Edward Chao

Dear James 
I agree with your comments. In fact,the buyer of the contract generally retains legal responsibility for the losses "transferred", meaning that insurance may be described more accurately as a post-event compensatory mechanism. The best risk transferred is the one you don't have to begin with, but you have to take continuous care on it.

Thanks for your comments.

Edward

• Like(0)
• Delete

Guan Seng Khoo, PhD

That's why I prefer to use the term risk mitigation or response (which may not necessarily mean the risk can be totally eliminated) because in reality you can't really transfer risk (as risk is like energy) - it merely transforms into another form of risk, unless you are no longer the owner (or have the exposure anymore)!

• Unlike(2)
• Reply privately
• Report spam

Edward Chao

Dear Guan Seng Khoo, 
Perhaps, risk mitigation or response is a better term to explain the meaning of "Risk Transfer", thanks for your comments in this issue.

Sincerely, 
Edward.

• Like(1)
• Delete

Guan Seng Khoo, PhD

Gam sia, Gam sia! I'm Hokkien (by dialect). Keong Hee Huat Chye!

• Like(0)
• Reply privately
• Report spam

Donald J. Riggin, CPCU, ARM

Folks, while I like philosophical discussions as much as the next guy, let's temper that with a dose of old fashioned horse sense. Guan Seng Khoo (above) said, "in reality you can't really transfer risk." I respectfully disagree. In reality, risk is transferred all the time. In theory, (as in quantum physics), risk may or may not be transferred. Or, it might be both transferred, and not transferred at the exact same time! (Was this one of Zeno's 4 paradoxes? Probably not.)

"Risk transfer" is the only reasonable and acceptable description of the insurance transaction. It means moving a risk of financial loss, of whatever quantity or quality, from one balance sheet to another balance sheet. Moreover, the transaction is memorialized in a contract commonly accepted by both parties - the insurance policy.

Yes, technically the transferred risk still lies with the policyholder, but in law that plays no part whatsoever. When counterparties (insurer and client) are engaged in a legal dispute, the notion that the client technically retains the risk is ignored for good reason. The payment of premiums (consideration) as prescribed by the contract issuer (insurance company) renders this technical argument moot for lack of applicability and materiality.

Of course the insurance company could go bankrupt; technically, the insurer is a credit risk to its customers, but the likelihood of that occurring is usually extremely low. And even with enormous amounts of counterparty/credit risk, the transaction is still one of risk transfer; the quality (or lack thereof) of the risk-taking party doesn't change that fact. It might be a bad risk transfer, but a risk transfer it remains. Remember, counterparty risk is a matter of credit risk management, that's all. If the risk transfer fails for one reason or another, the risk holder will deal with it.

The term, risk transfer, has been used in US Tax Court and US Supreme Court cases to describe an important concept. Risk transfer and risk distribution, are the generally accepted circumstances required for an insurance transaction to exist. (Insurance is not defined in US law.)

Finally, 2 of the above posters said this: "the best risk transferred is the one you don't have to begin with." Huh? If you're right, every business in the world should cease operations, because that's the only way to not have a risk to begin with. I could go on…

• Like(0)
• Reply privately
• Report spam

Edward Chao

According to businessdictionary website said that there have two definitions on "Risk Transfer"

* management strategy in which an insurable risk is shifted to another party (the insurer) by means of an insurance policy.

* shifting through non-insurance means, such as a warranty. See also transfer of risk rule.

(http://www.businessdictionary.com/definition/risk-transfer.html#ixzz3TkiQV3Mc)

"Risk Transfer" had been commonly accepted in the underlying tenet behind insurance transactions. The purpose of this action is to take a specific risk, which is detailed in the insurance contract, and pass it from one party who does not wish to have this risk (the insured) to a party who is willing to take on the risk for a fee, or premium (the insurer).


For example, whenever someone purchases home insurance, he or she is essentially paying an insurance company to take the risk involved with owning a home. In the event that something does happen to the house, such as property damage from a fire or natural disaster, the insurance company will be responsible for dealing with any resulting consequences.

Risk transfer is a risk management and control strategy that involves the contractual shifting of a pure risk from one party to another. One example is the purchase of an insurance policy, by which a specified risk of loss is passed from the policyholder to the insurer. Other examples include hold-harmless clauses, contractual requirements to provide insurance coverage for another party's benefit and reinsurance. When done effectively, risk transfer allocates risk equitably, placing responsibility for risk on designated parties consistent with their ability to control and insure against that risk. Liability should ideally rest with whichever party has the most control over the sources 
of potential liability.

In addition, in today's financial marketplace, insurance instruments have grown more and more intricate and complex, but the transfer of risk is the one requirement that is always met in any insurance contract.

According your recognition, the term, 'risk transfer' has been used in US Tax Court and US Supreme Court cases to describe an important concept. Risk transfer and risk distribution, are the generally accepted circumstances required for an insurance transaction to exist. I fully understand and agree. In our normal life, risk transfer is occurred in transaction behavior, the transaction is still one of risk transfer; the quality (or lack thereof) of the risk-taking party doesn't change that fact. We can understand that 'risk transfer' can be viewed as the reduction of risk to a position by buying an insurance policy or taking an offsetting position. For example, a person may reduce the risk of loss due to medical expenses by buying health insurance. Likewise, a person may reduce the risk of loss to a long position by entering an equal but opposite short position.

I'm very appreciated with your professional viewpoints. Thanks for your comments about this issue,

Sincerely, 
Edward

• Like(1)
• Delete

Guan Seng Khoo, PhD

Thank you both. As long as all of us are comfortable with the "local" definition, without getting too detailed or preoccupied with the semantics, e.g., often CDSs create the illusion of risk "transfer", when in reality, risk transformation has its unintended consequences................, I'm happy to agree and disagree!

• Like(1)
• Reply privately
• Report spam

Donald J. Riggin, CPCU, ARM

Indeed, an interesting discussion. At the end of the day it's just semantics, as Guan Seng Khoo has observed. I'm quite familiar with the non-insurance methods of transferring risk, but I think that risk transfer, regardless of technique, is just one thing: Moving negative financial outcomes from one party to another.

Think of the concept of risk having 2 separate and distinct properties, (1) potentially negative financial outcomes, and (2) one of the consequences of life: business activities, property ownership, driving a car, crossing the street, getting out of bed, and so on. All we can do is mitigate some of the negative financial consequences; insurance being the most prevalent risk transfer tool. The first property of risk is binary; the risk is either retained or transferred. Even the most onerous legal disputes between insurer and client as to whether or not a loss is compensable eventually settle if favor of one of the two litigants, (except Jaundyce v. Jaundyce).

Regarding the illusion of risk as mentioned above; it's an illusion because in reality some risk transfer schemes are just as likely to fail as to not fail, such as a CDS. But a CDS, just like an insurance policy, does indeed transfer the financial consequences of risk to a counterparty, but its value as a risk transfer tool is a matter of degree. Compared to the security available through a highly rated insurance company, a CDS's volatility and susceptibility to market risk greatly reduces its efficacy as a pure risk transfer tool. If the risk transferor isn't aware of this, well, that's his problem.

• Unlike(3)
• Reply privately
• Report spam

Guan Seng Khoo, PhD

Thanks, Kathryn, that's what I was alluding to in my CDS' comment, together with the roles played by monolines, e.g. AMBAC, etc.

• Like(0)
• Reply privately
• Report spam

James Andrae

Donald, very solid legal points. I love a good philosophical discussion. It is as always a matter of semantics and perspective. Our experiences may be different, I don't believe it makes either of us more right or wrong. It does however open the mind to other perspectives which is always a good thing.

Insurance while a risk transfer mechanism actually creates other risks as you alluded. Credit, Legal, Cost, Timing. Kathryn above raised very important valid points. Perspectives, agendas, rorts, etc.

Risk Management should always try to minimise reliance on the legal process if things go wrong. (This is why I spend way too much time analysing contracts). While the process marches along, in the meantime a company may be seriously negatively affected, face bankruptcy at the extreme, share price fluctuations, credit downgrades etc. Bonuses not paid, people fired. 
It always becomes a matter of size of the insurance claim, 100K not much of a problem, $100M is often open to "debate" in the court system. My experience is that CEOs and Boards don't like the court process and always look for heads to roll.

From a risk management perspective that's not good enough because of the domino effect on business' other activities that assume cash flows will be made whole in the proper time. Very few companies have a few "lazy" hundred million just hanging around. I repeat the best risk you have is the one you don't have and there are numerous examples from physical power plants to the financial markets. 
In the financial markets, peculation aside, hedging can cause new and some unforseen linked risks. There is a famous issue now about a company being trading a commodity and having 40 - 50% of the liquidity in that market. They got it right, but could not get out of their trades. Greed. The best risk is the risk you don't have. Don't expect the market to accept losses when you are the major provider of liquidity. Stick to a lower threshold. If a company is that big that it needs 50% of the market liquidity then it need to review its operational risk management to account for the lack of reliance on the market hedges.

The GFC and Asian Crisis were in essence, liquidity and counterparty credit issues on the whole.

Power plants often have unexpected failures, these are insurable events. The major condition is the proper maintenance of the plant. One man's process is another man's negligence. We can understand that the insurance company will rightly want to verify everything before maybe paying. There are cases where a 1 week shutdown took 2 years and longer to pay. The claims are mostly for physical damage and financial loss. This could easily climb to $100M+ depending. Repairing a power plant may cost $5M the losses on a SWAP could be any amount perhaps a further $95M. No COB is keen on this sort of risk. 
The best risk is the one you don't have. Solution don't over commit power plant transaction SWAPS such that if it failed apart from the burden of repairs you will also have the financial SWAP payments to make. There is nothing lost except for speculative revenue and that could go either way. 
Building infrastructure creates volumes of possible risks to the owner. Power plants can be built by the power company or by an external engineering firm. This transfers most of the risks but some do remain. Two major risks are that the generator will not work to specifications, or be completed on time. The power company contract specifies Ts&Cs that if not met they simply don't accept the new generator. So the "lemon" risk as well as others are not theirs. The best risk is the one you don't have. 
While your points are valid Market Risk Managers do not live in a post risk world but in a pre risk world.

