Annotated Bibliography for the Study on: Best Practices in Risk Management: Private and Public Sectors Internationally

Strategic:

Frameworks, Modeling, Tools & Training

A CFO'S View. Vol. 44, Risk Management, New York, September 1997, pp. 21-27.

In this interview, Mike Brown, CFO of Microsoft Inc., shares his views on risk management. Brown is more interested in whether the service adds value and how much it costs the firm to provide it than to costs related to risk. He relies on a strong risk management team to interact with people outside the company. In the beginning, the function was offering traditional buying of property/casualty insurance. Now, the group is working with issues such as risk handoffs between a foreign subsidiary and the parent. His risk management vision includes involving all the employees in the process by communicating awareness through the Intraweb. It is an inexpensive, effective and efficient way to communicate with employees. After that, a risk manager should be close in his personal workings with people at a fairly strategic level. Brown believes risk management should be in the organization where there's natural alignment, synergy and dialogue with strategic planning.

Barrett, Pat. Better Practice Principles for Performance Information. Australian National Audit Office.

Performance information is considered a critical tool in the overall management of programs, and is crucial to public sector accountability. This guide identifies characteristics of good performance information and outlines approaches to planning for performance information. Examples and case study material are presented in this guide, and discussions of the use of performance information for policy-advising functions are also discussed.

Bellandi, Deanna. The Expanding Reach of Risk Management: Suburban Heights Medical Center: Judges. 1997 Crain Communications Inc.

Suburban Heights Medical Center (Chicago) has implemented the Secondary Prevention Program. The program focuses on cardiac patients, by creating flow charts which track the care received by these patients. Flow charts make it easier for doctors to chart a patient's progress by eliminating unnecessary tests and by focusing attention on medical problems. Hospitals are dealing with less financial risk by keeping the patient healthy and out of the hospital.

Berry, Andrew and Phillips, Julian. Pulling it together. Vol. 45, Risk Management, New York, September 1998, pp. 53-58.

This document presents Enterprise Risk Management (ERM) as the consistent application of techniques to manage the uncertainties surrounding the achievement of an organization's objectives. ERM can be viewed as a defensive measure that helps to reduce uncertainties or prevent unwelcome outcomes. Enterprise risk management can also be used as an offensive tool focused on maximizing shareholder value. Implementing an ERM approach and simultaneously overcoming the organizational constraints of managing risk in silos is a two-part process: 1) deciding whom to involve; 2) Selecting the appropriate method. Before implementing any mitigation activities, the company will need to quantify the impact of high priority risks on individual and collective bases, taking into account the interdependencies between risk factors. The process outlined acts as a guide to effective risk management.

Bieber, Robert. Bridging the Gap: Using Effective Communications to Improve Corporate Risk Management. Risk Management, February 1997, pp. 39-41.

Risk managers rely on a combination of formal and informal communications methods. Along with these methods, they can also establish team-based approaches to solving problems. Such teamwork can help risk managers build their relationships with operating units, meet mutual cost-reduction objectives and enhance the performance of their external service providers. A team must formulate guidelines for administrative functions (ex. Attendance, minutes) and promote equality and participation at meetings by forgetting titles. Steps to effective problem solving are reviewed.

Borst, JJ. Value at Risk in the Dutch Steel Industry. Tijdschrift Voor Corporate Finance (The Netherlands), Fall 1997.

The application of Value-At-Risk (VAR) in treasury management can carry with it a number of problems that need to be addressed before VAR can be brought into use. By examining the adoption of VAR at a major industrial enterprise (Hoogovens-leading Dutch Steel Manufacturer), the author identifies issues that should be considered up-front, as well as those that are encountered in practice. The author concludes that the usage of the VAR method in managing currency risks has a number of advantages, such as sharpening one's ability to estimate the magnitude of the currency risks under normal circumstances. It can add clarity to transaction risks, provided the underlying elements incorporated in the model can be reasonably well estimated. The VAR technique is used in the context of treasury management and may be applicable in the field of high-value, cross-border procurement.

Bryson, Nancy S. and Donohue, Brian G. Improving risk management decisions: A new road map and some specific destinations of interest. Vol. 6, No. 4, Environmental Quality Management, Summer 1997, pp.85-89.

The United States Congress directed a panel to report back on the policy implications and appropriate uses of risk assessment and management in federal regulatory programs directed at exposure to hazardous substances. This paper presents a summary of the report presented by the panel which describes a new risk management framework for how risk management decision-making process should be conducted. The framework consists of a six-stage process.

Chand, Sooran and James, Sbrolla. A director's nightmare. Ivey Business Quarterly, Winter 1998.

This article is a case study of Philips Services which experienced a risk management breakdown that led to share prices falling from $20 US to $5 US. The author addresses the lessons that are to be learned from Philips Services, which include the fact that the market will punish firms for poor financial risk management. The steps that should be taken to establish a successful risk management culture are also discussed, i.e., that the board of directors are responsible for implementing firm-wide policies governing investment and risk management activities.

Chapman, C. and Ward, S. Project Risk Management: Processes, Techniques and Insights. John Wiley and Sons, Chichester, 1997.

This review outlines a new book entitled 'Project Risk Management: Processes, Techniques and Insights'. The book provides a consistent framework within which risk management activities can be planned and carried out. The review also highlights the Controlled Interval and Memory Technique (CIM) which would be of interest to professional risk analysts.

Clayton, Michelle. RMA releases risk survey. Vol. 7, No. 12, UMI, Inc. America's Community Bankers, 1998, p.7.

This short article presents some of the results from a recent Robert Morris Associates' Risk Management study for community banks. One of the main findings from the survey was that high performing banks were more likely to use pricing models. This survey could be used as a tool to aid community banks in the identification, monitoring and assessing of risk.

Comprehensive Business Risk Assessment (CBRA) KPMG Methodology Guide for the Performance of Business Risk Assessment.

Comprehensive Business Risk Assessment (CBRA) is KPMG's methodology for the Performance of Business Risk Assessment. It allows for the identification and prioritization of risks, at the strategic and process levels, and identifies opportunities for improvement. CBRA uses a top-down approach and relies heavily on open communication between KPMG professionals and their clients. Various tools and techniques are also presented in this report, i.e., CoCo.

Country Briefing. BAe rethinks risk management. EIU Country Alerts Economist Intelligence Unit, Sept. 4, 1998.

A costly fire in 1981 motivated British Aerospace (BAe) to conduct business continuity planning (BCP) to ensure that recovery schemes were in place in the event of another catastrophe. The key to BCP is ensuring that all business units are aware of each other's strengths and weaknesses, thus enabling different departments to collaborate when developing disaster recovery plans. BCP conducted in-house ensures buy-in from all parts of the company and enables the sharing of 'best practices' amongst departments. This article is appropriate for managers developing mitigation strategies.

Davenport, John A. Loss control technologies. Vol. 44, Risk Management, New York, March 1997, pp. 30-34.

As the result of more demanding building and fire codes, many commercial industrial, and institutional facilities in the US qualify as highly protected risk (HPR) properties. Despite the inherent safety features build into these structures, it is still a company's commitment to loss prevention and its desire to protect products and processes not covered by the codes that make one HPR facility a better insurance risk than another. A proactive approach to loss control technology is truly necessary to optimize its benefits. Some of the areas in which research is being conducted and tools are being tested are discussed.

DePinto, Gary. Managing factory risk to improve customer satisfaction. Semiconductor International, June 1997, pp.179-186.

