Implementing an effective risk management strategy based upon knowledge Peter Scott
PETER SCOTT CONSULTING What is Risk? “Chance of bad consequences” The concise Oxford Dictionary
PETER SCOTT CONSULTING What is Knowledge? “The sum of what is known” The concise Oxford Dictionary
PETER SCOTT CONSULTING Risk Management Knowledge Management An integrated strategy
PETER SCOTT CONSULTING Law Firm Risks People Operational Regulatory IT Competition /business Economic, political, fiscal Financial Asset Reputational Management
PETER SCOTT CONSULTING Risk/KM Risks are inter-related Failure to manage knowledge involves widespread risk KM is an essential part of an integrated risk management strategy
PETER SCOTT CONSULTING Example: Reputational Risk Operational People Regulatory IT Competition & Business Markets Economic, Political & Fiscal Financial Assets Interaction with Knowledge/KM?
PETER SCOTT CONSULTING Law Firm Risks People Operational Regulatory IT Competition /business Economic, political, fiscal Financial Asset Reputational Management
PETER SCOTT CONSULTING Management Risks Is your management in control of its knowledge and managing your risk?
PETER SCOTT CONSULTING Your Risks? Where does the knowledge relating to your risks reside? Can you access it? Can you capture it? Can you maintain and upgrade it?
PETER SCOTT CONSULTING Implementing a Risk Strategy DIAGNOSIS Identification and assessment MITIGATION Control, transfer and avoidance MONITORING Tracking and reporting When a risk crystallises LIMITATION Minimising the effect of crystallised risks
PETER SCOTT CONSULTING Risk Identification Involves: Being management driven Brainstorming Facilitated discussions Questionnaires Top down/bottom up
PETER SCOTT CONSULTING Risk Diagnosis Assess severity of high-level risks Identify high level risks Set criteria for assessing risks Identify detailed risks Assess severity of detailed risks Risk map Risk summary
PETER SCOTT CONSULTING Risk Assessment Incidence - probability Impact - severity
PETER SCOTT CONSULTING Risk Mapping
PETER SCOTT CONSULTING Risk Mitigation Designed to: Reduce Avoid Accept Transfer
PETER SCOTT CONSULTING Risk mitigation Risk map Risk summary Consider impact/probability correlation Required controls summary Insurance requirements summary Contingency plan requirements Residual risk summary Consider available mitigation techniques
PETER SCOTT CONSULTING Monitoring involves Tracking and reporting Comparing actual outturns to preset indicators Confirming effectiveness of risk responses Reporting compliance and exceptions
PETER SCOTT CONSULTING Risk monitoring Required controls summary Contingency plan requirements Insurance requirements summary Set risk indicators and methods to monitor them Annual Risk Management Report
PETER SCOTT CONSULTING Limitation involves Risk crystalisation scenarios Contingency plans Limitation procedures Post event assessment
PETER SCOTT CONSULTING Use of IT Use an integrated risk management system to quantify, assess and control risk by : streamlining diagnosis, mitigation and monitoring embedding common risk management procedures providing information access to all who need it creating and maintaining one central, up to date risk database
PETER SCOTT CONSULTING Example – Risk Summary – an overview of risks
PETER SCOTT CONSULTING Example – Detailed Risks
PETER SCOTT CONSULTING Example - Controls
PETER SCOTT CONSULTING Example - Questionnaires
PETER SCOTT CONSULTING Example – Final Evaluation
PETER SCOTT CONSULTING Advantages of a formal risk management process? Structured approach focuses on key risks Elimination of redundant procedures Comfort / assurance to PI insurers Universal application to all risk areas Continuous monitoring ensures management of risk is “lived” day to day
PETER SCOTT CONSULTING Risk/KM Risk Management Knowledge Management
PETER SCOTT CONSULTING Implementing a Risk Strategy DIAGNOSIS Identification and assessment MITIGATION Control, transfer and avoidance MONITORING Tracking and reporting When a risk crystallises LIMITATION Minimising the effect of crystallised risks
PETER SCOTT CONSULTING Any questions?