• Unlike(2)
• Reply privately
• Report spam

James Andrae

It took some companies over 7 years to get paid 6c on the dollar after Enron failed. Reliance on the legal system, while just, did not make the participants whole. Insurance failures were kept commercially private so we will never know if the losses were covered or not. The best risk you have is the one you don't have. When the CEO and CFO of a fortune 50 company resign suddenly. Smart risk managers closed out positions and watched the debacle with amusement and got bonus. 
If entering into a trade with a counterparty is reliant on a CDS for risk mitigation, then the best risk is the one you don't have. 1 don't enter into the trade to begin with. 2 Don't pay any bonus until the expiry or closure of the contract. Implement #2 and a whole lot of needless exposures are removed because the traders now have some skin in the game. 
You stated “If the risk transferor isn't aware of this, well, that's his problem”. In a perfect world with perfect knowledge maybe. The global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap. Blind hope because you can never see the true picture of the other counterparty, and, well, let’s leave the Credit Agency discussion to one side. It’s not only the illusion of risk but of transfer. The Transferors prior to the GFC had no idea who was really on the other end of the majority of the CDS deals. How was it their fault? 
Market risk managers understand these limitations and on the whole tend to limit exposures as much as possible. 
Of course you can't have no risks. You can even die in your bed sleeping. 
But you should understand the domino factors in all risks and come back with the trade off scenarios and limit these whenever possible. 
The point I think Edward is raising is to test whether risk managers understand that no risk is ever truly transferred or mitigated completely, so how do we live with that reality, post GFC. 
I am certain that if the Central Banks and Finance Ministers had not stepped into the GFC, the global meltdown could have sent economies spiralling worse than the Great Depression. That was the risk they did not want to have. 
They saved the world from calamity but also let some companies that could not be absorbed, fail. 
This was the wake up call. Edward is asking if we have altered our thinking since.

• Unlike(2)
• Reply privately
• Report spam

Edward Chao

Dear James, 
I'm very appreciated and respect that you always point out the key concepts and useful viewpoints within your comments on a issue. I got some hints and implications from your comments. I also agree with Donald's comments which said above, 'the concept of risk having 2 separate and distinct properties, (1) potentially negative financial outcomes, and (2) one of the consequences of life: business activities, property ownership, driving a car, crossing the street, getting out of bed, and so on. All we can do is mitigate some of the negative financial consequences; insurance being the most prevalent risk transfer tool.'

I fully agree that your comments which said that "the best risk you have is the one you don't have and there are numerous examples from physical power plants to the financial markets." In addition, the global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap.

In fact, the domino factors in all risks and come back with the trade off scenarios and limit these whenever possible. According to my recognition, risk transfer is a risk management and control strategy that involves the contractual shifting of a pure risk from one party to another. I sometimes discuss with the professional risk-control managers whether risk managers understand that no risk is ever truly transferred or mitigated completely but I find that some managers will ignore cultural and human factors which plays important roles in risk managements.

Thanks for Donald,Kathryn, Guan Seng Khoo, and your professional comments in this issue.

Thanks all of you with sincerity.

Sincerely, 
Edward

• Like(0)
• Delete

Kathryn M Tominey

Guan - don't "allude" use plain clear language to expose these frauds, ratings firms enablers and issuers too lazy to do their homework. The impact of naked CDSs unregulated, invisible thanks to Sen. Phil Gramm, Robert Rubin & Larry Summers leadership. At least Art Levine was man enough to admit, publically, that he was wrong to oppose Brooksley's efforts to just look at derivatives.

Buffett's latest letter really lays into the operators pushing transactions because fees are easy money.

• Unlike(1)
• Reply privately
• Report spam

Guan Seng Khoo, PhD

Kathryn, I've written one whole document and blogged on the issues in some of my publications & presentations in conferences for Riskbooks, etc. Hence, I merely don't wish to be long-winded here, esp. for readers who are familiar with the GFC. But, thanks anyway for raising it more granularly.

• Like(0)
• Reply privately
• Report spam

Syed Adeel Hussain,MBA

We as risk managers have to distinguish among Risk Controls, Risk Financing and Risk Retention Techniques. Risk Transfer is a Risk Financing Method, where you pay someone else to pay for your Unexpected Large Losses!

• Like(1)

Edward Chao

Dear Syed Adeel Hussain,

Your comments provide simple concepts but useful in understanding.

I'm very appreciated.

Edward

• Like(1)
• Delete

Edward Chao

Michael, Thanks for your comments. You provide the necessary considerations concerning about the appropriate risk controls and transfer.

Edward.

• Like(0)
• Delete

Michael Allocco, PE, CSP

Your welcome....

• Like(0)
• Reply privately
• Report spam

Kathryn M Tominey

Guan - how diplomatic you are, an excellent quality in risk mgt right up to when a 2x4 is needed to focus their attention.

Oh, am I using correct convention for the part of your name to address you?

• Like(0)
• Reply privately
• Report spam

Guan Seng Khoo, PhD

Well, Kathryn, I've always been guilty of making short commentaries on LinkedIn, and often inadvertently created "cross-communications across different frequencies" with other parties on other discussion threads. If I interpret you correctly - part of my Asian heritage, where tai ji is often practised - notice how Americans like boxing (more "push") vs the Japanese sumo (more "pull"). I practise a hybrid of push-pull with a bias towards "pulling"!!! Nice to make your acquaintance tho' as a fellow scientist - I was a computational chemist once upon a time!

• Like(0)
• Reply privately
• Report spam

Stjepan Anic

Yes, it's really an apostrriori compensation mechanism rather than a pure risk transfer, and my experiance has thought me that repeated clearifications of various terms used in finance and risk management is often needed in order to maintain an understandable big-picture-view of the subject.

• Like(1)

Syed Adeel Hussain,MBA

@Edward Thanks

• Like(1)

Edward Chao

Very thankful to Stjepan Anic & Syed Adeel Hussain, this issue is concerning about my research in risk managements, therefore, I pay more attention on this issue.

In addition, I'm very appreciated with James Andrae, who is a risk management specialist. His comments provide me more strategic implications and thinking methodology. I fully agree that James' comments which said that "the best risk you have is the one you don't have and there are numerous examples from physical power plants to the financial markets." In addition, the global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap.

Hoping you all can provide your comments and viewpoints into popular issues concerning about risk managements in risk managements online.

Thank you all.

Sincerely, 
Edward

• Like(1)
• Delete

Arslan Usmani CPPD MEnPrac MIEAU(RES,CES) MRMIA

Ed, risk sharing and transfer both are sometimes misleading. If a pipeline contractor misses the delivery on time and you lost your 1 day production, what you do, do we tranfer the risk to him (liquidated damage only) but is this enough to cover your production loss but what about your commitment and good will. If you share risk what percentage of time, resouce and cost you sharev in order to bring things to the agreed deadline.

• Like(0)
• Reply privately
• Report spam

Mohd Amirul Nazri Ismail RMP® GPM-b™

Good financial standing of insurance companies is essential when addressing the risk transferring process. It can be a secondary risk when insurers are reported having difficulties in processing and settling claim. Some Banks are very particular on this when they assessed proposed project financing and had incorporated this in condition precedents (CP).

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Dear Amirul Nazri, 
Very thankful for your comments on this issue.

Kind regards.

Edward

• Like(0)
• Delete

Jeff Elias, Ph.D.

I'd like to add that risk sharing can be very profitable for the group or association who are involved. 1st you need a good assessment audit as to the types of risks, organizations,the and firms' liquidity to qualify them to join the "association" risk pool. Using appropriate tools for assessment of the "potential" risks, can generate a cost savings, and structured properly as an "off-shore captive insurance association" (taking advantage of money hurdle rates) with streamlined, accurate and timely reporting, with effective claims management, training, and safety programs) could repatriate income back to the association in the form of reduced future premiums. As a note, off-shore domiciles have different "banking, LOC, liquidity, etc. requirements. These types of arrangements can also work for effective costefficient re-insurance markets, as well. Dr. Jeff Elias, Ph.D. HR & RM Consultant.

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Dear Jeff Elias,Ph.D.

I fully agree with your viewpoints that you have mentioned 'Using appropriate tools for assessment of the "potential" risks, can generate a cost savings, and structured properly as an "off-shore captive insurance association" (taking advantage of money hurdle rates) with streamlined, accurate and timely reporting, with effective claims management, training, and safety programs) could repatriate income back to the association in the form of reduced future premiums.'

Thanks for providing your comments.

Kind regards.

Edward

• Like(0)
• Delete

Edward Chao

According to my past studies,insurance is a both well-known and popular form of risk transfer to take into consideration, where coverage of a risk is obtained from an insurer in exchange for ongoing premiums paid to the insurer. Risk transfer can occur informally within family and community networks where there are reciprocal expectations of mutual aid by means of gifts or credit, as well as formally where governments, insurers, multi-lateral banks and other large risk-bearing entities establish mechanisms to help cope with losses in major events. Such mechanisms include insurance and re-insurance contracts, catastrophe bonds, contingent credit facilities and reserve funds, where the costs are covered by premiums, investor contributions, interest rates and past savings, respectively.

Edward

• Like(0)
• Delete

Marcelo Severino de Oliveira

In short, we need to beware, always an eye on possible risks before it happened. 
Because if all the losses are passed to insurers, there would be many insurers.

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Marcelo Severino Oliveira, 
Thanks for your comments.