A catastrophic scrap event at a semiconductor company led to a factory-wide approach that would prevent similar re-occurrences. This factory-wide approach considers the effects of people, facilities, process and methods, and gases and chemicals. The approach also focuses on measurable outcomes to maintain process control. The implementation of this approach which assesses factory risk reduced in-line scrap by 27% over a one-year period.

Dorn, Mark. Vendors sell peanuts partners sell solutions. Vol. 45, Risk Management, New York, October 1998, pp. 14-16.

Selecting a top risk management information system (RMIS) vendor is a bigger challenge than ever before. It is a decision that can pay dividends for years to come, however, because the better RMIS provider you have today, the higher the level of technology your organization will be able to leverage in the future. New services including project management, installation, custom programming, data conversion, consulting and technology integration are now the norm. This article outlines the reasons and methods for choosing an RMIS systems partner. RMIS has evolved from a one-time acquisition event into an ongoing business practice that reflects a funded philosophy for strategically defined products and services.

Duden, David P. From data to decisions: Selecting risk management software. Vol. 43, Risk Management, New York, December 1996, pp. 33-35.

There are instances in which a risk management information system (RMIS) seems to integrate into an organization's operations without any problems. The new system fits beautifully into a company's hardware and software environment, training is completed ahead of schedule and software support often involves little more than the provider calling the end user to make sure the product is still functioning. Purchasing an RMIS product is often a complex challenge that leaves the end users frustrated not only with the software, but also with the provider. Time and effort that should be devoted to the risk management department's mission is instead diverted by training sessions, service calls, and attempts to resolve complaints and problems. The key to successful implementation is first conducting a proper analysis of the organization's needs and expectations. The growth of the Internet and corporate intranets is changing the appearance and functionality of RMIS products. The newest tools attempt to take advantage of the growing use of intranets to expand the reach of risk management within organizations.

Getting people involved. Vol. 43, Risk Management, New York, September 1996, p. 56.

Regardless of which part of an organization assumes responsibility for coordinating a disaster management plan, its important for all functions to work together in designing and testing the recovery effort. At Southwest, practices include a letter from the president declaring disaster, establishing departmental teams, and disaster recovery tasks.

Grapperhaus, Roberta. Measuring up: How risk managers apply the cost of risk survey results. Vol. 45, Risk Management, New York, January 1998, pp. 27-29.

Since 1979, risk managers have used the Cost Risk Survey, conducted by RIMS and Tillinghast-Towers Perrin, as an external benchmarking tool and a way to track industry wide trends in the US and Canada. Those who have done so report significant benefits in measuring their risk management program against others. The survey, conducted annually, measures the costs associated with an organization's risk management function, including risk assessment, control, financing, and administration expenses. Risk managers agree that the survey's most important function is providing a launching pad for benchmarking efforts. The survey is also helpful in sharing risk management information with an organization. The survey also provides risk managers with a starting point in broker negotiations. A significant trend identified in this year's results is the increase in employees who handle risk management functions outside of risk management departments. The survey results cost $495 for non-RIMS members.

Guidelines for Managing Risk in the Australian Public Service. Joint publication of the Management Advisory Board and its Management Improvement Advisory Committee, MAB/MIAC Report No. 22, October 1996.

Risk management is being developed as a specific technique in Australia and New Zealand. The Australian Public Service (APS) Guidelines are based on the Australian/New Zealand Standard for Risk Management. The APS Guidelines were developed to provide a generic framework for managing risk in the public service. They serve as a reference point for managers and staff when developing processes, systems and techniques for managing risk which are appropriate to the functional and organizational context of their agency.

Hawkins, Kyleen W. and Bill Huckaby. Using CSA to Implement COSO; Control Self-Assessment. Vol. 55, No.3, Institute of Internal Auditors, p.50.

This article discusses Arkansas BlueCross BlueShield (ABCBS), a mutual insurance company, and its implementation of the financial reporting category of COSO. Previously, only large-scale banks had implemented COSO in an effort to acquire external attestation regarding the existence and operation of a sound system of control over financial reporting. There were six steps that were taken by ABCBS to implement COSO: 1) Establishing objectives; 2) Planning the CSA workshops; 3) Analyzing the data; 4) Developing and implementing corrective action plans; 5) Documenting the control structure; and 6) Obtaining attestation. The key to the successful implementation of COSO was the demonstrated commitment by the CEO and the CFO throughout the whole process. This article would be of interest to finance departments.

Hendriks, Martien. Project Risk-mapping. No. 19, Projectie (The Netherlands), September 1997

Martien Hendriks has developed a quick and simple risk management approach for projects-a Risk Quick Scan-based on a core concept known as "risk mapping". Using this method, any kind of project can be assessed against related risks within a couple of hours, thus increasing its chances of success. It provides a snapshot in time that gives a relative picture of all risks identified by participants, and generates a commitment to the results that is shared by the entire group. The outputs are also useful for sensitivity analysis, based on best-case, most likely case and worst-case project scenarios. The simplicity and collaborative nature of this technique gives it widespread applicability across government, particularly with respect to project management.

Hopkins, Deborah C. Case Study-Introducing Business Risk Management, Global Council on Risk Management. General Motors Corporation, June 5, 1997.

This slide presentation is a case study of General Motors Corporation introducing business risk management. The presentation outlines GM's framework for business risk accountability and discusses the challenges and lessons learned by the company including the need for top management support and the need to gain executive management concurrence.

Hunt, Ben. Colin Witheat. Vol. 6, No. 2, International Risk Management, An Emap Business Publication, February 1999, p. 30.

Colin Witheat, head of risk management at UK pharmaceutical company SmithKline Beecham, discusses the steps taken by the company to ensure integrated risk management. One step taken by the company was Board leadership in identifying and then taking responsibility for major catastrophic risks that could affect the company. Integrated risk management ensures that the company is aware of the level of risk that it is taking on, and is thus better able to protect the balance sheet and shareholder value.

Hunt, Ben. Profile: Ray Matholie. Vol. 5, No. 9, International Risk Management, October 1998, An Emap Business Publication, p. 28.

Ray Mattholie, head of risk and insurance solutions at British Telecom, discusses the growing role/importance of his unit within the company. The risk and insurance solutions department is promoting itself as a 'centre of excellence' to spread risk evaluation procedures through the company and 'disseminate a risk culture'. The department assists business units within the organization by laying the ground for risk management, with the aim to encourage more people to realize they are their own risk managers, with the department acting in a support capacity.

Institute of Internal Auditors-Australia, Australian Control Criteria: Effective Internal Control to Achieve Business Objectives within an Acceptable Degree of Risk. Exposure draft, March 1998.

The Australian Control Criteria assists managers and internal auditors who are responsible for evaluating the effectiveness of internal controls within an organization. It provides the basis for assessing an organization's system of control, and is based on the needs to integrate culture, competency and process. Implementing internal control frameworks provide assurance that the organization is achieving it goals with an acceptable degree of risk and that governance requirements are met.

Jorgensen, Lori. Connection to risk? Managing the exposures of cyberspace. Vol. 45, Risk Management, New York, February 1998, pp. 14-19.

According to The Zona Report 97: Internet and Intranets, the focus of computing has shifted from captive processing to distributed access as the Internet has evolved into a global infrastructure that facilitates communication, control and computing. As the use of these technologies becomes more common, increasing attention is being devoted to managing the attendant risks. As they do for other exposures, risk managers must apply a systemic approach to examining their organization's monitoring. This approach must consider not only the downside of risk (and seek to avoid financial loss) but must also evaluate business opportunities and strike a balance between risk and reward.

