Simplifying Risk Management An Evidence-Based Approach to Creating Value for Stakeholders

Introduction

1. Risk in the Context of Organisations
2. Trends in Risk Management
3. Bridging the Gap Between Academics and Practitioners
4. Terminology, References and Structure

Chapter 1: What do we Mean by Risk?

1. Upside and Downside Risk
2. Risk vs Uncertainty
3. Risk to Whom?
4. Reconciling Conflicting Interests
5. Risk Measures
6. Categorisation of Risks
7. Summary

Chapter 2: Why do we try to Manage Risk?

1. Improving Expected Outcomes
2. Reducing The Likelihood of Extreme Events
3. Reducing Variability in Outcomes
4. Demonstrating Good Corporate Governance
5. Compulsion
6. Why do we not Manage Risk?
7. Empirical Evidence
8. Summary

Chapter 3: Risk Management Systems

1. Integrated Risk Management
2. Implementation of Integrated Risk Management Systems
3. ISO 31000
4. Risk Displacement and Risk Compensation
5. Summary

Chapter 4: Scope, Context and Criteria

1. Agreeing Risk Criteria
2. Ownership and Delegated Authority
3. Justifying Resources
4. Summary

Chapter 5: Risk Assessment

1. Risk Identification
2. Risk Analysis
3. Summary

Chapter 6: Risk Treatment

1. Risk Treatment Example
2. Combining Risk Treatments
3. Recording and Reporting
4. Summary

Chapter 7: Measuring the Effectiveness of Risk Management

1. Measuring the Effectiveness of Individual Risk Treatments
2. Estimating the Mitigating Effect on Major Disruptions
3. Evaluating the Success of Implementation
4. Quantifying the Overall Impact of Risk Management Programmes
5. Taking A Pragmatic Approach to Measurement
6. Summary

Chapter 8: Underlying Themes and Summary

1. Is a Quantitative Approach Really Practical?
2. How Does Strategy Link to Risk?
3. Where Does Risk Management Belong in the Organisation?
4. Crises and Black Swans
5. Applicability to the Public and Not-for-Profit Sectors
6. Would any of This Have Made a Difference in the Covid-19 Pandemic?
7. Summary of Key Ideas

Annex A: Risk Return Relationships in UK Listed Companies

1. Data
2. Results
3. Discussion

Annex B: The Impact of Covid-19 on FTSE 100 Share Price

1. Data
2. Results
3. Discussion

Annex C: Alternative Numerical Example

1. Risk Criteria
2. Risk Analysis
3. Risk Treatment

Annex D: Some Useful Sources of Risk Information

1. Information Security
2. Natural Disasters
3. Other

Biography

Patrick Roberts is a Principal Consultant in the Climate and Resilience team at Verisk Maplecroft. In this role Patrick advises clients globally on all aspects of organisational resilience.

Prior to joining Verisk Maplecroft, Patrick was a director of Cambridge Risk Solutions. Over the course of fifteen years, he assisted the whole spectrum of organisations, from micro businesses and small not-for-profits to large corporations and government agencies, to manage risk and resilience more efficiently. In particular, he developed extensive experience in the implementation of business continuity management and information security management systems. He also designed and delivered a wide range of crisis management training and exercises to clients including hospitals, airports and universities. He is a Fellow of the Institute of Strategic Risk Management and has a PhD from Nottingham University Business School.

Before embarking on a career in risk management, Patrick had a varied career including various project and line management roles in the engineering industry and serving as an Infantry Officer in the British Army. Patrick was also a director of British Weightlifting from 2015 to 2019.

"The author provides a comprehensive story that radiates a better understanding of organisational risk, through to the motivations for managing risk and its application in practice. The connectivity of these aspects is profound and enables such an approach to be defensible and more likely to stick in practice."

Peter Noble, Chief Operating Officer, Newcastle Health Innovation Partners.

"With a practitioner approach to risk management, Patrick brings what can be seen as a compliance obligation into ways of working that in my experience have added genuine value to management team business planning and collaboration."

Matt Margereson, Chief Operating Officer, Hotel Chocolat.

"Patrick Roberts ’s practical sense backed by sound academic research has gone a long way to embed risk management into many organisational cultures. To the surprise of many this has been achieved without the need for costly software or bureaucratic form filling and the ultimate nightmare of the risk management tail wagging the management dog. This book, for the first time, challenges accepted wisdom on risk management and takes it out of its silo and places it squarely into mainstream management where it truly belongs."

Mike Stephens, formerly Director of Safety, Security and Resilience, the Medical Research Council.

"What is offered is a light bulb moment in collating and translating all the theory into a practical next level Risk Management solution. More than an expert opinion, but an expert solution; integrating risk assessment and mitigation within a structured process. This approach has already added value to the business in dealing with COVID disruptions and associated Global Supply Chain issues."

Malcolm Watling, Group Sourcing Director, Domino Printing Sciences.

"Risk is mismanaged by most organisations from project selection through to completion. We all know of failed projects which have been buried and careers destroyed; and highly successful projects which rewarded executives but were, in reality, just an extremely lucky punt. Patrick’s quantitative approach to risk management allows organisations to assess managers’ performance based on the quality of their decision making rather than short-term results."

Sean Blackburn, fixed failing projects whilst at McKinsey and now growing businesses as an executive within global organisations.

"I have had the pleasure of working closely with Patrick on a number of projects over several years. His professionalism, depth of knowledge and pragmatic approach when communicating the strategic requirements when reviewing a business continuity plan and the various considerations when analysing the impact on the business.

"This book clearly explains Patrick’s unique approach to risk management, drawing on his years of practical experience in implementing business continuity management and information security management systems for clients. In doing so, it goes well beyond the details of how to do risk management; to explore the fundamental questions of why we are trying to manage risk and how we can measure if we are delivering value for our stakeholders.

"This is a must-read book for any CEO or board level executive involved in risk management."

Dave Watson, Group Head of Property, Facilities Management and Fleet Operations, JLA Group

"A truly engaging, insightful and refreshing examination of the approach to risk management. An invaluable text for academics and practitioners alike to consider risk management techniques differently to bridge the gap between theory and application. Patrick uses his vast experience and extensive research to present a compelling and innovative case, with the focus on simplifying the process and placing return on investment at the heart of the decision-making process, driving efforts to truly manage risk to the benefit of all organisational stakeholders"

Head of Corporate Security UKI & EMEA, Financial Services

"In this well-timed work, Patrick Roberts uses his extensive practical experience of risk management to offer a pragmatic look at the topic, offering organisations and the groups within these organisations a different and more tangible perspective. It's a refreshing take on the why, the how and (crucially) the return on investment of risk management for leaders and managers at every level within ‘everyday’, relatable organisations."

Rupert Johnston, Director, Risk & Resilience Ltd and Specialist Member of the Institute of Risk Management.