Edward

• Like(0)
• Delete

David Wilson

We cannot be 'blind' to the need for our decision-making (and resultant actions) to be based upon information that is NOW accessible to us. 'Ignorance', due to a lack of the correct tools or techniques is understandable but, to ignore tools and techniques that enable informed decision-making, is beyond 'ineptitude'...an emerging GRC issue!

'Causal Relationships': operational interdependencies and interactions within and among organisations are the sources of emerging risk and opportunity but, if unidentified, can be amplified, cascade and spread far beyond the points of origin...and 'feedback' as threats: unrealised - as increased uncertainty or volatility; realised - as correlations in data (reflexive - after the event).

Unidentified and unmanaged risk does not dissipate, nor does the probability of occurrence, scale, duration or cost reduce...

• Like(1)
• Reply privately
• Report spam

Edward Chao

Dear Ned Robins, 
Very thankful to your comments about the issue "Risk Transfer" is often used in place of "Risk Sharing" in the mistaken belief'. I fully agree with your practical points concerning about "achieving things" and "paying for calamities".

The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can transfer a risk to a third party through insurance or outsourcing. In fact, when one takes out insurance one is not transferring any of the actual risk.

Commonly, I have met some investors and/or house owners who usually think their life could be measured by how much money they make and wealth represents their social status and success. Therefore, I have the same viewpoints with you that money should be seen as a means to some worth-while end, not an end in itself. Risk management should be a means to increase the probability of achieving something really worth doing.

Finally, I'm very appreciated with your viewpoints, and thankful to your comments.

Kind regards.

Edward.

• Like(0)
• Delete

Michael J. Shand

A perfect example of risk sharing would typically be found in the baseline assumptions of a contract where force majeure risks are managed by individual parties.

For example, if a contractor is performing work at a clients facility, the client states and the contractor agrees in contract, that unforeseeable loss incurred due to a force majeure event shall be owned by each respective party. The catch is 'unforeseeable'. If a loss is incurred due to a secondary event that should have beyond a reasonable doubt been reasonably practicable for the client to have avoided, then the contractor may have grounds to lay claim.


An example of Risk Transfer would the outsourcing of a scope of work. For example, a contractor may recognize that a particular scope has way too much risk for employee turn over thus an increased likelihood due to project slip.
He may then, once allowable, outsource the scope, enter a penalty for avoidable delays that would amount to liquidated damages exposure.

The transfer of Risk isn't as clear cut as the sharing of risk as unquantifiable exposures such as reputation impacts and further scope award remains exposed.

• Unlike(1)
• Reply privately
• Report spam

Donald Whittaker

Someone should tell the marketing teams at the insurance companies. And, anyone on Wall St. using the TLA ART. 

• Like(1)

Donald Whittaker

the issue is are you transferring the risk or the financial consequence. this is another schoolmarm thread about.semantics that looks at treatment terms in a vacuum.

• Like(1)

Michael Allocco, PE, CSP

SAFETY-RELATED RISK TRANSFER…

A specific safety-related risk can be transferred to a subcontractor with special capabilities to mitigate the risk; when the original risk holder does not have the abilities to handle the risk. It should be indicated in the agreement that the 2nd party applies best practices in risk mitigation; and assumes all responsibility associated with the risk. Further, the specific hazards, risks and mitigations should be stipulated. 

• Unlike(1)
• Reply privately
• Report spam

Thu Ly, CRMA

Could not agree more.

• Like(1)

Mohammed Abid

Congrats

• Like(0)

Edward Chao

Dear all,

Today, I want to share some points concerning about enterprise risk management with all.

In enterprise risk management whose risk can be defined as a possible event or circumstance that can have negative influences on the enterprise in question. Its impact can be on the very existence, the resources (human and capital), the products and services, or the customers of the enterprise, as well as external impacts on society, markets, or the environment. In a financial institution, enterprise risk management is normally thought of as the combination of credit risk, interest rate risk or asset liability management, liquidity risk, market risk, and operational risk. 
In the more general case, every probable risk can have a pre-formulated plan to deal with its possible consequences (to ensure contingency if the risk becomes a liability). 
From the information above and the average cost per employee over time, or cost accrual ratio, a project manager can estimate:

the cost associated with the risk if it arises, estimated by multiplying employee costs per unit time by the estimated time lost (cost impact, C where C = cost accrual ratio * S).

* the probable increase in time associated with a risk (schedule variance due to risk, Rs where Rs = P * S):

Sorting on this value puts the highest risks to the schedule first. This is intended to cause the greatest risks to the project to be attempted first so that risk is minimized as quickly as possible. 
This is slightly misleading as schedule variances with a large P and small S and vice versa are not equivalent. (The risk of the RMS Titanic sinking vs. the passengers' meals being served at slightly the wrong time).

* the probable increase in cost associated with a risk (cost variance due to risk, Rc where Rc = P*C = P*CAR*S = P*S*CAR)

sorting on this value puts the highest risks to the budget first. 
see concerns about schedule variance as this is a function of it, as illustrated in the equation above.

Conclusion:

Risk in a project or process can be due either to Special Cause Variation or Common Cause Variation and requires appropriate treatment.

That is to re-iterate the concern about extremal cases not being equivalent in the list immediately above.

Edward

• Like(0)
• Delete

Edward Chao

In the previous discussion, RM specialist, James Andrae have ever pointed out that the best risk is the one you don't have. Solution don't over commit power plant transaction SWAPS such that if it failed apart from the burden of repairs you will also have the financial SWAP payments to make. There is nothing lost except for speculative revenue and that could go either way.

Building infrastructure creates volumes of possible risks to the owner. Power plants can be built by the power company or by an external engineering firm. This transfers most of the risks but some do remain. Two major risks are that the generator will not work to specifications, or be completed on time. The power company contract specifies Ts&Cs that if not met they simply don't accept the new generator. So the "lemon" risk as well as others are not theirs. The best risk is the one you don't have.

The concept of risk had two separate and distinct properties, 
(1) potentially negative financial outcomes, and (2) one of the consequences of life: business activities, property ownership, driving a car, crossing the street, getting out of bed, and so on. 
All we can do is mitigate some of the negative financial consequences; insurance being the most prevalent risk transfer tool.

The global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap. To make a conclusion, my viewpoints as mentioned above perhaps are valid Market Risk Managers do not live in a post risk world but in a pre risk world.

• Like(0)
• Delete

Guan Seng Khoo, PhD

Edward, Yes, ex-ante instead of ex-post. That's the reason I stay away from discussions where participants use terminologies or labels like positive risk and negative risks, without considering that when the risk event manifests, the outcome can be positive, negative or status quo!!!!

• Like(0)
• Reply privately
• Report spam

Edward Chao

Hi, Guan Seng Khoo, 
I remembered that you had posted your comments six months ago. The main contents which said that I've always been guilty of making short commentaries on LinkedIn, and often inadvertently created "cross-communications across different frequencies" with other parties on other discussion threads. 
I respect your comments and I agree with your viewpoints to some percentage. Don't mind the other participants' viewpoints, you can just provide your comments to share via this platform.

Thanks for your comments again and welcome to participate continuously.

Kind regards.

Edward

• Like(0)
• Delete

Edward Chao

According to my past experiences, risk sharing can be very profitable for the group or association who are involved. 1st you need a good assessment audit as to the types of risks, organizations,the and firms' liquidity to qualify them to join the "association" risk pool.

I would like to cite the main viewpoints from Dr. Jeff Elias (Sr. Executive Consultant/President at ECG.). Dr.Jeff Elias pointed out that 'using appropriate tools for assessment of the "potential" risks, can generate a cost savings, and structured properly as an "off-shore captive insurance association" (taking advantage of money hurdle rates) with streamlined, accurate and timely reporting, with effective claims management, training, and safety programs) could repatriate income back to the association in the form of reduced future premiums.' 
A good example of risk sharing would typically be found in the baseline assumptions of a contract where force majeure risks are managed by individual parties and stimulate the brain-storming discussions inside the organization.

Very thankful to the comments came from all participants in this issue again and welcome to participate continuously.

Kind regards.

Edward 

• Like(0)
• Delete

Michael Allocco, PE, CSP

SAFETY-RELATED RISK PREDICTION…. 
It is quite possible to predict future performance that equates to system design. Here is when inclusive system hazard analysis and risk assessment comes into play. We do have verious methods in system assurance that require simulation, testing, and modeling that are very effective toward prediction. We can even exclude weak stocastic processes and be very effective applying qualitative decision methods. Given that the inclusive system is understood, (system of systems and families of systems). 

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Hi, Michael Allocco, 
Very thankful to your comments. 
Most of the time, when measuring risk, we can consider to exclude weak stocastic processes and be very effective applying qualitative decision methods. Taking my experiences for example, 'using appropriate tools for assessment of the "potential" risks, can generate a cost savings, and structured properly as an "off-shore captive insurance association", with streamlined, accurate and timely reporting, with effective claims management, training, and safety programs) could make it set stable.

Kind regards.

Edward 

• Like(0)
• Delete

Mohd Amirul Nazri Ismail RMP® GPM-b™

Hi Edward, I have a thought that the "mistaken belief" you mentioned in the topic is kinda true. Risk Transfer is typically addressed by various contractual methods (peformance bonds), and insurance (builders all risk, professional liability) and etc. Normally it is intended to address risk beyond the control of participant, or not willing to accepted by either party.

While "Sharing" , must be based on the EVALUATION OF OPPORTUNITIES for success of each party. Here you go from this point, a procurement risk assessment kick in.

Both Risk Sharing and Risk Transfer are elements included at the time of entering into contract, if you looked this from phases of project development perspective. A thorough understanding is necessary to manage the impacts as the work progress.

Regards 
Amirul

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Hi, Amirul

Thanks for your reply.