Knowledge Management: Leveraging Information. GartnerGroup, Conference Presentation, 1998.

This article focuses on the application of knowledge management. Organizations need to identify where the use of knowledge has an effect on performance impact and what are the characteristics of the type of knowledge that can be captured and shared. Companies need to recognize the increasing dependence on knowledge, and they should use the trend of increasing market value coming from intangibles such as knowledge to bring attention to knowledge management. The article outlines the guidelines that should be followed to maximize acceptance and use of knowledge sharing within an organization's culture.

Lam, James C. and Kawamoto, Brian M. Emergence of the Chief Risk Officer. Risk Management, September 1997, pp. 30-35.

An important strategic initiative for embracing risk is the emergence of the Chief Risk Officer, who is key to managing and monitoring enterprise risk. Three trends are driving enterprises to adopt an integrated approach to risk management: 1) Broader dimensions of risk; 2) Changing role of risk management; 3) Regulatory oversight.

Initiatives an organization must take to control risk: 1) Establish an environment that champions risk control; 2) A risk assessment protocol must be developed to evaluate risk; 3) Effective information systems must capture relevant risk data. A procedure for monitoring results is also necessary to evaluate the system's performance over time.

The Fidelity Investment's Global Risk Management Group's RISK framework is presented.

Limperis, John. EDI Bringing workers' comp up to speed. Vol. 45, Risk Management, New York, October 1998, pp. 29-30.

The application of electronic data interchange (EDI) is increasing the efficiency in workers' compensation administration. State mandates are part of what is driving the interest in EDI. EDI eliminates the rekeying of data, duplication and keystroke errors, and provides an almost instantly verifiable means to connect employers, healthcare providers, payers, and jurisdictions, allowing them to share data smoothly. It improves workflow and data integrity, resulting in considerable cost savings. As risk managers scramble to find answers and develop solutions to meet mandates, they must choose whether to bring in vendors to meet their EDI needs or write and maintain their own systems.

McGuaig, Bruce. Auditing, Assurance, & CSA; Control Self-Assessment. Includes Related Articles on CSA Approaches, Assurance Strategies and Definition of Controls, Vol. 55, No.3, Institute of Internal Auditors, p. 43.

Control and risk self-assessment (CSA), developed at Gulf Canada, has become an effective assurance tool which can be used for many business processes. Typically the value of an audit is to issue a report stating that controls do or do not exist. The weakness of a traditional audit report is that the views of the auditor regarding the adequacy of controls, and what constitutes a control, are lacking. CSA is a tool which provides assurance that an end-point business objective will be met, taking into account both controls and risks. This article would be of interest to general management.

One of the lessons learned at Gulf Canada was that the mission of the audit department was to provide assurance on a variety of end-result business objectives, including compliance with policies, reliable financial information, and economy and efficiency.

McNamee, David. Risk Management Today and Tomorrow, Management Control Concepts.

This article provides a public sector perspective on risk management. The article summarizes risk management theory and practices applicable to the public sector, and describes a model for integrating risk management in planning and decision-making. The three steps in the model are: establish organization objectives; assess risk (identify, measure, prioritize); and manage risk. The paper also discusses risk management practices in the public sector in the US, Canada, UK and New Zealand. The Australian/New Zealand Risk Management Standard is also evaluated.

Miccolis, Jerry A. and Quinn, Timothy P. What's your appetite for risk? Determining the optimal retention. Risk Management, New York, April 1996.

More and more, risk managers are attempting to create innovative strategies to address the uncertainties that threaten a company's business plans, and strategic risk financing is increasingly employed as a tactical alternative to traditional risk transfer. A number of steps must be performed for an organization to implement a strategic approach to risk financing. When evaluating a specific situation, it is important to assess the organization's exposures, risk profile, financial position, and acceptable risk/reward trade-offs before selecting the most effective strategy. Performing a risk assessment involves defining the financial limits of an organization's tolerance of risk. Preparing an analytical model of an organization's risk profile is the foundation upon which the remainder of this process is based. In addition to an actuarial analysis of historical losses, it is critical to gain an understanding of the exposures that could produce a catastrophic loss.

Paul-Choudury, Sumit and Alison. Firm-wide risk management: summing it all up - EIU/SPECIAL REPORT, Corporate Research. Report, September 1998.

This article discusses attempts by companies to develop firm-wide risk management (FRM) tools. These allow companies to compare all market, credit and operational risks on a quantifiable "apples-to-apples" basis. There is great difficulty, however, in quantifying all risks. As well, many in the finance industry caution that managers should not place too much reliance on a model. Models can be used to assist managers in analyzing risks, not necessarily to identify firm risks. Article would be of interest to management.

Pelland, Dave. Resources for international risk managers: Global guidance. Vol. 44, Risk Management, New York, August 1997, p. 12.

Web sites that risk managers of companies participating in or exploring international business ventures will find useful are discussed. For example, a potentially valuable tool for international risk management is the exchange rate calculator offered by Switzerland's OANDA. The firm's 164 currencies converter (www.oanda.com/cgi-bin/ncc) allows you to calculate the exchange rate for currencies from Afghanistan to Zimbabwe, for any date since January 1, 1990. Other websites listed simply provide information on world trends (economical, political, weather).

Pelland, Dave. Standing guard against fraud. Vol. 45, Risk Management, New York, February 1998, p. 6.

The more an employer relies on outside companies to provide the goods and services it needs to run its business, the greater chance it runs of having to address fraud-related problems. To manage their fraud exposure, Chubb's Lori Dickerson recommends that employers establish a number of measures to spread the authority for purchasing goods and services. Another potentially helpful risk management tool can be found in the form of fidelity insurance, which responds to the theft of money or property by current or former employees, temporary personnel, trustees and directors.

Perkins, Pia. An Integrated Solution. Vol. 4, No. 13, International Risk Management, An Emap Business Publication, March 1998, p. 28.

This article discusses the need for risk management to be embedded within the entire organization so that employees own and drive it. The article discusses a model which forms the basis of a total risk management culture. The model's risk management process consists of: risk profiling, risk mapping, strategy and plans, process integration, and control and audit.

Risk management, Australian/New Zealand Standard, AS/NZS 4360:1995.

The Australian/New Zealand Standard provides a generic framework for identification, analysis, assessment, treatment and monitoring of risk. The terminology used in the Standard is acceptable across a wide range of risks and risk management disciplines. The Standard specifies the elements of the risk management process and is independent of any specific industry or economic sector.

Risk Management: The role of the internal audit. Vol. 75, No. 8, 1997 UMI, Inc. and Chartered Institute of Management Accountants 1997, pp.42-43.

The article defines risk management and its growing importance as organizations become flatter with empowered, self-managed work teams. The author also discusses how the UK Post Office approaches risk management and details KPMG's control and risk management framework. This article also explores the role of internal audit in risk management. Many organizations are willing to accept proposals relating to risk and control from an internal auditor working externally. Internal auditors operating either internally or externally, however, should be fully involved in the risk management process.

Rosser, Bill. Knowledge Management: Applying and Leveraging Information. GartnerGroup, October 1998.

Slides from a presentation by Bill Rosser provide an overview of the knowledge management process framework which includes the following steps: create, capture, organize, display, access, and use. The presentation also discusses the steps that should be taken by a program manager to launch a knowledge management program and the steps that must be taken to address the cultural barriers to knowledge management.

Sandri, Praveen, Guin, Jayanta and Richardson, Beth. Catastrophe Modeling: A New Tool for Risk Managers. Risk Management, May 1998, pp. 29-31.

Standard actuarial techniques that employ historical losses to project future losses cannot be used for estimating potential natural catastrophe losses. Computer catastrophe loss modeling, however, can help risk managers assess exposures, determine insurance needs, perform cost-benefit analyses, identify preloss mitigation strategies and provide valuable information for risk-hedging strategies. Insurers use the model to determine their risks, premiums, underwriting guidelines, policies, coverages, deductibles, loss triggers and coverage restrictions. The programs can be run on desktop computers and can also be integrated into overall corporate risk assessment. Validated and calibrated through extensive internal/external peer review, post-disaster field surveys and detailed client data, such models provide the estimated odds for disasters of every magnitude occurring at any location.

Sandwell risk manager makes full use of internet; Government information services. Vol. 1, No. 2, Public Sector Risk Management an Emap Business Publication, Autumn 1996, p. 6.

This brief article discusses the growing importance of the Internet as a resource for risk managers. The Internet will become more useful as more risk managers participate and there is the interchange of information. The following website is considered useful for risk managers in the public sector: http:\\www.open.gov.uk.

Saul, Jonathan. Tools or Toys. Vol. 5, No. 6, International Risk Management, June 1998, An Emap Business Publication, p. 29.

Companies developing operational risk management information systems (RMIS) argue that risk managers can not afford to be without these IT systems. Many risk managers prefer to use in-house development systems, however, as they are tailored to company requirements and are less expensive than external systems. Both the benefits and drawbacks of RMIS are presented in this article.

Saul, Jonathan. Trade Doubt for Certainty. Vol. 5, No. 8, International Risk Management, An Emap Business Publication, September 1998, p. 33.

Currency risks can seriously affect a company's balance sheet. Three political factors that contribute to currency crisis are: a lack of transparency, political short-termism, and the 'J-curve' (political instability occurring after a downturn following a period of dynamic growth). Currency hedging options used by risk managers include: credit derivatives; currency swap; options, futures and other over-the-counter (OTC) products offered by banks.

Saylor, Richard. Meet the risk manager. Risk Management, New York, October 1996.

Richard Saylor, risk and insurance manager for Coca-Cola Beverages Ltd., notes the importance of communicating risk management issues to personnel. Common tools used by Mr. Saylor to communicate risk management issues include distributing monthly, quarterly, and annual reports. He also notes that the various operations within the Coca-Cola company are the customers for the risk management group.

Scott Lange. Going Full Bandwidth at Microsoft, Microsoft Corporation, Presented to the Global Council on Risk Management, The Conference Board, November 21, 1996.

This slide presentation summarizes the evolution of integrated risk management at Microsoft. Risk maps were developed for the main risks affecting Microsoft, i.e., natural, operational, financial, liability/litigation, and employment risks. As the impact for risk is virtually the same for all risks, Microsoft has developed a consistent risk management strategy for all risks. The four primary risk management process elements are: identification; assessment; mitigation and financing.

Sharman, Richard. Revealing Risk Patterns. Vol. 5, No. 10, International Risk Management, An Emap Business Publication, November 1998, p. 29.

Richard Sharman discusses dependency modeling, a technique that identifies the threats to the achievement of objectives and provides an evaluation of existing control measures. This technique is considered beneficial because it: models business dependencies and inter-dependencies; highlights sensitivities to key activities; assesses control measures and their cost effectiveness; prepares a framework for subjective judgements; and provides an updateable model for continued analysis.

Smit, Barbara. Profile: Pierre Sonigo. Vol. 5, No. 5, International Risk Management, An Emap Business Publication, May 1998, p. 35.

Pierre Sonigo, risk manager for Pechiney, discusses recent changes that he has initiated within the company regarding safety, risk coverage and environmental strategies. To ensure an integrated approach to risk management, Mr. Sonigo has set up a risk committee composed of senior officers responsible for running the 10 divisions within Pechiney. Risk management strategies are communicated from senior personnel downward within the company.

Spinner, Karen. Institutions put value on risk practices; software for risk management and valuation methods; Industry Trend or Event. Vol. 15, No. 6, 1997 Information Access Company, Thomson Corporation Company, 1997 Miller Freeman Inc. Wall Street & Technology, p.56.

This article discusses the growing demand by institutional investors for new risk measurement and valuation tools. The author describes various products, i.e., Principia, Aegis, Cosmos, etc., that are currently being developed by software vendors which can assist pension plan and funds investors to assess their risk and analyze the investments already in their books.

The Boston Consulting Group. Scenario Planning, Noranda Inc.

This brief presentation details scenario planning at Noranda Inc. Scenarios are used as a tool for managing uncertainty and assisting Noranda in defining where and how they should grow. The scenario process is iterative and relies heavily of the scenario driver fact base.

Toxopolis, S. Risk Management in New Product Development: The Case of DAF Trucks. Vol. 6, Sigma (The Netherlands), December 1998, pp. 20-24.

Clients are demanding faster time-to-market for new products. This is only possible if the product development process can be mastered. DAF Trucks has completely redesigned its new product development process with the adoption of General Risk Prediction Analysis (GRPA). GRPA is a practical risk management method that ensures proper management of product quality, timeframes and costs in the product development process. Given that quality, timeliness and cost are relevant issues in the delivery of most every federal government project/program, GRPA could find widespread applicability across the government sector.

Wansink, Drs. DE and Thijssen, VJ. Integral Risk Management: Beyond V.A.R. No. 3, Controllers Magazine (The Netherlands), June/July 1997.

This article explores the Cash flow At Risk (CAR) concept, an application of integral risk management techniques, in residential corporations. CAR is based on many of the same concepts as Value-At-Risk (VAR-introduced in Controllers Magazine, April 1997 with respect to non-financial institutions), yet is more-widely applicable than VAR. The residential corporation sector has been forced by need to calculate accurately various interest and rental scenarios-particularly with respect to how risks arising over time can be expressed in financial terms. The models used (Asset/Liability Management Software and Monte Carlo Simulation Methods) provide insight into how integral risk management can be put into practice in the real world. In the federal government context, these concepts and tools could be applicable in the area of financial/treasury management, as well as capital planning/management.

Warning Signs Diagnostic Exercise, 1996 Arthur Andersen LLP.

This article describes Arthur Andersen's Warning Signs Diagnostic Exercise. Various warning signs are to be rated to determine their impact on an organization, where '1' indicates that the warning sign exists and '5' indicates that the warning sign does not exist and is thus not affecting the company. Once a company has evaluated the potential warning signs, the sum of the score is used to determine the organization business risk management profile.

Weinstein, Edward A. and Dennis C. Carey. 10 Best Practices. Vol. 22, No. 4, 1999 UMI., Directors & Boards, Summer 1998, p. 40.

Audit committees must deal with corporate governance, risk management and disclosure adequacy. This article presents ten best practices of a well functioning audit committee, which include selecting a strong chairman, establishing a regular meeting agenda to provide discipline to the meetings, and considering internal audit as a separate functioning group.

When in doubt, simulate. Vol. 45, Risk Management, New York, November 1998, pp. 44-49.

A computer simulation can provide a better understanding of risk management and how risk managers can do it better. In addition to plan testing, simulation can be used as an aid to plan development. The outcomes of a risk management plan can be observed via simulation and adjustments made to the plan to improve efficiency with respect to the risk manager's goals. Relying on computer outputs, however, without understanding the quality of the inputs and the underlying model structure is dangerous.

