a failure to act in an honest way. RISK MANAGEMENT

Is the process of managing both downside risks and business risks.

It can be defined as the culture, structures and processes that are focused on achieving possible opportunities yet at the same time control unwanted results

Is considered a corporate governance issue. This means that the board of directors have a responsibility for risk management. ELEMENTS OF A RISK MANAGEMENT SYSTEM There should be a culture of risk awareness within the company. Managers and employees should understand the 'risk appetite' of the company, and that excessive risks are not justified in the search for higher profits.

There should be a system and processes for identifying, assessing and measuring risks. When risks have been measured, they can be prioritised, and measures for controlling or containing the risk can be made. There should be an efficient system of communicating information about risk and risk management to managers and the board of directors. Strategies and risks should be monitored, to ensure that strategic objectives are being achieved within acceptable levels of risk.

RISK BASED APPROACH

It is an approach to decision-making based on a detailed evaluation of risks and exposures, and policy guidelines on the level of risk that is acceptable (risk appetite).

The risk-based approach takes the view that some risk must be accepted, but risk exposures should be kept within acceptable limits.

For example, the customs and immigration department at a country's airports might have a policy of checking the baggage of every passenger arriving in the country by aeroplane, because the policy objective is to eliminate smuggling of prohibited goods into the country by individuals.

With a risk-based approach, the department will take the view that some risk of smuggled goods entering the country is unavoidable. The policy should therefore be to try to limit the risk to a certain level. Instead of checking the baggage of every passenger arriving in the country, customs officials should select passengers whose baggage they wish to search. Their selection of customers for searching should be based on a risk assessment - for example what type of customer is most likely to try to smuggle goods into the country?

STAGES OF RISK MANAGEMENT

1) Risk Identification

A company needs to understand what risks it faces, both in its environment and markets (strategic risks) and internally (operational risks).

-This may be aided by the creation of a risk committee. These are committees of managers from several departments or functions. Each committee is responsible for reporting on a particular category of risk or risks in a particular geographical area of the company's operations.

Having identified risks, it is therefore necessary to assess the importance of each risk, in order to:-rank the risks in order of significance (order of priority), and-identify the risks that are the most significant, and-identify the significant the risks where control measures are urgently needed.

2) Risk Profiling or Risk Mapping

This is the stage of actually assessing the risk.

To assess each risk, it is necessary to consider the likelihood that losses will occur as a consequence of the risk, and the size or amount of the loss when this happens.

3) Measuring risks

Measuring risk means quantifying the risk. When risks are quantified, the risk can be managed through setting targets for maximum risk tolerance and measuring actual performance against the target.

Where risks are assessed in qualitative terms, risk management decisions become a matter of management judgment.

4) Treat the risk(Action Plan) 5) Monitor the risk Controlling Risks

Methods of Controlling Risk Diversification Risks

Risk Transfer

Risk Sharing

Hedging Risks

DIVERSIFICATION OF RISKS The purpose of diversification is to invest in a range of different business activities, and build up a portfolio of different business activities.

Considerations when deciding to diversify

A diversification strategy by a company might be appropriate provided that its management have the skills and experience to manage the portfolio of different business activities.

A diversification strategy by a company is much more risky (and less appropriate) when it takes the company into unrelated business activities.

Risks are not reduced significantly by diversifying into different activities where the risks are similar, so that if there is an adverse change in one business activity, there is a strong probability that adverse changes will also occur in the other activities.

Risk transfer

Risk sharing involves collaborating with another person and sharing the risks jointly.

Common methods of risk sharing in business are partnerships and joint ventures. In a joint venture, all the joint venture partners share in the investment, the management, the cost of the investment, the risks and the rewards.

Hedging risks Hedging risk means creating a position (making a transaction) that offsets an exposure to another risk.

The TARA Framework for risk management

Transfer Avoid Respect Accept