In fact, I agree with your viewpoints you have mentioned above.

"Sharing" must be based on the EVALUATION OF OPPORTUNITIES for success of each party. In addition, "risk transfer" is typically addressed by various contractual methods (peformance bonds), and insurance (builders all risk, professional liability) and etc.

Most of the time, when measuring risk, we can consider to exclude weak stocastic processes and be very effective applying qualitative decision methods. It seem to be the other important thought is how to manage the impacts as the work progress.

Thanks for your comments.

Kind regards. 
Edward

• Like(0)
• Delete

Edward Chao

Hi, Stephen, very useful comments for this issue which had no discussions mentioned above.

First, I fully agree with what you have mentioned that risk transfer is not transferring the risk of the event happening, only transferring some of the financial risks to the insurer.

Secondly, most of the time, risk transfer would not mitigate the risk of the original occurrence that caused the incident which needs to be addressed and mitigated through controls, monitoring, etc.

According to my past experiences, risk transfer is typically addressed by various contractual methods (peformance bonds), and insurance (builders all risk, professional liability) and etc. 
In fact, when one takes out insurance, one is not transferring any of the actual risk. Neither the probability nor the cost of the potential calamity is reduced by one single iota.

Very thankful to your comments in this issue again and welcome to participate in this issue.

Kind regards. 
Edward

• Like(1)
• Delete

Mohamed HAOUARI

Hi Edward, 
I think that the transfer by insurance or outsourcing can be analysed differently. 
You make a good analysis on the part of insurance which is supplemented by many posts. I want to contribute to the discussion about outsourcing. 
Indeed, in the case of insurance the client accepts to be less rich today to reduce the risk of being very poor tomorrow. In the case of oustourcing, the client expects to create value by its service provider and it will allow to decrease the total cost of outsourcing. 
Furthermore, outsourcing process may be total or partial. It can be a « Risk Transfer" (in the case of a total outsourcing) or a "Risk Sharing" share (in the case of a partial outsousrcing). 
Outsourcing as a risk management strategy (transfer or sharing) can be also a way to create value for the client in the opposite of insurance which remains a cost as long as the feared event has not been materialized. 

• Unlike(1)
• Reply privately
• Report spam

Jesus K. Levy, CRM

Well, I think your concept would basically depend on the meaning of "risk transfer" to an organization. You have to consider that in "traditional" risk management terms, risk transfer means to many people "the contractual arrangement to be indemnified by a third party if a loss occurs". As some colleagues correctly point out, I do not want to start never-ending discussions on positive or negative deviations from expected outcomes and / or ISO 31000 terminology.

I understand your point as regards the non-transferrable nature of risk itself, but what the markets traditionally understand, is not really the later. And that is why some practitioners also refer to insurance as a "risk financing" tool, rather than a "risk transfer" alternative.

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Hi, Jesus, thanks for your comments. I agree with your viewpoints mentioned above 'why some practitioners refer to insurance as a "risk financing" tool, rather than a "risk transfer" alternative.' Most of the time, risk transfer would not mitigate the risk of the original occurrence that caused the incident which needs to be addressed and mitigated through controls, monitoring, etc.

Kind regards.

Edward 

• Like(0)
• Delete

Edward Chao

According to Mohamed HAOUARI mentioned above, Mohamed indicating that outsourcing process may be total or partial. It can be a « Risk Transfer" (in the case of a total outsourcing) or a "Risk Sharing" share (in the case of a partial outsourcing).

For some companies, especially in manufacturing industry, outsourcing as a risk management strategy (transfer or sharing) can be also a way to create value for the client in the opposite of insurance which remains a cost as long as the feared event has not been materialized. I discussed less in outsourcing in this discussion.

Through outsourcing, the client expects to create value by its service provider and it will allow to decrease the total cost of outsourcing. For some decision-makers' thoughts, it's another way to reduce the risk and could be considered as a good risk transfer via outsourcing.

Kind regards.

Edward

• Like(0)
• Delete

Ned Robins

"Outsourcing" is a fashion that makes sense for efficiency, but it is not necessarily good risk management, and often is bad risk management.

I think it is in fashion particularly with governmental organisations and for two reasons: 
1. Capitalism has become the accepted as the "best" economic theory. And "outsourcing" means using "private" rather than state-run organisaions so allowing for profits.

1. Nationalised organisations are enevitably big. Big companies are inefficient, and civil servants may be good at pushing pens and guaranteeing their own job-security, but they tend to be bad managers (and expect a "soft life" - this is a nice way of saying that they tend to be lazy!).

Usually "outsourcing" involves employing a smaller organisation. This is bad risk management in that this increases the risk of the supplier going "bust" leaving the "customer" in a worse position than when "he" had an inefficient means of performing the work, but at least was able to do so.

• Unlike(1)
• Reply privately
• Report spam

Ned Robins

Outsourcing is good (efficient) management in many cases because it involves using a "specialist" labour-force that is likely to be so much more efficient at doing the job that the cost of profit can be added to the basic cost incurred by that labour-force and still be cheaper. However one has to accept both the risk (of supplier bankruptcy) mentioned above, and the risk of "excessive profits" being made on the back of tax-payers.

There is nothing "wrong" with nationalisation except that it tends, over time, to result in bad management and in-efficiency.

• Unlike(1)
• Reply privately
• Report spam

Ned Robins

Both outsourcing and insurance both have problems that are not given sufficient attention when viewed as a "risk-transfer" mechanism for governments and large organisations.

Insurance companies are capitalist organisations designed to make profits. They love taking your "premium" (nice words for costing you as much as possible) but hate paying out.

Insurance only makes sense if you are an individual (and not super-rich) or a small company so that you have to take risks whose impact you cannot afford.

If you are a government or a very large organisation it is better to avoid insurance companies and just "take the hit". This will remove the profits of the underwriters (that are "usually" as excessive as they can get away with).

• Unlike(1)
• Reply privately
• Report spam

Ned Robins

Insurance not only does not reduce the probability of the occurrence as agreed by all above (indeed, it is likely to INCREASE that a bit!). Usually it also fails to cover the secondary and side-effects of the risk. So if you have a car-crash, you may get the new car paid for, but this will take time, and you will not normally be compensated for the inconvenience incurred etc. Similarly, if you have a fire at your factory, you will get things repaired/re-built etc, but you will get nothing for the loss of production, and even less for the loss of goodwill etc.

As the above is being recognised, a few insurers are offering to cover some of these secondary effects like giving you a hire-car whilst yours is being repaired, but they place severe limits on these additional "benefits" (like: "up to five days"!) and mostly are doing this to make a meal of their "exceptional" services in TV advertisments etc.

• Like(0)
• Reply privately
• Report spam

Ned Robins

Nothing changes. Insurance companies really exist to make profits (as excessively as possible) for shareholders and underwriters. "Sharing" your risks are the necessary evil they reluctantly accept as their means of doing this!

Edward Chao

Dear John Grubbs, 
This risk type is what I call "internal risks" which is arising from within the organization, that are controllable and ought to be eliminated or avoided. In addition, best managed through active prevention: monitoring operational processes and guiding people’s behaviors and decisions toward desired norms.

Thanks for your comments.

Dr. Chao

• Like(2)
• Delete

Mark Powell

Edward,

To me, your term "internal risks" seems to capture what you have described so far quite well.

All of your examples are what I would naturally think of as a company's internal risks.

Mark Powell

• Unlike(1)
• Reply privately
• Report spam

Sherif Dawood , MBCI, MBA, ITILv3, M.Sc.

Second Mark's opinion 
We can have preventive controls as part of the control structure for managing certain risk, but we can never guarantee the prevention of the risk. If there is a risk, there will be always a residual risk till the risk becomes irrelevant

• Unlike(1)
• Reply privately
• Report spam

William Thorlay

Dr. Chao, 
I think your definition on "internal risks" is well understood. On the other hand, I have to agree with Mr. Grubbs when he says that risk is something inherent to everything we do. As far as human behaviour is concern, human reliability is becoming more and more applied within the organizations worldwide.

• Unlike(1)
• Reply privately
• Report spam

Tracy Dcruz

We could provide payment gateway for many high risk industries like Gaming, Casino, Forex Pharmacy, Nutra, Binary, Replica, Pet shops, Tour and travel operators, Gaming, Gambling, Lotto and lottery, Headshops, Medical marijuana and many more. 
We hope to be able to get you an account, with surety and this will be much more reliable which will have you being paid within shorter period for your transactions on credit card. 
Tracy Dcruz Skype id: connect2vspay email id: sales@vspayglobal.com

• Unlike(1)
• Report spam

Stephen McManus

When discussing risks, whether internal or external, the use of "preventable" would equate to avoid the risk....this means the risk probability and/or the impact must go to zero.

In practice, it is often almost impossible to prevent risks from occurring or having an impact if they do occur without having a significant trade-off on one of the other constraints or objectives a project is trying to meet. So in practice there should be two questions regarding a significant risk and the desire to "prevent" the risk.

* - Is it more important to do the project or not experience the risk?

* -If a prevent or avoid response is put in place, is the cost or benefit worth the trade-off of project objectives not being fully met.

Finally, in practice we most often have to determine how much is the project willing to invest in reducing a risk or increasing an opportunity and still leave on the table residual risk....what is the risk appetite of the key stakeholders.

• like(2)
• Reply privately
• Report spam

Edward Chao

Dear Stephen McManus,

What you have indicated that "in practice we most often have to determine how much is the project willing to invest in reducing a risk or increasing an opportunity and still leave on the table residual risk", I agree with your viewpoints. 
The decision-makers has the responsibility to analyze the keypoints whether the cost or benefit is worth the trade-off of project objectives not being fully met.

According to my past experiences,the first step in creating an effective risk-management system is to understand the qualitative distinctions among the types of risks that organizations face.

Finally, you have to determine how much is the project willing to invest in reducing a risk or increasing an opportunity and still leave on the table residual risk.

Thanks for your comments.

Dr. Chao 
10-Feb.-2015

• Like(4)
• Delete

Michael Allocco, PE, CSP

MOST RISKS ARE PREVENTABLE GIVEN…. 
The understanding of a (system) accident life cycle: 
• Implement safety axioms to assure that risks are identified, eliminated or controlled to acceptable levels; 
• Apply proactive, predictive, and reactive methods to understand hazards and associated risks; 
• Consider how an adverse propagation can start? A poor decision associated with the system (integrated human, machine and environment); 
• The decision results in a latent, dormant, hidden (hazards) situation; 
• The hidden situation is triggered by a condition or situation (other hazards); 
• Adverse sequences can be complex to simple; 
• The elements of the system support the adverse progression(s): conditions and/or actions; 
• The adverse process may progress unless detected, or progression continues and harm may result; 
• If causality or contingency action is unsuccessful additional harm can result; 
• Eventually the system needs to be brought back to a stable state.

• like(2)
• Reply privately
• Report spam

Edward Chao

Dear Michael Allocco, 
The statements you have pointed out makes sense, and thanks for your reply with sincerity.

Dr. Chao

• Like(0)
• Delete

John Mallino

Preventable risks are risks that can be engineered out of the design. With that said, if asked which specific risks are preventable. I would say OSHA top ten most cited violations. No excuse for these risks to be active at your job site. 
http://www.safetyandhealthmagazine.com/articles/11136-osha-announces-top-10-most-cited-violations-for-2014

• Unlike(1)
• Report spam

David Brady

John M got it right. The only way to make a risk preventable is to eliminate it altogether, either removing it by re-engineering or or changing the process if possible, e.g. if the risk is flying then drive or take the train. Although remember that eliminating a risk may introduce a secondary risk.

• Unlike(1)
• Reply privately
• Report spam

John O'Sullivan MIEAust CPEng

Edward, 
Glad to see your comments have brought up numerous valid replies. In my experience these 'internal risks', while being largely preventable or able to be mitigated (or at least should be so) can also be very insidious because many of them can arise from the company 'culture'. But when a company's 'culture' is flawed identifying and mitigating those risks can be a daunting task because people may not even realise the risk exists, let alone where it stems from - 'it's how we do business'. In these companies (read 'large organisations') those people in positions of authority have generally reached those positions because they understand how to 'work the system' and that knowledge and understanding becomes their power base. When you start to identify and address those internal risks be prepared for some potentially serious pushbacks because someone's power base is suddenly being threatened. 
Interested to see if anyone else shares these views. 
John

• like(1)
• Reply privately
• Report spam

Edward Chao

Dear John O'Sullivan, 
First, I'm very appreciated with your reply.

Secondly, according to your past experiences which said in your comments,'internal risks', while being largely preventable or able to be mitigated (or at least should be so) can also be very insidious because many of them can arise from the company 'culture'. But when a company's 'culture' is flawed identifying and mitigating those risks can be a daunting task because people may not even realise the risk exists. 
In fact, the culture seems to play an important factor in 'internal risks', which can also be very insidious because many of them can arise from the company 'culture'.

Thirdly, when we discuss the risk factor we have to keep in mind it is not risk management but overall management, think of the loop identify, assess, accept/not accept, control. So when we discuss the “internal risks” we have to be aware of them.Finally, you have to determine how much is the project willing to invest in reducing a risk, how to avoid and manage is an important issue to take into consideration.

Finally, I'm very appreciated with your professional comments.

Sincerely, 
Edward

• Like(0)
• Delete

John O'Sullivan MIEAust CPEng

Thanks Edward,

From a Quality point of view the causes of these types of risks (ie variations in output) would usually be termed 'common causes'. Any unexpected, uncontrolled or unauthorised variation in output results in risk. The only way to fix them is by fundamentally changing the 'system' or, in some situations, the system's implementation. Common causes arise when 'everyone is doing it'.

John

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Dear John O'Sullivan, 
I'm very appreciated with your comments. 
I agree with your viewpoints, the better way to fix 'internal risks' is by fundamentally changing the 'system' or, in some situations, the system's implementation. 
You provide another solution to fix the 'internal risks'.

Sincerely, 
Edward

• Like(1)
• Delete

James Andrae

Edward 
I agree with your comments in general, and yes the examples you identified are internal and "preventable" through a variety of actions. (there is no sure fire mitigation for rogue trading). 
In Australia we have taken the risk management of physical injury to a new level. I worked for a company that went into the Guinness book of records when it achieved a million hours without any injuries. Preventable risks that have direct impact on the bottom line and lives. 
While nothing is perfect and some solutions do open the door to other risks, it is none the less the most important exercise and question for a risk manager to undertake. This is the heart of the process to determine Board risk appetite declarations, Risk Policies, Corporate structures etc, etc... 
I prefer to approach an organisation as a blank sheet, identify risks and put them in 3 columns and then spend some time analysing what is the understanding of each risk by the relevant staff. I'm sure you are doing this process since you started at the same point I did . 
The bottom line is the identification of the universe of risks I have to have, I want to have, and I don't want to have. Then devise a strategy to address these. 
Of course it is a very involved processes and you need to move at least 3 to 6 iterations to ensure no new risks are accidentally introduced and what residual risks remain and so on. 
If done right, the rewards are astronomical, and most importantly it sets the culture. Everyone has to get on board and risk management is embedded in the hearts and minds just through the exercise. 
Qualitative benefits are numerous, least of all, the insights gained. 
I once worked for a company that wanted to address 1 preventable risk. 
The cash flow risk. They wanted greater certainty of revenue. In attempting to mitigate this risk, it created new risks, some of which were an even higher order of risk. But once we went through the process and mapped it out down to the most minute issues stressed in 6 different ways, the CEO was so impressed this strategic thinking became the norm for every action undertaken You cannot ask for a better culture. 
Happy to provide further details in private if you want to contact me.

• like(3)
• Reply privately
• Report spam

Edward Chao

Dear James Andrae,

I'm very appreciated with your professional comments about the topic:"What's preventable risks and how to effectively manage?". According to your viewpoints, the bottom line is the identification of the universe of risks I have to have, I want to have, and I don't want to have. Then devise a strategy to address these. I agree with your viewpoints stated. Your past experiences in two companies which gave me some hints in solving preventable risk. You are an expertise in facing risks, therefore you know how to solve in better way. According to my past experiences,the first step in creating an effective risk-management system is to understand the qualitative distinctions among the types of risks that organizations face.

To be sure, companies should have a zone of tolerance for defects or errors that would not cause severe damage to the enterprise and for which achieving complete avoidance would be too costly. In addition, companies should seek to eliminate these risks since they get no strategic benefits from taking them on in general. A rogue trader or an employee bribing a local official may produce some short-term profits for the firm, but over time such actions will diminish the company’s value.Finally, you have to determine how much is the project willing to invest in reducing a risk, how to avoid and manage is an important issue to take into consideration.

Happy to receive your comments and if possible, we can discuss more details on risk managements in private if you don't mind.

Best regards.

Edward

• Like(2)
• Delete

Edward Chao

Dear John, 
Thanks for your reply. 
You have mentioned that when dealing with risk, "Regardless of what business you THINK you are in, you are in the PEOPLE business." It is useful for me how to treat the risk happened in the coming future.

In my experiences running on project managements, I usually think that risk management can include the following activities 
* how risk will be managed in the particular project. Plans should include risk management tasks, responsibilities, activities and budget.

* a risk officer – a team member other than a project manager who is responsible for foreseeing potential project problems. Typical characteristic of risk officer is a healthy skepticism.

* live project risk database. Each risk should have the following attributes: opening date, title, short description, probability and importance. Optionally a risk may have an assigned person responsible for its resolution and a date by which the risk must be resolved.

* anonymous risk reporting channel. Each team member should have the possibility to report risks that he/she foresees in the project.

Very thankful for your comments again.

Best regards.

Edward

• Like(1)
• Delete

Edward Chao

There are two questions regarding a significant risk and the desire to "prevent" the risk. 
The first question has to be considered is "Is it more important to do the project or not experience the risk?", the second is "if a prevent or avoid response is put in place, is the cost or benefit worth the trade-off of project objectives not being fully met." (Sited from Stephen McManus) I think that it's necessary for us to think about the process how to prevent the coming risk and the best solution.

As what I suggest in the former comments 'Maintaining live project risk database.' 
In fact, each risk should have the following attributes: opening date, title, short description, probability and importance. Optionally a risk may have an assigned person responsible for its resolution and a date by which the risk must be resolved.

Edward.

• Like(1)
• Delete

Christopher Jeffrey

Several great comments attached here!!! A really good read... So I will add mine.... An essential point to risk management often understated is the risk appetite or tolerance levels for the company. These levels can dramatically change the overall scope and cost of projects! These levels often fluctuate based on the discipline they are within... IE... Safety to personnel, environment, financial or reputation. That is to say some companies will withstand higher risks in let's say a financial discipline as they would not withstand with regards to safety! A true understanding of risk encompasses all disciplines and the tangent way they ALL intersect...