Williams, Todd L. An integrated approach to risk management. Vol. 43, Risk Management, New York, July 1997, p. 22.

To understand how organizations are handling business risks, Arthur Andersen and The Economist Intelligence Unit conducted a global study over the past 18 months. Written surveys, telephone interviews, and face-to-face discussions were utilized to gather information from senior executives about the steps organizations are taking to get a handle on their risks. There are a number of steps organizations can take to be more proactive in managing the total universe of risk they face: 1) Create a process-oriented view of risk management; 2) Build an effective organizational control structure, 3) Develop a common business risk language.

Governmental:

Canadian, International

Baldry, David. The evaluation of risk management in public sector capital projects. Vol. 16, No. 1, International Journal of Project Management, 1998, pp.35-41.

This paper discusses and evaluates the significance of project risk for public sector organizations, and examines the impact of risk outcomes which are both financial and non-financial in nature. For public sector organizations, the risk exposure and the consequent risk impacts are a function of the cultural and environmental framework within which they are required to operate. The article also discusses the benefits of a system of risk management which identifies risks that can influence a major project.

Barrett, Pat. Selecting Suppliers-Managing the Risk. Australian National Audit Office, October 1998.

This guide is relevant to public service officers involved in contracting as it provides a framework to assess some of the financial and probity risks associated with contracting with non-government suppliers. A risk assessment matrix is presented in this guide that can be used to make an overall assessment of the ability of a supplier to successfully deliver the services/products stated in a contract.

Clack, Peter. Australia: Business Declares war on Fraud. Reuters Business Briefing, Jan. 25, 1999.

This short article discusses the increasing trend by Australian organizations to implement prevention policies to counter fraud that is carried out for money, property, time or information. In 1997, 75% of Australian organizations had implemented anti-fraud policies that ranged from policy statements to specific agency behaviour. In the 1990's a complex database system had been set up across Australia to prevent taxation and social security fraud by allowing government agency employees to conduct data-matching on clients.

Comptroller General of the United States. Major Management Challenges and Program Risks: A Government-wide Perspective. January 1999.

This report discusses government-wide challenges that must be addressed to improve the performance, management and accountability of federal agencies. Performance-based management seeks to shift the focus of government performance and accountability away from a preoccupation with activities to a focus on the results or outcomes of these activities. This report identifies government-wide challenges to performance-based management confronting 20 individual agencies.

Edlin, Bob. New Zealand: Luxton Lunges at Red Tape While Business Champs at Bit. Independent Business Weekly (NZ), October 10, 1997.

This article discusses a recent speech from John Luxton, Commerce Minister, declaring war on red tape. An initiative he is considering is a Regulatory Responsibility Act which would require governments to certify that proposed regulatory actions are based on 'robust regulatory management principles'. The article also mentions arguments from critics who contend that the government is slow in implementing new initiatives.

Risk management is being developed as a specific technique in Australia and New Zealand. The Australian Public Service (APS) Guidelines are based on the Australian/New Zealand Standard for Risk Management. The APS Guidelines were developed to provide a generic framework for managing risk in the public service and to be used as a reference point for managers and staff when developing processes, systems and techniques for managing risk which are appropriate to the functional and organizational context of their agency.

Haines, Joe. Not up to Scratch. Vol. 1, No. 2, Public Sector Risk Management, an Emap Business Publication, Autumn 1996, p. 23.

The article explores whether risk management exists specifically within central government, since central government is not accountable to an insurance company, which has the power to charge higher premiums. The author describes the process of making government departments accountable, and discusses how central government risks are different to those in private sector.

HM Treasury - Better Value for Money in Public Sector Construction Contracts. Hermes - UK Government Press Releases Reuter Textline, September 26, 1997.

This article discusses a series of draft guidance documents that have been submitted to the Construction Industry Board regarding government departments preparing public sector construction projects. The guidance documents will lead to better value for money as public sector building contracts become more standard.

Hodges, Alan. Towards a National Disaster-Mitigation Strategy. Australasian Fire Authorities Council 1997 Annual Conference, October 12, 1997.

Alan Hodges, AM Director General of Emergency Management Australia, argues the need for comprehensive organizational arrangements for co-ordination of federal, state and local government disaster-mitigation measures. He argues that disaster prevention makes more sense than having to counter the effects of a disaster. National workshops were conducted with government bodies and a number of principles on which disaster mitigation should be based were identified.

Institute of Internal Auditors-Australia, Australian Control Criteria: Effective Internal Control to Achieve Business Objectives within an Acceptable Degree of Risk. Exposure draft, March 1998.

McNamee, David. Risk Management Today and Tomorrow, Management Control Concepts.

This article provides a public sector perspective on risk management. The article summarizes risk management theory and practices applicable to the public sector, and describes a model for integrating risk management in planning and decision-making. The three steps in the model are: establishing organization objectives; assessing risk (identify, measure, prioritize); and managing risk. The paper also discusses risk management practices in the public sector in the US, Canada, UK and New Zealand. The Australian/New Zealand Risk Management Standard is also evaluated.

Risk Management in the Australian Customs Service, Australian Customs Service.

The paper provides an overview of the Australian Customs Service, and describes its risk management policy which was based on Guidelines for Managing Risk in the Australian Public Services and the Australian /New Zealand Standard for Risk Management. The Australian Customs Service risk management process involves a six step cycle: establishing the context; identifying the risk; analyzing the risk; evaluating and ranking the risk; treating the risk; and maintaining a continuous monitoring and review strategy.

Risk management, Australian/New Zealand Standard, AS/NZS 4360:1995.

The Auditor General. Comment by the Auditor General. Australian National Audit Office.

Pat Barrett, Auditor General of the Australian National Audit Office (ANAO), discusses the necessity for appropriate corporate governance arrangements. Corporate governance is the way organizations are managed to produce results for their stakeholders. In the Australian public sector, the primary stakeholders are the Parliament, the Government and the Australian community. Mr. Barrett discusses the importance of new financial legislation: Financial Management and Accountability (FMA) Act 1997 and the Commonwealth Authorities and Companies (CAC) Act 1997.

Zomer, Heather. The education of a rookie risk manager. Risk Management, New York, June 1996.

The public safeguard risk management initiative came as part of a restructuring of Surrey, BC's municipal government designed to streamline the city's administration. The first step the city undertook, at the start of 1993, was to create a risk management task force with managers from the major municipal departments. Since early 1994, the risk management team has published a quarterly risk management newsletter in which claims of experience and exposures that are emerging throughout BC and Canada are discussed.

Operational

Health & Safety

Abbott, Howard. Food for Thought. Vol. 5, No. 9, International Risk Management, October 1998, p. 31.

The article discusses Hazard Analysis Critical Control Point (HACCP) which is a technique that is used to ensure product safety. The fundamental idea behind the HACCP technique is to anticipate hazards in the production process that could make the product defective, and then identify the points at which they can be controlled.

Bellandi, Deanna. The Expanding Reach of Risk Management: Suburban Heights Medical Center: Judges. 1997 Crain Communications Inc.

Environmental Risk Management becoming a concern to Hospital Executives. Vol. 13, No. 1, 1998 Information Access Company, a Thomson Corporation Company, IAC (SM) Newsletter Database ™ Business Word, Inc.

