Managing Risk and Contingency Plan:

An essential component of any financial management framework is the validation and protection of the information contained in the system. Internal controls provide one method where the accuracy of information can be assured.  Similarly, organisations should have in place systems designed to reduce the risk to the organisation's financial assets, and to secure the financial information itself.

An organisation must be aware of the various risks that exist within and around the organisation itself. In order to do so, organisations should engage in risk analysis and management processes.

Risk is present in any organisation.  A wise organisation will have in place processes for the identification and analysis of risk in all areas of the business.  Having identified these risks, the business would have in place procedures designed to either eliminate or reduce that risk, or where elimination / reduction is impossible alternative courses of action.

It is therefore essential that businesses make some attempt to assess risk. If an organisation does not know what risks are present they cannot take steps to avoid them.

The simplest form of risk management is an assessment of the probability of a particular event happening, against the impact that such an event would have on the business.  Probability is an estimate of the likelihood of the event occurring.  Impact is an assessment of the negative effect such an event would have on the business.

Combining these two factors is generally done as a process of statistical measurement, the outcome being a particular figure. These figures for the various events identified, would then be classified according to severity, thus allowing the organisation to devote resources in a more efficient manner (to those risks which represent the most serious).

The basic risk management process can be outlined as follows: