The Construction Feeds
Home Guest Articles Organization Cultures for Development

Construction & Business Source

Risk Management in Organisations

Date. 1st January 2022


Different organizations have laid down principles for risk management. There are risk management principles by international standardization Organization ISO and Project Management Body of Knowledge. PMBOK The Project management body of knowledge. PMBOK, has laid down twelve principles. In his article both PMBOK and ISO principles are incorporated. With an overview, risk management is the process of minimizing or mitigating the risk. It starts with the identification and evaluation of risk followed by optimal use of resources to monitor and minimize the same, the benefit of organisations. Risk generally results from uncertainty. In organizations this risk can come from uncertainty in various ways such as market place, demand, supply and Stocks, Failure of projects, accidents, natural disasters etc. There are different tools to deal with the same depending upon the kind of risk exist.

Principles in Risk Management for Organizations

Context Every organization is affected to varying degrees by various factors in its environment Political, Social, Legal, Technological and Societal. For example, an organization may be immune to change in import duty whereas a different organization operating in the same industry and environment may be at a severe risk. There are also marked differences in communication channels, internal culture and risk management procedures. The risk management should therefore be able to add value and be an integral part of the organizational process.

Involvement of Stakeholders The risk management process should involve the stakeholders at each and every step of decision making. They should remain aware of even the smallest decision made. It is further in the interest of the organization to understand the role the stakeholders can play at each step. Organizational Objectives When dealing with a risk it is important to keep the organizational objectives in mind. The risk management process should explicitly address the uncertainty. This calls for being systematic and structured and keeping the big picture in mind. Reporting In risk management communication, it is the key. The authenticity of the information has to be ascertained. Decisions should be made on best available information and there should be transparency and visibility regarding the same.

Roles and Responsibilities

Risk Management has to be transparent and inclusive. It should take into account the human factors and ensure that each one knows it roles at each stage of the risk management process. Support Structure This underlines the importance of the risk management team. The team members have to be dynamic, diligent and responsive to change. Each and every member should understand his intervention at each stage of the project management lifecycle. Warning Indicators Keep track of early signs of a risk translating into an active problem. This is achieved through continual communication by one and all at each level. It is also important to enable and empower each to deal with the threat at his/her level. Review Cycle Keep evaluating inputs at each step of the risk management process. Identify, assess, respond and review. The observations are markedly different in each cycle. Identify reasonable interventions and remove unnecessary ones. Supportive Culture Brainstorm and enable a culture of questioning, discussing. This will motivate people to participate more. Continual Improvement Be capable of improving and enhancing your risk management strategies and tactics. Use your learning’s to access the way you look at and manage ongoing risk.

Risk Response Planning

A risk treatment is mandatorily a part of an effective risk management plan. The plan here means how you respond to the reported potential risks. It details on strategies on how to deal with the various risks, low or high, acceptable or unacceptable. The plan also outlines the role and responsibilities of the team members.

Literally speaking, risk treatment also known as risk control, is that part of the risk management where decisions are made about how to deal with risks either in the external or internal environment. Various options like risk reduction, risk avoidance, risk acceptance and risk transfer. Before you embark on risk treatment there is something called as risk response planning that needs to be taken care of. It is explained in detail below. Risk response planning no doubt is an integral aspect of risk treatment. The planning covers discusses and evaluates inputs like risk register, risk profiles and cause control matrix. Strategies are formulated and documented in this stage.

Four Different Risk Strategies

The following four different strategies are discussed upon. Avoiding Risk. Risk avoidance requires identification of the risks first and foremost. This can be achieved through previous project experiences and histories. An analysis is then made upon those that have a tendency to arise upfront at project initiation. Then finally a course of action is arrived upon after assessing the relative impact of the risks. Transferring Risk. Risk transfer is one of the better means to dilute the impact of the risk. In project management as in finance a risk is often transferred to a third party. It only means the impact of risk is diluted to an extent that event or activity or project for that matter does not suffer a body blow.

It also means that a special team outside of the project that bears the impact of the risk. Reducing Risk. Risk mitigation is a control process that essentially stops a risk before it starts making an impact and bringing it to an acceptable level. Often a contingency plan is put in place to prevent the risk. Accepting Risk Finally, there are certain risks that are unavoidable. This strategy is the best when the risk is low. But there has to be a due plan for the same such as determining when the project will be exposed to the risk and making small adjustments accordingly. A risk that is acceptable can be considered passive since no action at all is taken upon the same. By the end of risk response planning various risks and the corresponding strategies are documented. A risk register is ready that contains all details such as the time of occurrence, priority and the people involved in handling the risk. The risks have already classified as either internal or external. Relevant risks are assigned to relevant stakeholders accordingly.


Risk management is a significant expense for any company. There are several skilled professionals that need to be recruited and maintain in order to ensure that the risks inherent in the business are being mitigated efficiently. The expense can be significant. This expense is often a deterrent for smaller firms to not implement risk management. However, the larger firms understand that the value created by risk management activities far outweighs the costs.

Risk Management in Organisations
Jewel Cameron Sign


Construction- Quantity Surveyor- Valuer/ Appraiser. Project Management

37 PattensenTurkeyen, Dennis Street, Georgetown, Guyana