This article mentions that hospitals and health care facilities are seeking environmental insurance - the most common insurance policy is the Pollution and Remediation Legal Liability (PARLL) policy. Hospitals must deal with high risk environmental operations, including incineration, use of radioactive materials, etc. Environmental insurance helps hospitals to transfer risks.

Hallam, Kristen. Healthcare International: Taking a Global Risk; MMI Cos Sees Gold in Foreign Malpractice Insurance. Modern Healthcare, November 2, 1998, p.40.

Changes in national health systems and a growing number of malpractice complaints, along with a rise in the amount of damages awarded to these plaintiffs, has created opportunities for various American based companies to bring their risk-management expertise to Europe and Latin America. Specifically, European healthcare providers need to cope with a growing demand for services and the issue of reimbursement from users who are members of the European Union. To be successful, risk management has to be seen as a local product and a company cannot assume that all healthcare systems are similar. Rather, companies need to know a country's health policy and understand the national economy. Consequently, to apply risk management philosophy, different tools will be needed for each country.

Hanley, Mike. Containing the Colossus. Vol. 5, No. 4, International Risk Management, An Emap Business Publication, April 1998, p.18.

Nelson Chanfrau, risk manager for the Port Authority of New York and New Jersey, discusses how his risk management department handles a variety of risks, ranging from bus accidents to terrorist bombs. The goal of the department is to ensure complete safety for customers and employees.

Hansen, Mark D. and Kysar, David S. Making the right moves: Implementing effective ergonomics management. Vol. 44, Risk Management, New York, February 1997, pp. 50-54.

The Risk and Insurance Management Society (RIMS) Health and Safety Committee and American Society of Safety Engineers have formed a joint effort to assess member needs in addressing ergonomic issues. It is not the intent of this group to conduct ergonomics research or to suggest a one and only method of approaching the issue, but rather to develop a compilation of ergonomics best practices with input from members of both organizations. Elements of a successful ergonomics program may include employee involvement and management commitment, accident review and evaluation, training and education, design of job functions and medical management. A checklist to improve identification of ergonomics risks in the workplace is provided.

Hohmann, Samuel F. Healthcare Cost of Risk Initiative: Preliminary findings. Vol. 50, No. 6, 1999 UMI., Healthcare Financial Management, June 1996, pp. 60-67.

The Healthcare Financial Management Association (HFMA) and MMI companies have sponsored a Healthcare Cost of Risk initiative. The purpose is to identify the cost of risk in healthcare organizations. The first phase of this initiative has been completed and total cost of risk ranged from 1 percent to 12.5 percent of net patient revenues. Main risks identified include costs for employee benefits, professional and general liability, workers' compensation, and risk management administration costs.

Increasing the odds. Vol. 45, Risk Management, New York, December 1998, pp. 32-34.

Boyd Gaming's risk manager, Stan Smith, sees safety as the first priority. Smith initiated a training course for all security personnel to learn first aid, CPR and how to use an Automated External Defibrillator. The thoroughness of the process of the process also led to the overall update of the company's safety equipment and procedures.

Integrating. Risk Management, December 1997, pp. 48-49.

The University of California share a risk management philosophy that everyone in the company is in it together. Deborah Luthi, director of human resources and risk management says the partnership which includes the campus environmental health and safety and vocational rehabilitation departments along with a third party administrator has reduced the average cost per workers compensation injury claim. Practices included establishing an employee health services clinic, a return-to-work policy and exercise programs with trainers. The partnership also promoted employee morale and productivity.

Kirby, Anne. Controlling Comp Costs? Risk Management, March 1997, pp. 37-44.

With the continuous changes in the workers' compensation industry, the article discusses 10 strategies to implement to control comp costs.

Take advantage of opportunities created by market consolidation
Learn from states with effective managed care programs
Implement state-specific programs
Prevent culture clash by including claims adjusters and managed care professionals in decision making
Limit the number of managed care vendors that provide service
Invite outside participation in your managed care task force
Understand the value - added components of your managed care provider
More is not always better
Promote early intervention via automated first report of injury programs
Determine management information needs before you begin.

Putting words to work. Vol. 45, Risk Management, New York, November 1998, pp. 18.

This short article discusses an Integrated Disability Management program. IDMs are designed to help risk managers improve productivity, profitability and health status of employees. A well-designed IDM will combine disability management and claims administration for all injuries and illnesses, whether occupational or non-occupational in nature, and for either short or long term disability.

Serb, Chris. Uncalculated risks. Vol. 71, No. 13, 1997 UMI, Inc. American Hospital Publishing Inc. 1997 Hospitals & Health Networks, pp.28-30.

This article mentions the growing interest in risk management benchmarking, specifically for health care organizations. Benchmarking information is difficult to collect from hospitals as many do not want to reveal patient information and other details, i.e. botched surgeries.

West, Kathryn Z. Can they afford not to? Risk Management, New York, April 1996.

Wellness is an approach to containing health care costs that is becoming increasingly popular, and there is mounting evidence for why this approach works. In a two-year study, for every $1 invested, the employer recovered $1.68 in employee benefits savings. Health profile screening is usually the first step to implementing a wellness program. A wellness co-ordinator can assess individuals for cholesterol, blood pressure, weight, tobacco use, exercise and glucose. The second step is implementing health education. Lastly, senior management should be firmly committed to wellness.

Finance

Australia: Corporate Treasurers Lack Adequate Systems. Australian Banking and Finance, December 1997.

This article discusses a recent survey, conducted by Ernst & Young and the Australian Society of Corporate Treasurers, which found that less than half of survey respondents had invested in a treasury system. The main problems identified with current systems were: the lack of integration of systems and databases (27%); insufficient reporting capability (25%); and lack of front office analytical capability (23%).

Borst, JJ. Value at Risk in the Dutch Steel Industry. Tijdschrift Voor Corporate Finance (The Netherlands), Fall 1997.

Cornford, Andrew. Some recent innovations in international finance: Different faces of risk management and control. Vol. 30, No. 2, Journal of Economic Issues, June 1996, pp. 493-508.

This article provides an overview of the history of over-the-counter (OTC) financial derivatives. The main risks associated with derivatives are discussed: systematic, credit, market, liquidity, operational, settlement and legal. Specific attention is placed on the collapse of Barings due to the failure of internal control-lack of segregation of the front office where trading was occurring, and the back office where recording and settlement of trade and movement of funds took place. The author suggests the basic salary, with a profit-linked bonus, offered to traders creates undesirably high-risk taking. Redesigning remuneration packages would have a significant impact on traders behaviour in derivatives markets. This article would be of interest to management and specifically to finance departments.

Dickson, Thomas R. The evolution of risk financing. Vol. 43, Risk Management, New York, August 1996, p. 15.

In the late 1980s, elements of finite risk were packaged together with financial management techniques to create a concentrated underwriting approach. The attractions of this approach to buyers have included guaranteed access to capacity for a specific number of years, with predictable (and generally stable) premium flows and the opportunity to share in the favourable results of the underwriter. From the seller's perspective, this has been an opportunity to create a portfolio of stable individual programs that were less volatile than the swings that had been experienced in the traditional market.

Fed's Meyer calls for better bank capital Standard. BUSINESS WIRE PR Newswire Reuter Textline, March 2, 1998.

Laurence Meyer, federal reserve governor, has warned that bank capital standards are becoming outdated in the face of rapidly developing financial markets. The one size fits all minimum capital ratio (banks must hold capital equivalent to 8% of their risk-weighted assets) has led many to circumvent current risk capital standards.

Fixing broken bucks: Fidelity proposes new captive use. Vol. 44, Risk Management, New York, December 1997, p. 42.

Fidelity Investments is seeking approval from US regulators for a groundbreaking captive designed to address an industry-specific risk. If approved by the Security and Exchange Commission, the new captive would protect Fidelity's mutual funds from the exposure caused by money market investments.

Hanley, Mike. Made to Measure. Vol. 5, No. 7, International Risk Management, July/August 1998, An Emap Business Publication, p. 22.

According to the author, companies are beginning to realize that strategic risk financing can offer the greatest returns. Many companies are engaging in strategic risk financing which is the customization of insurance and reinsurance contracts to achieve specific organizational objectives. The author also discusses various instruments of risk financing ranging from balance sheet financing to investment driven risk-financing solutions.

Have Financial Institutions put the Development of Better Risk Management Systems on the Back Burner? American Banker, Reuter Textline, March 4, 1996.

This article presents various views on whether financial institutions have continued to focus on the development of better risk management systems. Overwhelmingly, the responses would indicate that financial institutions are investing in systems that provide risk reports on a timely and accurate basis.

Hedging profits…weather or not. Vol. 45, Risk Management, New York, February 1998, p. 9.

A new "weather hedge" has been announced that will protect companies with financial interests that can be affected by adverse conditions. The hedge, offered by the newly formed Worldwide Weather Trading, will minimize the financial risk of a specific condition occurring (within a designated time at a specific location) and will be backed by insurers and reinsurers that will "warehouse" the risk.

Hein, Eric P. and O'Malley, Michael J. Two birds with one stone. Risk Management, New York, April 1996.

As retrospectively rated programs give way to large deductible plans, and deductible programs continue to be adopted by smaller businesses, the use of cash flow plan to finance worker's compensation, automobile liability and general liability losses continues to grow at increasing speeds. Growing with the demand for cash flow programs is the need to post letters of credit to support these programs. Over several years, the letters of credit required to support cash flow programs tend to stack up, and a requirement that starts out modestly can become burdensome and expensive. The need to develop alternative collateral to replace letters of credit is a pressing issue for many risk managers. Several solutions are proposed that can be used not only to replace future or existing letter of credit requirements, but if properly structured, can also provide an accelerated tax deduction to an insured. These solutions include: 1) Investment credit programs; 2) Premium financing; 3) Compensating balance programs; and 4) Guaranteed cost NPV programs.

Hunt, Ben. Balancing Risk and Reward. Vol. 5, No. 9, International Risk Management, October 1998, An Emap Business Publication, p. 22.

The article notes that company treasuries continue to favour derivatives as they provide an ability to manage more complex risks. The increasing power of shareholders, however, has led to the reappraisal of hedging strategy. Shareholders want to know if hedging fits in with the management philosophy.

Jegher, Simon. Flexible Structure: Managing Financial Risk. Risk Management, January 1999, pp. 29-33.

In this article, Mr. Jegher examines a unified, flexible and comprehensive structure for managing financial risk. The objectives of the process are to address the key policies relating to financial risk exposures, to foster a consolidated perspective of financial (to all stakeholders), and finally to bring to light the dynamics between disciplines, thus focusing various operating units on common objectives. Focusing on the finance function, this step-by-step risk management process is a tool for policy development and strategy implementation and evaluation, addressing risks relating to liquidity, foreign exchange, interest rates, counterparty/credit exposure. The communication roles of the BOD, audit and financing committees, CFO, rating agencies and subsidiaries are outlined.

Logue, Dennis. Australia: Supplement - Managing Currency Risk in a Volatile World. Australian Financial review, November 25, 1998, p. 6.

This article focuses on the impact that currency fluctuations have on company profits. Three types of foreign exchange risks that can affect a firm are transaction exposure, translation exposure, and economic or operating exposure. To cope with currency risks many companies are hedging their foreign exchange exposures. A hedge entails transaction costs, as well as a company giving up the benefits of a currency moving in its favour. The article describes what types of companies should consider hedging.

McNamee, David. Risk-based auditing. includes related article on risk-based audits at Royal Bank of Canada, 1997 Information Access Company, a Thomson Corporation Company, 1997 Institute of Internal Auditors.

The author discusses how risk-based auditing (RBA) improves the risk assessment model by viewing the business process in an environment of risk, rather than in a system of internal control. The article mentions that instead of identifying and testing controls, auditors will identify risks and test the ways management mitigates these risks. Auditors that focus on risk will be better able to address management concerns.

Norton, Phillip N. D&O: Past, present and future. Vol. 45, Risk Management, New York, February 1998, pp. 21-27.

A major market movement will have more influence on your directors and officers (D&O) program pricing than any other factor, including such key items as your company's financial performance, risk management controls and loss history. This means that monitoring market conditions is essential for risk managers and brokers. As the US market for D&O and related coverages has grown from nothing in the early 1960s to more than $2 billion in premiums today, the focus on underwriters has shifted numerous times. Still industry-wide D&O losses, premium levels and coverage quality remain the overriding factors driving market conditions and the D&O insurance purchasing process.

Pelland, Dave. Globalization Changing Roles, Shrinking Industries. Risk Management, April 1998, p. 96.

There is a rapid consolidation and convergence in the financial services service industries and this movement is changing the way they do business. For example, the broker is also an advice and consulting profession in which "we're helping clients determine the best ways to fund risk." The broker of the future must be in a position to deal with the globalization of business-to have structure in place to provide services wherever a client sees a need.

Pelland, Dave. Resources for international risk managers: Global guidance. Vol. 44, Risk Management, New York, August 1997, p. 12.

Web sites that risk managers of companies participating in or exploring international business ventures will find it useful are discussed. For example, a potentially valuable tool for international risk management is the exchange rate calculator offered by Switzerland's OANDA. The firm's 164 currencies converter (www.oanda.com/cgi-bin/ncc) allows you to calculate the exchange rate for currencies from Afghanistan to Zimbabwe, for any date since January 1, 1990. Other websites listed simply provide information on world trends (economical, political, weather).

Pryor, Shepard. Balancing the Extremes of the Credit Process with a 'Best Practices' Orientation. Vol. 85, No. 4, Credit World, pp.24-28.

This article discusses how an organization can apply 'best practices' to the credit process which must cover the risks without hindering new business developments. A balance must be achieved between identifying and controlling risks yet allowing an organization to achieve its highest sales potential. Many organizations attempting to improve process improvement may limit their focus to decision risk. A 'best practices' orientation, however, encompasses all the system risks within the credit process: information risk, control risk, value risk, and compliance risk. A 'best practices' orientation will allow an organization to safely implement an aggressive sales effort given its unique risk preferences, product mix and marketing strategy. To be effective, a 'best practice' must adapt to changing environment. Three case studies were presented in this article which would be of interest to managers dealing with a credit process.

Risk Monitoring: Is the Process of Ensuring That Risks are Competently Managed within Approved Structures, Policies, Parameters and Authorities. NedBank - Annual Report, 1997.

Nedbank's annual report notes the various risks that must be monitored and managed, including interest rate risk, liquidity risk, trading risk, credit risk, and operational risk. The annual report defines the various risks impacting the company and notes the structures, policies, parameters and authorities used to manage these risks.

Saul, Jonathan. Trade Doubt for Certainty. Vol. 5, No. 8, International Risk Management, An Emap Business Publication, September 1998, p. 33.