• like(2)
• Reply privately
• Report spam

Michael Allocco, PE, CSP

FOOD FOR THOUGHT…SYSTEM THINKING AND SYSTEM RISK… 
Getting the big picture is helpful when assessing risk: 
 Considering system (RISKS) accidents people may not know how to connect the dots within complex systems, nor think inclusively, or holistically, nor comprehend dynamics, induction or deduction, nor understand expensive variables, interfaces and interactions. 
 A so-called “safe” system equates to the identification, elimination and control of safety-related (system) risks; throughout the life cycle of the system, and system accident. We should go about the effort of system-level hazard analysis and risk assessment, and validating and verifying the system risk controls. 
 System thinking will not be acquired from a theory, or book, or from formal schooling. System thinking is gained via experience during professional practice. 
 Unfortunately, many have a limited understanding of complexities within integrated systems comprised of hardware, software, firmware, the human and complex environment. One has to understand interfaces and interactions associated with complex systems. We cannot oversimplify thinking about failures, adverse events and functions. Not everything is stochastic (probabilistic). System analysis requires many forms of additional thinking: abstract, holistic, system, quantitative, objective, subjective, temporal (life cycle), and critical. 
 System thinking can be applied to an entity. A ’system” is a source of abstraction. System axioms all equate to context. Experienced system risk analysts may be aware that it is all connected. There is flexibility, abstraction, and pliability in the concept of a system, system of systems, and families of systems. These entities are comprised of humans, machines, and the environment. In an oversimplification one must understand the interactions and interfaces of the defined system under consideration. Your system thinking abilities can be limited based upon the knowledge of applied system axioms. 

• Unlike(2)
• Reply privately
• Report spam

Edward Chao

Dear Michael Allocco, Thanks for your comments. Getting the big picture is helpful when assessing risk, in addition, how risk will be managed in the particular project. System thinking is gained via experience during professional practice. Simultaneously, as you have said 'system analysis requires many forms of additional thinking: abstract, holistic, system, quantitative, objective, subjective, temporal (life cycle), and critical.' The good plans should include risk management tasks, responsibilities, activities and budget, if not, the plans have to take the uncertainty and potential risk.

Thanks for your reply.

Edward

• Like(0)
• Delete

Michael Allocco, PE, CSP

Edward....your welcome.

DESIGNING RISK MANAGEMENT PROGRAMS,,, 
• I understand that there are cook book approaches in risk-related standards; which may or may not be appropriate. Firstly, it all depends on the actual identified system risks throughout the life cycle of the entity under evaluation. As stated, an inclusive system-level hazard/threat analysis provides the risk-driven requirements in order to design RM program requirements. 
• Any forms of risk of harm: losses, threats, vulnerabilities, loss of key people, loss of assists, valuable papers, trade secrets, data and information, fire losses, fleet losses, facility catastrophes, environmental and weather events, any contingency, causality, etc.; can be evaluated. It all depends on how the analysis and risk assessment criteria are developed. 

• Like(1)
• Reply privately
• Report spam

Edward Chao

Michael, I fully agree with your viewpoints. Any forms of risk of harm: losses, threats, vulnerabilities, loss of key people, etc., could be estimated and evaluated via the analysis and risk assessment criteria which could be developed. Thanks for your comments. 
Edward 

• Like(0)
• Delete

Michael Allocco, PE, CSP

Your welcome....Mike

• Unlike(1)
• Reply privately
• Report spam

Edward Chao

Thanks for your reply. 
Learning good viewpoints from you.

Edward

• Like(0)
• Delete

Michael Allocco, PE, CSP

Thanks...

• Like(0)
• Reply privately
• Report spam

Guan Seng Khoo, PhD

That's why I prefer to use the term risk mitigation or response (which may not necessarily mean the risk can be totally eliminated) because in reality you can't really transfer risk (as risk is like energy) - it merely transforms into another form of risk, unless you are no longer the owner (or have the exposure anymore)!

• Like(2)
• Delete

Edward Chao

Dear Guan Seng Khoo, 
Perhaps, risk mitigation or response is a better term to explain the meaning of "Risk Transfer", thanks for your comments in this issue.

Sincerely, 
Edward.

• Like(1)
• Delete

Guan Seng Khoo, PhD

Gam sia, Gam sia! I'm Hokkien (by dialect). Keong Hee Huat Chye!

• Like(1)
• Delete

Donald J. Riggin, CPCU, ARM

Folks, while I like philosophical discussions as much as the next guy, let's temper that with a dose of old fashioned horse sense. Guan Seng Khoo (above) said, "in reality you can't really transfer risk." I respectfully disagree. In reality, risk is transferred all the time. In theory, (as in quantum physics), risk may or may not be transferred. Or, it might be both transferred, and not transferred at the exact same time! (Was this one of Zeno's 4 paradoxes? Probably not.)

"Risk transfer" is the only reasonable and acceptable description of the insurance transaction. It means moving a risk of financial loss, of whatever quantity or quality, from one balance sheet to another balance sheet. Moreover, the transaction is memorialized in a contract commonly accepted by both parties - the insurance policy.

Yes, technically the transferred risk still lies with the policyholder, but in law that plays no part whatsoever. When counterparties (insurer and client) are engaged in a legal dispute, the notion that the client technically retains the risk is ignored for good reason. The payment of premiums (consideration) as prescribed by the contract issuer (insurance company) renders this technical argument moot for lack of applicability and materiality.

Of course the insurance company could go bankrupt; technically, the insurer is a credit risk to its customers, but the likelihood of that occurring is usually extremely low. And even with enormous amounts of counterparty/credit risk, the transaction is still one of risk transfer; the quality (or lack thereof) of the risk-taking party doesn't change that fact. It might be a bad risk transfer, but a risk transfer it remains. Remember, counterparty risk is a matter of credit risk management, that's all. If the risk transfer fails for one reason or another, the risk holder will deal with it.

The term, risk transfer, has been used in US Tax Court and US Supreme Court cases to describe an important concept. Risk transfer and risk distribution, are the generally accepted circumstances required for an insurance transaction to exist. (Insurance is not defined in US law.)

Finally, 2 of the above posters said this: "the best risk transferred is the one you don't have to begin with." Huh? If you're right, every business in the world should cease operations, because that's the only way to not have a risk to begin with. I could go on…

• Like(2)
• Delete

Edward Chao

According to businessdictionary website said that there have two definitions on "Risk Transfer"

* management strategy in which an insurable risk is shifted to another party (the insurer) by means of an insurance policy.

* shifting through non-insurance means, such as a warranty. See also transfer of risk rule.

(http://www.businessdictionary.com/definition/risk-transfer.html#ixzz3TkiQV3Mc)

"Risk Transfer" had been commonly accepted in the underlying tenet behind insurance transactions. The purpose of this action is to take a specific risk, which is detailed in the insurance contract, and pass it from one party who does not wish to have this risk (the insured) to a party who is willing to take on the risk for a fee, or premium (the insurer).


For example, whenever someone purchases home insurance, he or she is essentially paying an insurance company to take the risk involved with owning a home. In the event that something does happen to the house, such as property damage from a fire or natural disaster, the insurance company will be responsible for dealing with any resulting consequences.

Risk transfer is a risk management and control strategy that involves the contractual shifting of a pure risk from one party to another. One example is the purchase of an insurance policy, by which a specified risk of loss is passed from the policyholder to the insurer. Other examples include hold-harmless clauses, contractual requirements to provide insurance coverage for another party's benefit and reinsurance. When done effectively, risk transfer allocates risk equitably, placing responsibility for risk on designated parties consistent with their ability to control and insure against that risk. Liability should ideally rest with whichever party has the most control over the sources 
of potential liability.

In addition, in today's financial marketplace, insurance instruments have grown more and more intricate and complex, but the transfer of risk is the one requirement that is always met in any insurance contract.

According your recognition, the term, 'risk transfer' has been used in US Tax Court and US Supreme Court cases to describe an important concept. Risk transfer and risk distribution, are the generally accepted circumstances required for an insurance transaction to exist. I fully understand and agree. In our normal life, risk transfer is occurred in transaction behavior, the transaction is still one of risk transfer; the quality (or lack thereof) of the risk-taking party doesn't change that fact. We can understand that 'risk transfer' can be viewed as the reduction of risk to a position by buying an insurance policy or taking an offsetting position. For example, a person may reduce the risk of loss due to medical expenses by buying health insurance. Likewise, a person may reduce the risk of loss to a long position by entering an equal but opposite short position.

I'm very appreciated with your professional viewpoints. Thanks for your comments about this issue,

Sincerely, 
Edward

• Like(6)
• Delete

Guan Seng Khoo, PhD

Thank you both. As long as all of us are comfortable with the "local" definition, without getting too detailed or preoccupied with the semantics, e.g., often CDSs create the illusion of risk "transfer", when in reality, risk transformation has its unintended consequences................, I'm happy to agree and disagree!

• Like(1)
• Reply privately
• Report spam

Donald J. Riggin, CPCU, ARM

Indeed, an interesting discussion. At the end of the day it's just semantics, as Guan Seng Khoo has observed. I'm quite familiar with the non-insurance methods of transferring risk, but I think that risk transfer, regardless of technique, is just one thing: Moving negative financial outcomes from one party to another.

Think of the concept of risk having 2 separate and distinct properties, (1) potentially negative financial outcomes, and (2) one of the consequences of life: business activities, property ownership, driving a car, crossing the street, getting out of bed, and so on. All we can do is mitigate some of the negative financial consequences; insurance being the most prevalent risk transfer tool. The first property of risk is binary; the risk is either retained or transferred. Even the most onerous legal disputes between insurer and client as to whether or not a loss is compensable eventually settle if favor of one of the two litigants, (except Jaundyce v. Jaundyce).

Regarding the illusion of risk as mentioned above; it's an illusion because in reality some risk transfer schemes are just as likely to fail as to not fail, such as a CDS. But a CDS, just like an insurance policy, does indeed transfer the financial consequences of risk to a counterparty, but its value as a risk transfer tool is a matter of degree. Compared to the security available through a highly rated insurance company, a CDS's volatility and susceptibility to market risk greatly reduces its efficacy as a pure risk transfer tool. If the risk transferor isn't aware of this, well, that's his problem.

• Like(2)
• Delete

Guan Seng Khoo, PhD

Thanks Donald. I guess where I'm coming from is when the term is used outside of the insurance industry as in the typical COSO ERM or ISO 31K framework, where it's often used in the context of risk "reduction", which I don't believe in, or in banking, when instruments in the banking book are transformed into the trading book, e.g., via securitization.

But thanks again to everyone for sharing here. Have a marvellous week.

• Like(1)
• Delete

James Andrae

Donald, very solid legal points. I love a good philosophical discussion. It is as always a matter of semantics and perspective. Our experiences may be different, I don't believe it makes either of us more right or wrong. It does however open the mind to other perspectives which is always a good thing.

Insurance while a risk transfer mechanism actually creates other risks as you alluded. Credit, Legal, Cost, Timing. Kathryn above raised very important valid points. Perspectives, agendas, rorts, etc.

Risk Management should always try to minimise reliance on the legal process if things go wrong. (This is why I spend way too much time analysing contracts). While the process marches along, in the meantime a company may be seriously negatively affected, face bankruptcy at the extreme, share price fluctuations, credit downgrades etc. Bonuses not paid, people fired. 
It always becomes a matter of size of the insurance claim, 100K not much of a problem, $100M is often open to "debate" in the court system. My experience is that CEOs and Boards don't like the court process and always look for heads to roll.

From a risk management perspective that's not good enough because of the domino effect on business' other activities that assume cash flows will be made whole in the proper time. Very few companies have a few "lazy" hundred million just hanging around. I repeat the best risk you have is the one you don't have and there are numerous examples from physical power plants to the financial markets. 
In the financial markets, peculation aside, hedging can cause new and some unforseen linked risks. There is a famous issue now about a company being trading a commodity and having 40 - 50% of the liquidity in that market. They got it right, but could not get out of their trades. Greed. The best risk is the risk you don't have. Don't expect the market to accept losses when you are the major provider of liquidity. Stick to a lower threshold. If a company is that big that it needs 50% of the market liquidity then it need to review its operational risk management to account for the lack of reliance on the market hedges.

The GFC and Asian Crisis were in essence, liquidity and counterparty credit issues on the whole.

Power plants often have unexpected failures, these are insurable events. The major condition is the proper maintenance of the plant. One man's process is another man's negligence. We can understand that the insurance company will rightly want to verify everything before maybe paying. There are cases where a 1 week shutdown took 2 years and longer to pay. The claims are mostly for physical damage and financial loss. This could easily climb to $100M+ depending. Repairing a power plant may cost $5M the losses on a SWAP could be any amount perhaps a further $95M. No COB is keen on this sort of risk. 
The best risk is the one you don't have. Solution don't over commit power plant transaction SWAPS such that if it failed apart from the burden of repairs you will also have the financial SWAP payments to make. There is nothing lost except for speculative revenue and that could go either way. 
Building infrastructure creates volumes of possible risks to the owner. Power plants can be built by the power company or by an external engineering firm. This transfers most of the risks but some do remain. Two major risks are that the generator will not work to specifications, or be completed on time. The power company contract specifies Ts&Cs that if not met they simply don't accept the new generator. So the "lemon" risk as well as others are not theirs. The best risk is the one you don't have. 
While your points are valid Market Risk Managers do not live in a post risk world but in a pre risk world.

• Like(4)
• Delete

James Andrae

It took some companies over 7 years to get paid 6c on the dollar after Enron failed. Reliance on the legal system, while just, did not make the participants whole. Insurance failures were kept commercially private so we will never know if the losses were covered or not. The best risk you have is the one you don't have. When the CEO and CFO of a fortune 50 company resign suddenly. Smart risk managers closed out positions and watched the debacle with amusement and got bonus. 
If entering into a trade with a counterparty is reliant on a CDS for risk mitigation, then the best risk is the one you don't have. 1 don't enter into the trade to begin with. 2 Don't pay any bonus until the expiry or closure of the contract. Implement #2 and a whole lot of needless exposures are removed because the traders now have some skin in the game. 
You stated “If the risk transferor isn't aware of this, well, that's his problem”. In a perfect world with perfect knowledge maybe. The global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap. Blind hope because you can never see the true picture of the other counterparty, and, well, let’s leave the Credit Agency discussion to one side. It’s not only the illusion of risk but of transfer. The Transferors prior to the GFC had no idea who was really on the other end of the majority of the CDS deals. How was it their fault? 
Market risk managers understand these limitations and on the whole tend to limit exposures as much as possible. 
Of course you can't have no risks. You can even die in your bed sleeping. 
But you should understand the domino factors in all risks and come back with the trade off scenarios and limit these whenever possible. 
The point I think Edward is raising is to test whether risk managers understand that no risk is ever truly transferred or mitigated completely, so how do we live with that reality, post GFC. 
I am certain that if the Central Banks and Finance Ministers had not stepped into the GFC, the global meltdown could have sent economies spiralling worse than the Great Depression. That was the risk they did not want to have. 
They saved the world from calamity but also let some companies that could not be absorbed, fail. 
This was the wake up call. Edward is asking if we have altered our thinking since.

• Like(3)
• Delete

Edward Chao

Dear James, 
I'm very appreciated and respect that you always point out the key concepts and useful viewpoints within your comments on a issue. I got some hints and implications from your comments. I also agree with Donald's comments which said above, 'the concept of risk having 2 separate and distinct properties, (1) potentially negative financial outcomes, and (2) one of the consequences of life: business activities, property ownership, driving a car, crossing the street, getting out of bed, and so on. All we can do is mitigate some of the negative financial consequences; insurance being the most prevalent risk transfer tool.'

I fully agree that your comments which said that "the best risk you have is the one you don't have and there are numerous examples from physical power plants to the financial markets." In addition, the global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap.

In fact, the domino factors in all risks and come back with the trade off scenarios and limit these whenever possible. According to my recognition, risk transfer is a risk management and control strategy that involves the contractual shifting of a pure risk from one party to another. I sometimes discuss with the professional risk-control managers whether risk managers understand that no risk is ever truly transferred or mitigated completely but I find that some managers will ignore cultural and human factors which plays important roles in risk managements.

Thanks for Donald,Kathryn, Guan Seng Khoo, and your professional comments in this issue.

Thanks all of you with sincerity.

Sincerely, 
Edward

• Like(5)
• Delete

Kathryn M Tominey

Guan - don't "allude" use plain clear language to expose these frauds, ratings firms enablers and issuers too lazy to do their homework. The impact of naked CDSs unregulated, invisible thanks to Sen. Phil Gramm, Robert Rubin & Larry Summers leadership. At least Art Levine was man enough to admit, publically, that he was wrong to oppose Brooksley's efforts to just look at derivatives.

Buffett's latest letter really lays into the operators pushing transactions because fees are easy money.

• Like(2)
• Delete

Guan Seng Khoo, PhD

Kathryn, I've written one whole document and blogged on the issues in some of my publications & presentations in conferences for Riskbooks, etc. Hence, I merely don't wish to be long-winded here, esp. for readers who are familiar with the GFC. But, thanks anyway for raising it more granularly.

• Like(1)
• Delete

Syed Adeel Hussain,MBA

We as risk managers have to distinguish among Risk Controls, Risk Financing and Risk Retention Techniques. Risk Transfer is a Risk Financing Method, where you pay someone else to pay for your Unexpected Large Losses!

• Like(2)
• Delete

Edward Chao

Dear Syed Adeel Hussain,

Your comments provide simple concepts but useful in understanding.

I'm very appreciated.

Edward

• Like(1)
• Delete

Abdulwadud Mohammed

Very insightful write up.

Insurance is embedded in risk management.

Real risk management is the prevention of loss. Insurance also practise risk management. Here, the company attempts to regulate the risk it underwrites as per probability of a claim crystallizing(no insurance company would underwrite a risk with 100% claim probability) or claims it pays upon crystallization.

Like the author said, in the event that an insurance company defaults on payment upon crystallization of claim, the liability remains with the insured.

Transferring or sharing risk should be combined with strong emphasis on prevention by embedding ERM in an organizational set up or adopting relevant credit support tools (a wide array is offered by Ace Depository) for banks, traders and financiers, in preventing actual loss.

Prevention of actual loss rather than seeking to be indemnified upon loss is better for any business moving forward.

• Like(1)
• Delete

Michael Allocco, PE, CSP

Your welcome....

• Like(0)
• Reply privately
• Report spam

Kathryn M Tominey

Guan - how diplomatic you are, an excellent quality in risk mgt right up to when a 2x4 is needed to focus their attention.

Oh, am I using correct convention for the part of your name to address you?

• Like(0)
• Delete

Guan Seng Khoo, PhD

Well, Kathryn, I've always been guilty of making short commentaries on LinkedIn, and often inadvertently created "cross-communications across different frequencies" with other parties on other discussion threads. If I interpret you correctly - part of my Asian heritage, where tai ji is often practised - notice how Americans like boxing (more "push") vs the Japanese sumo (more "pull"). I practise a hybrid of push-pull with a bias towards "pulling"!!! Nice to make your acquaintance tho' as a fellow scientist - I was a computational chemist once upon a time!

• Like(0)
• Reply privately
• Report spam

Stjepan Anic

Yes, it's really an apostrriori compensation mechanism rather than a pure risk transfer, and my experiance has thought me that repeated clearifications of various terms used in finance and risk management is often needed in order to maintain an understandable big-picture-view of the subject.

• Like(0)
• Delete

Syed Adeel Hussain,MBA

@Edward Thanks

• Like(0)
• Delete

Edward Chao

Very thankful to Stjepan Anic & Syed Adeel Hussain, this issue is concerning about my research in risk managements, therefore, I pay more attention on this issue.

In addition, I'm very appreciated with James Andrae, who is a risk management specialist. His comments provide me more strategic implications and thinking methodology. I fully agree that James' comments which said that "the best risk you have is the one you don't have and there are numerous examples from physical power plants to the financial markets." In addition, the global financial system is based on the blind hope that the other guy will “play by the rules” and be there to make you whole regardless of whether it is an insurance contract or swap.

