Interviewing stakeholders Typically two categories short answer surveys and

Interviewing stakeholders typically two categories

This preview shows page 36 - 41 out of 111 pages.

Interviewing stakeholders:Typically two categories: short-answer surveys and open-ended interviews. The former is most appropriate for gathering aggregate data during workshops. The latter can provide a fuller and more contextualized discussion of risk issues. Polling a large group of personnel requires a standardized question/answer template while the detailed input of senior executives and board members is best captured by open-ended questionsAs part of setting the context, a communication strategy, interview tools (questionnaires, polling methods, and Risk Assessment Templates) should be established.2. Gather available data (internal and external):Business plans, strategic plans, corporate KPIs, stakeholder reportingIndustry surveys/views, benchmarking, event histories, 10K reportsSWOT and similar economic and environmental analysisEarly warning reporting and monitoring reporting of risksStress and scenario testing (internal and regulatory required)Research and government outlook reports (eg. BIS Annual report)
Background image
MONASHBUSINESSSCHOOL37Example:- Lockheed Martin, Engaging Management in Risk Identification3 methods of internal data gathering :One-on-one Free Form InterviewsElectronic surveys (similar questions, wider spread)Workshops and feedback sessionsOrganise information using a risk taxonomy (58 categories)Easier to collate, analyse and reportSelf identificationConsistent New risk identificationEmerging risks and monitoringBenchmarking with external surveysFeedback into interviews
Background image
MONASHBUSINESSSCHOOL38The Risk TaxonomyAn essential part of the communication strategy supporting the risk identification step, is to adopt, at the outset, a common language of risk that is tailored to the business practice of the organisation that can be applied across all activities. This is necessary to avoid confusion when it comes to identifying risks.The taxonomy describes what risks and how they are defined.In general, there are two methods:- Root Cause MethodImpact MethodRisks are classified by root causeRisks are classified by impact on the business / financial statementsPro: Assists management identify and treat the riskPro: May be required for regulatory reporting and capital measurement (eg. Basel II)Con: Competing root causes Con: Does not assist root cause identification
Background image
MONASHBUSINESSSCHOOL39The Risk Universe – An Illustrative Taxonomy of Risks from EYNote: organisations will create their own taxonomies
Background image
MONASHBUSINESSSCHOOL40The Risk RegisterA risk register is a central inventory that catalogues various risks and, for each one, its type, origin, prevention tactics, mitigation options and potential countermeasures. It contains the identification, assessment and mitigation outcomes.
Background image
Image of page 41

You've reached the end of your free preview.

Want to read all 111 pages?

  • Three '16
  • risk principles

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture