Risk management is the process of identifying and analyzing the possibilities of financial risk and monitoring and controling the possibility of these risks occurring. Financial risks can be project failures, accidents, uncertainty in markets, and legal liabilities. To manage these risks, one can organize a way to avoid these risks, transfer risks to another party, or just accept the consequences of taking risks¹.
In financial risk management, a firm will use financial tools and methods to determine and manage exposure to credit and market risks.
In risk management, risks are first prioritized by severity and by which are more likely to occur and handled first. Risks are ordered in this way so that the least severe risks and risks with the least likelihood of occurring are treated last. Risk management has to deal with the allocation of resources, which follows the idea of opportunity cost. This is because the resources that are spent on risk management could have been spent somewhere else that would have increased profit. This reduces the amount of spending and minimizes the possibility of risk as well as reduces the negative affects of risks if they were to occur.
The most commonly used formula for risk quantification is: probability/rate of occurrence multiplied the impact of event equals risk magnitude¹. A composite risk index rewrites that formula as: composite risk index equals impact of risk event multiplied by the probability of occurrence¹. The impact of the risk event and probability of occurrence is assessed on a scale of one to five.
Risks are treated in risk management by either avoiding the risk by not being involved with the project; reducing the risk by mitigation; transferring or outsourcing the risk; or retention, which is accepting and budgeting for the risk².
1. Hubbard, Douglas (2009). The Failure of Risk Management: Why It's Broken and How to Fix It. John Wiley & Sons.
2. Dorfman, Mark S. (2007). Introduction to Risk Management and Insurance (9 ed.). Englewood Cliffs, N.J: Prentice Hall.