Hoping you all can provide your comments and viewpoints into popular issues concerning about risk managements in risk managements online.

Thank you all.

Sincerely, 
Edward

• Like(4)
• Delete

Arslan Usmani CPPD MEnPrac MIEAU(RES,CES) MRMIA

Ed, risk sharing and transfer both are sometimes misleading. If a pipeline contractor misses the delivery on time and you lost your 1 day production, what you do, do we tranfer the risk to him (liquidated damage only) but is this enough to cover your production loss but what about your commitment and good will. If you share risk what percentage of time, resouce and cost you sharev in order to bring things to the agreed deadline.

• Like(0)
• Reply privately
• Report spam

Edward Chao

Arslan, 
Thanks for your comments and joining this discussion.

Edward.

• Like(0)
• Delete

Edward Chao

Dear Amirul Nazri, 
Very thankful for your comments on this issue.

Kind regards.

Edward

• Like(0)
• Delete

Jeff Elias, Ph.D.

I'd like to add that risk sharing can be very profitable for the group or association who are involved. 1st you need a good assessment audit as to the types of risks, organizations,the and firms' liquidity to qualify them to join the "association" risk pool. Using appropriate tools for assessment of the "potential" risks, can generate a cost savings, and structured properly as an "off-shore captive insurance association" (taking advantage of money hurdle rates) with streamlined, accurate and timely reporting, with effective claims management, training, and safety programs) could repatriate income back to the association in the form of reduced future premiums. As a note, off-shore domiciles have different "banking, LOC, liquidity, etc. requirements. These types of arrangements can also work for effective costefficient re-insurance markets, as well. Dr. Jeff Elias, Ph.D. HR & RM Consultant.

• Like(2)
• Delete

Edward Chao

Dear Jeff Elias,Ph.D.

I fully agree with your viewpoints that you have mentioned 'Using appropriate tools for assessment of the "potential" risks, can generate a cost savings, and structured properly as an "off-shore captive insurance association" (taking advantage of money hurdle rates) with streamlined, accurate and timely reporting, with effective claims management, training, and safety programs) could repatriate income back to the association in the form of reduced future premiums.'

Thanks for providing your comments.

Kind regards.

Edward

• Like(0)
• Delete

Edward Chao

According to my past studies,insurance is a both well-known and popular form of risk transfer to take into consideration, where coverage of a risk is obtained from an insurer in exchange for ongoing premiums paid to the insurer. Risk transfer can occur informally within family and community networks where there are reciprocal expectations of mutual aid by means of gifts or credit, as well as formally where governments, insurers, multi-lateral banks and other large risk-bearing entities establish mechanisms to help cope with losses in major events. Such mechanisms include insurance and re-insurance contracts, catastrophe bonds, contingent credit facilities and reserve funds, where the costs are covered by premiums, investor contributions, interest rates and past savings, respectively.

Edward

• Like(2)
• Delete

Marcelo Severino de Oliveira

In short, we need to beware, always an eye on possible risks before it happened. 
Because if all the losses are passed to insurers, there would be many insurers.

• Like(0)
• Delete

Edward Chao

Marcelo Severino Oliveira, 
Thanks for your comments.

Edward

• Like(0)
• Delete

David Wilson

We cannot be 'blind' to the need for our decision-making (and resultant actions) to be based upon information that is NOW accessible to us. 'Ignorance', due to a lack of the correct tools or techniques is understandable but, to ignore tools and techniques that enable informed decision-making, is beyond 'ineptitude'...an emerging GRC issue!

'Causal Relationships': operational interdependencies and interactions within and among organisations are the sources of emerging risk and opportunity but, if unidentified, can be amplified, cascade and spread far beyond the points of origin...and 'feedback' as threats: unrealised - as increased uncertainty or volatility; realised - as correlations in data (reflexive - after the event).

Unidentified and unmanaged risk does not dissipate, nor does the probability of occurrence, scale, duration or cost reduce...

• Like(1)
• Reply privately
• Report spam

Edward Chao

David, your viewpoints are acceptable in understanding 'Causal Relationships', whereas, if unidentified could be amplified, cascade and spread far beyond the points of origin. perhaps, if providing some examples you have ever met will be better to understand.

Thanks for your comments.

Kind regards.

Edward.

• Like(1)
• Delete

Edward Chao

Dear Ned Robins, 
Very thankful to your comments about the issue "Risk Transfer" is often used in place of "Risk Sharing" in the mistaken belief'. I fully agree with your practical points concerning about "achieving things" and "paying for calamities".

The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can transfer a risk to a third party through insurance or outsourcing. In fact, when one takes out insurance one is not transferring any of the actual risk.

Commonly, I have met some investors and/or house owners who usually think their life could be measured by how much money they make and wealth represents their social status and success. Therefore, I have the same viewpoints with you that money should be seen as a means to some worth-while end, not an end in itself. Risk management should be a means to increase the probability of achieving something really worth doing.

Finally, I'm very appreciated with your viewpoints, and thankful to your comments.

Kind regards.

Edward.

• Like(1)
• Delete

Michael J. Shand

A perfect example of risk sharing would typically be found in the baseline assumptions of a contract where force majeure risks are managed by individual parties.

For example, if a contractor is performing work at a clients facility, the client states and the contractor agrees in contract, that unforeseeable loss incurred due to a force majeure event shall be owned by each respective party. The catch is 'unforeseeable'. If a loss is incurred due to a secondary event that should have beyond a reasonable doubt been reasonably practicable for the client to have avoided, then the contractor may have grounds to lay claim.


An example of Risk Transfer would the outsourcing of a scope of work. For example, a contractor may recognize that a particular scope has way too much risk for employee turn over thus an increased likelihood due to project slip.
He may then, once allowable, outsource the scope, enter a penalty for avoidable delays that would amount to liquidated damages exposure.

The transfer of Risk isn't as clear cut as the sharing of risk as unquantifiable exposures such as reputation impacts and further scope award remains exposed.

• Like(2)
• Delete

Donald Whittaker

Someone should tell the marketing teams at the insurance companies. And, anyone on Wall St. using the TLA ART. 

• Like(0)
• Delete

Donald Whittaker

the issue is are you transferring the risk or the financial consequence. this is another schoolmarm thread about.semantics that looks at treatment terms in a vacuum.

• Like(1)
• Delete

Michael Allocco, PE, CSP

SAFETY-RELATED RISK TRANSFER…

A specific safety-related risk can be transferred to a subcontractor with special capabilities to mitigate the risk; when the original risk holder does not have the abilities to handle the risk. It should be indicated in the agreement that the 2nd party applies best practices in risk mitigation; and assumes all responsibility associated with the risk. Further, the specific hazards, risks and mitigations should be stipulated. 

• Like(0)
• Delete

Thu Ly, CRMA

Could not agree more.

• Like(1)
• Delete

Mohammed Abid

Congrats

• Like(0)
• Report spam

Edward Chao

Dear all,

Today, I want to share some points concerning about enterprise risk management with all.

In enterprise risk management whose risk can be defined as a possible event or circumstance that can have negative influences on the enterprise in question. Its impact can be on the very existence, the resources (human and capital), the products and services, or the customers of the enterprise, as well as external impacts on society, markets, or the environment. In a financial institution, enterprise risk management is normally thought of as the combination of credit risk, interest rate risk or asset liability management, liquidity risk, market risk, and operational risk. 
In the more general case, every probable risk can have a pre-formulated plan to deal with its possible consequences (to ensure contingency if the risk becomes a liability). 
From the information above and the average cost per employee over time, or cost accrual ratio, a project manager can estimate:

the cost associated with the risk if it arises, estimated by multiplying employee costs per unit time by the estimated time lost (cost impact, C where C = cost accrual ratio * S).

* the probable increase in time associated with a risk (schedule variance due to risk, Rs where Rs = P * S):

Sorting on this value puts the highest risks to the schedule first. This is intended to cause the greatest risks to the project to be attempted first so that risk is minimized as quickly as possible. 
This is slightly misleading as schedule variances with a large P and small S and vice versa are not equivalent. (The risk of the RMS Titanic sinking vs. the passengers' meals being served at slightly the wrong time).

* the probable increase in cost associated with a risk (cost variance due to risk, Rc where Rc = P*C = P*CAR*S = P*S*CAR)

sorting on this value puts the highest risks to the budget first. 
see concerns about schedule variance as this is a function of it, as illustrated in the equation above.

Conclusion:

Risk in a project or process can be due either to Special Cause Variation or Common Cause Variation and requires appropriate treatment.

That is to re-iterate the concern about extremal cases not being equivalent in the list immediately above.

Edward

• Like(4)
• Delete

Michael Allocco, PE, CSP

WHAT RETURN ON INVESTMENT (ROI)…?

There is a major problem with cost analysis and risk analysis. It is very hard to prove both quantitatively and qualitatively the adverse outcomes averted as a result of validated and verified risk controls. 

• Like(0)
• Reply privately
• Report spam

Edward Chao

II fact, in this new business universe requires much more than listening to customer feedback. The accepted information hierarchy – including established newspapers and media outlets – has rapidly given way to a multidimensional information matrix where no single voice dominates. 
Information and opinions of all kinds are easier to access – yet more difficult to evaluate and control.

In response to these issues and trends, companies are making a deliberate effort to improve their strategic risk management capabilities and performance. Traditional approaches for managing risk tend to focus on monitoring leading financial indicators as well as the evolving regulatory environment. However, because they are generally grounded in audited financial statements, the 
resulting risk strategies and hedges are largely driven by prior performance and past negative events – and do not necessarily serve to detect future strategic risks or predict future performance. As such, they are more focused on protecting value than creating it.

Edward