risicomanagement

Opportunity statements and identification and COVID-19

admin

Author: Manu Steens

Anyone who takes himself seriously concerning risk management knows that the definition of risk according to ISO roughly amounts to a cause that gives rise to an uncertainty in the achievement of objectives. That uncertainty can have a de facto positive effect, so that the objectives are achieved and more, or have a negative effect, namely that the objectives are not achieved or worse.

A risk can then be written as a risk statement, which consists of a cause, the actual risk and the ultimate effect. This suffices as a one-to-one cause-to-effect statement to follow our reasoning, although real risk statements can give rise to many-to-one, one-to-many, or many-to-many statements.

Having a negative effect is due to threats, having a positive effect is due to opportunities.

Since a risk, despite the ISO definition, is linked by most people to threats rather than opportunities, we need to use metalanguage to focus.

Metalanguage in these are ‘templates’ in which risk statements, including opportunity statements, can be included.

This one is based on the principle of a risk statement:

  • “As a result of , may occur, which may lead to .”

And for opportunities based on SWOT, this becomes:

If we apply this to the European situation regarding Covid-19, we get, for example, statements like:

  • Through a policy culture that allows for a firm response, we can limit a new flare-up of the virus, which gives the development of a suitable virus vaccine more time and thus more chance of success.
  • If we can limit the number of human contacts at work, on public transport and in public spaces and to the extent of the realistically possible also in private life and at all kinds of events, we may be able to reduce the virus sufficiently, which gives a chance to the world of making work of economic recovery.
  • If the global expansion of human activities is intelligently restrained , allowing the pandemic risk in the future to diminish, biodiversity can stabilize, the natural balance can restore, fewer people come into contact with wild animals that are no longer dislodged from their habitat so that new pathogens are no longer transferred, transmission can decrease internationally, citizens in the future will be more forgiving and tolerant of a mistake in policy.
  • If clear communication is used, the right experts are heard, and transparency is created about the relationship between cause and effect, the most decisive policies can be discussed in open forums, providing insight into necessary and perhaps sufficient reforms to support a sustainable recovery.
  • With this premise, there may possibly be brought forward new and better institutions, with improved basic infrastructure, better regulation of key economic sectors and investment in public services that create and protect human capital and render in the long term, not in the short term, which can shape the economy and the world of the future. For example, by opting for a low-carbon basic infrastructure as a result of an open debate without group-think or tunnel vision , which enables growth for new developments, but which can also provide an answer to climate challenges.
  • By organizing flexible technology in Europe, and building strategic stocks of raw materials, it is possible to switch quickly between conventional production and the production of necessary goods in a pandemic time (e.g. personal protective equipment), thus reducing Europe’s dependence on Asia, and which also makes it possible to test such a system in collaboration with regular customers (eg hospitals, rest homes,…).

risk management, strictly speaking – success factors of support

admin

Author: Manu Steens

An organizational structure , a decree or law, (a) (some) measure (s), … must be supported to succeed. To be supported, they must be recognized. (I have no criterion to say in which cases this model is all relevant, for that a study should be done of successful and failed business in hindsight.)

Recognition in itself, however, is based on four success factors:

  • legitimacy,
  • cohesion of the target group due to proximity with civilians / the employees of the organisation,
  • effectiveness with purpose and perseverance,
  • authority.

These four pillars are interdependent. If you remove one leg from the table, the other legs will come along and the table will fall. So you cannot actually view them as independent. For the sake of the further discussion, I do that here anyway.

One thing that seems to be clearly supported is the EU regulation of the GDPR. Something that does not seem to be supported is the Brexit . Let us therefore illustrate these two things with this idea.

Success factors of support applied to the GDPR.

  • Legitimacy: The GDPR legislation was imposed by the EU and applies to all EU countries for implementation
  • Cohesion of the target group through proximity : The EU countries are interdependent because they are related to the EU, but also because they have free movement of people, which implicates that they can enjoy similar legislation despite traveling in the EU. At the same time, the EU is for the most part a coherent whole, as a result of which the countries are coherent in terms of supporting the legislation. Proximity is perhaps best illustrated by the fact that EU citizens have recognized the legislation as something that concerns them very much. It belonged very quickly to the
  • Effectiveness: A true barnum advertising has been conducted for the GDPR, pointing out that this legislation applies to the citizen. This was so effective that the people of the EU and the organizations are aware of their rights. And in the very short term jobs have been created: eg. lawyers specializing in GDPR but also DPOs, courses, …
  • Authority: There is also a place in the legislation itself for punitive measures in case of non-application of the law by the organizations in the EU. Also, auditing capabilities were provided. Partly as a result of the possible effect of the hammer, many organizations applied the law, and there was a great sense of “doing something about it”.

Conclusion: due to the barnum advertising, this legislation was strongly founded on these four success factors, so that it could actually only succeed.

Success factors of support applied to the Brexit .

  • Legitimacy: It came about through an unclear referendum with a majority “behind the comma”. There is total division within and across the political parties and within the people. The British Prime Minister was therefore completely in a gap of uncertainty. None of the proposals from the EU or the British themselves was accepted by a clear majority.
  • Cohesion: The British are divided. The votes for and against are neatly divided and without clear coherence. Many people, together with their politics, attach great importance to their sovereignty. Others opt for the possibilities that a cohesive Europe together with the British could mean. The connection is lost. The division is down to the granular level of the population.
  • Effectiveness: Due to a great deal of uncertainty, all proposals about the Brexit in a reasonable manner were As a result, it is regularly postponed. As a result of that, it is unclear how, if and when the Brexit will be a fact.
  • Authority : The Brexit could turn out differently from day to day in a new referendum. There is also a difference of opinion between, for example, the Scots and the rest of the British. In addition, the British regularly state the historic words of Churchill that “GB is with the EU but not of the EU”.

Conclusion: The Brexit cannot be called a success .

Exponential Organizations

admin

Authors: Salim Ismail; Michael S. Malone; Yuri Van Geest

Humanity has been busy with productivity since time immemorial. Production provided people with scarce resources that were / are worth a lot due to their scarcity. In the last decade, the Internet has come to the forefront, including the concept of “Creative Destruction” and “disruptive technology”. The big companies usually thought about the Internet 15 years ago as “something that is a phenomenon of time”. Nowadays, after an explanation about exponential organizations, they realize that the internet is a phenomenon that is the beginning of everything.

But what are they, those “Exponential organizations”?

It is usually small organizations that make use of the latest technology to come up with new solutions for market demands, for which solutions sometimes already exist. Through the new application they conquer the market in a very short time, in an exponential way. Examples include smartphones and tablets, which have given the photography and the paper newspaper world a problem.

The “nice thing” about this phenomenon is that because technology has become common good, an adolescent in a garage can do an invention that can turn the world of a gigantic company with thousands of employees upside down in a very short time.

That is why it is important that all organizations transform themselves into exponential organizations and tackle themselves disruptively. Because if they do not do it themselves, someone else will. Hence disruption as a means to do risk management and business continuity.

In the book, which is the result of a study by SU (Singularity University), the authors give a number of points of interest. These are given by the mnemonics MTP, SCALE and IDEAS.

Very important is that in contrast to large monoliths the small ExOs are very Lean and Mean organized. The book does not go very deep on this, but large monoliths can also benefit from their advantages by collaborating with existing ExOs or by creating ExOs at the borders of their organization.

Explorations in Monte Carlo Methods

admin

Undergraduate texts in mathematics.

Authors: Ronald W. Shonkwiler and Franklin Mendivil.

The Monte Carlo method is a technique for analyzing phenomena by means of computer algorithms that use random numbers. This method basically owes its existence to the existence of computers.

In this book the authors give an introduction. It is a book of examples, with every step that is made in theory. In their book, they use the Matlab product to develop program examples, although other programming languages ​​(C, C ++, Pascal, Delphi) can be called just as suitable or more suitable. This approach with program examples makes it very tangible for exact scientists.

Monte Carlo techniques are useful in a wide variety of domains: from estimates of the number Pi, on calculations of mutations in cells, to the running of financial risks when playing in casinos or the evolution of the market.

This book is a very general book for the introduction to Monte Carlo, in the sense that it gives no advantage to a certain type of subject. Although it is a very good book to have a general idea of ​​how Monte Carlo can be used in all kinds of fields, it is not a book that you immediately benefit from as a risk manager. The application of Monte Carlo in the case of machine breakdown, or in financial decisions at a high level is not discussed. This requires more specialized literature.

But as didactic introductory mathematical work to know exactly what Monte Carlo techniques are capable of, it is definitely recommended. If you pass through this book, you are still more layman than specialist, but you are no longer an absolute beginner. You get an idea of ​​the importance of the central limit theorem, and of the Markov chains, and a whole bunch of other things.

For managers who have not enjoyed mathematics for a long time, I have the following advice: try it, your experts might even appreciate it. But if you are lost: no worries, there are still mathematicians out there who are happy to look after your case.

Implementing Enterprise Risk Management

admin

Editors: Fraser; Simkins and Narvaez

This 650-page book is intended to be a textbook / exercise book, which I believe can be used in a Bachelor’s program for Enterprise Risk Management. It consists of 35 chapters, actually 35 stories, each of which is completed with a questionnaire as a guide for a discussion by a team of students. It is accompanied by another book, namely “Enterprise Risk Management – today’s leading research and best practices for tomorrow’s executives”. The latter is the associated theory book.

Does this mean that you must have to read the theory book first? Not if you already have a good basic knowledge of ERM.

The following items from this book are most memorable to me:

  • The PAPA model of LEGO: Park, Adapt, Prepare and Act. The aim is to determine the overarching strategic response based on how quickly things change in a scenario with respect to the probability that a scenario occurs.
  • The determination of the Risk Appetite based on 7 questions:
  1. How much risk do we think we take now? (Risk perception)
  2. How much risk do we actually take? What evidence do we have? (Risk exposure)
  3. How much risk do we usually like to take? If this is less than under point 1. then we do not feel comfortable. (Risk propensity / culture)
  4. How much risk can we take on / safely? (Risk capacity) This must be greater than under points 1., 2. and 3.
  5. How much risk do we think we should take? (Risk attitude)
  6. How much risk do we actually want to take? (Risk appetite)
  7. How can we implement measures and limits within the processes, products and business units to ensure that our total risk appetite is not exceeded? (Risk limits)
  • What UW (University of Washington) decided about their ERM Model:

    • Assess the risks in the context of the strategic objectives, and identify the interrelation of risk factors throughout the institute, not just for each function exercised.
    • Handle all types of risks: compliance, financial, operational, and strategic.
    • Grow a general awareness that allows individuals to focus their attention on risks with a strategic impact.
    • Improve and reinforce UW’s culture of compliance, while protecting the decentralized, collaborative entrepreneurial orientation of the institute.

  • Three lines of defense of the TD Bank: 1) the business and the accountants, 2) setting standards and challenging business to improve their governance, as well as their risks and control groups their responsibilities and liabilities, and 3) a independent internal audit.
  • The ERM objectives of Zurich Insurance Group:

    •     Protect the basic capital so that the risks that are taken do not exceed the risk tolerance.
    •     Improve the value creation and contribute to an optimal risk / return profile.
    •     Support decision-makers with consistent, timely and correct information about the risks.
    •     Protecting the reputation and brand through a healthy culture of risk awareness and a disciplined and informed risk-taking.

This is just a small sample of the valuable examples that the book displays.