Scherzer, Martin H. and Mackay, Robert. Risky business. Vol. 14, No. 5, 1998 UMI, Inc., Financial Executives Institute 1998, Financial Executive, pp.30-32.

Enterprise risk management is commonly being used by financial executives. This system analyses and manages a company's diverse risk exposures including operational, hazard, financial and strategic. All risks are assessed in light of the organization's overall risk retention and capital allocation strategies. Enterprise risk management helps to breakdown 'silos' or risk managed by a specific discipline and provides a mechanism to assume risk prudently and maximize profitability.

Spies, John A. Advice from a risk manager. Vol. 44, Risk Management, New York, March 1997, pp. C3-C4.

Unfortunately, too many companies believe that establishing a captive will automatically allow them to reduce the cost of insurance coverage and retain underwriting profits. Achieving the favourable results promised in a captive feasibility study requires understanding the risks the captive is accepting as well as taking an active involvement in the subsidiary's financial results. At Harnischfeger Industries Inc., captive operations are monitored closely as any of its other operating companies and are aligned carefully with the parent company's risk management and financial objectives.

Terry Paradine. All Systems Go. Vol. 5, No. 10, International Risk Management, An Emap Business Publication, November 1998, p. 32.

Although Australia has been negatively affected by the economic upheaval in the Asian economy, there is still growth in the financial sector. Australia has experienced growth in various sectors due to the development of new products or services, i.e., introduction of risk management standards, which permit organizations to manage risk more effectively. The author also discusses the key economic principles of the new Corporate Law Economic Reform programme which should lead to improved corporate governance.

Thomas, Tony. Australia: A Treasury of Cost-Efficiency. Business Review Weekly, December 7, 1998, p. 46.

This short article discusses how corporate treasuries have evolved as cost-efficient centres focused on corporate strategic goals. As a result, executives will require skills in treasury transactions but also in business strategy and quantitative methods. As well, new accounting standards will require companies to provide more detailed information of financial risks and derivatives.

World's Seventh Largest Electric Utility Selects Infinity's Panorama for Trading and Risk Management. BUSINESS WIRE PR Newswire Reuter Textline, July 2, 1998.

Hydro Quebec has chosen Infinity's Panorama as the foundation for its financial risk management system. Panorama was chosen because it is considered user friendly and flexible enough to support ongoing growth. The system is also able to deliver value-at-risk, sensitivity analysis, scenario analysis, and portfolio valuation.

Environmental

Bagneschi, Linda. Pollution prevention: The best-kept secret in loss control. Vol. 45, Risk Management, New York, July 1998, pp. 31-38.

Risk control consists of techniques to either prevent or reduce the extent of any loss and pollution prevention is an important component of a company's risk control efforts. According to a report prepared for the US Environmental Protectional Agency by Tetra Tech EM Inc., pollution prevention serves as a 3-fold function in exposure avoidance, loss prevention, and loss control. Pollution prevention not only reduces the risks of damage to the environment and property, it also reduces risks to worker health and safety. While the technical expertise for identifying and implementing pollution prevention may rest in the environmental, health and safety, process engineering or other departments, there are a number of important things risk managers can do: 1) Get a copy of your company's hazardous waste minimization plan and find out which pollution prevention opportunities have been determined to be feasible; 2) Develop pro-active environment management protocols.

The United States Congress directed a panel to report back on the policy implications and appropriate uses of risk assessment and management in federal regulatory programs directed at exposure to hazardous substances. This paper presents a summary of the report presented by the panel which describes a new risk management framework for how the risk management decision-making process should be conducted. The framework consists of a six-stage process.

Hackett, Lloyd. Mastering disasters in Canada. Vol. 45, Risk Management, New York, April 1998, p. 98.

There have been an unusual number of natural disasters in Canada recently, but some positive actions have been taken to deal with these incidences. They include the fairly successful hail suppression program being conducted in Alberta and the construction of the Duff Roblin diversion ditch in Manitoba to protect Winnipeg from rising rivers and flood damage.

Hanley, Mike. Assured of a Greener Future. Vol. 5, No. 4, International Risk Management, An Emap Business Publication, April 1998, p. 27.

Conclusions from a seminar on "Environmental Risk Management: What Influences Business to Make Environmentally Responsible Decisions" are presented in this article. Reasons for company concern about the environment include: image; customer requirements; supplier requirements; cost and social responsibility. Panel members also mentioned that insurance companies can influence clients to take environmental issues seriously.

Hodges, Alan. Towards a National Disaster-Mitigation Strategy. Australasian Fire Authorities Council 1997 Annual Conference, October 12, 1997.

Mills, Evan, Deering, Ann and Vine, Edward. Energy Efficiency: Proactive Strategies for Risk Managers. Risk Management, March 1998, pp. 12-16.

There are a number of specific measures that combine energy efficiency and loss prevention. New products and materials can deliver safety and environmental benefits. This article described several methods to become energy efficient. In addition, promising examples of R&D efforts include energy efficient and fire-resistant windows; paints and light-fixtures; improved indoor air quality monitoring devices; and energy-efficient methods to reduce airborne disease transmission in office buildings. Such issues affect the work environment, and the health, productivity and morale of workers.

Rolin, Gary. Nuclear Fusion. Vol. 1, No. 2, Public Sector Risk Management, an Emap Business Publication, Autumn 1996, p. 12.

This article discusses the entering of Scottish Nuclear into the private sector. The nuclear sector is highly regulated, and the various risks that the company must address were mentioned. The author also discusses a risk assessment that reviewed Scottish Nuclear's operations and rated them for risk management issues. The twelve areas of potential risk can be applied to any enterprise and include: regulatory; safety/environment; short-term liabilities; long-term liabilities; legal; suppliers and waste; public perceptions/political; management; financial condition; business prospects; and special factors.

Shelley, Suzanne, David L. Russell and P.E., Global Environmental Operations. Getting a Handle On Risk Management. Vol. 105, No. 13; Engineering Practice; p. 114.

Chemical process industries facilities in the US will need to demonstrate compliance with the US Environmental Protection Agency's Risk Management Plans Rule. This rule will require that facilities develop a risk management program that includes a hazard assessment, a prevention program, an emergency response program, and an overall management system. The purpose of this rule is to ensure that chemical facilities have taken the necessary steps to prevent serious chemical accidents that can harm the public or the environment.

Vitale, Lou. The invisible threat. Vol. 45, Risk Management, New York, July 1998, pp. 42-45.

Electromagnetic fields (EMF's) are electrically generated lines of force that, although invisible can have very disruptive effects. They can compromise the productivity of computer systems and the security of financial data and automated transactions. A detailed site survey, generally conducted by an electrical engineer, can locate the origin of magnetic fields and evaluate the potential effects on the building environment, equipment and people. There are three types of commercial EMF surveys: 1) Spot survey; 2) Contour survey; and 3) Dosimetric survey. Depending on survey results, a company may decide to implement one or more mitigation solutions. Basic strategies include: 1) Installing a dielectric coupler; 2) Locating and correcting the ground current sources: and 3) Magnetic shielding.

Insurance

Barbuti, Jim. A new philosophy: Risk financing for the middle market. Risk Management, New York, Apr. 1996.

At one time, commercial insurance premiums were relatively affordable, and few insurers considered retaining risk. The volatility of the commercial insurance market in recent years, however, has changed this philosophy. Rather than automatically purchasing insurance for all exposures, many companies are retaining their predictable risks and transferring only their volatile exposure to commercial insurers. While the insurance industry has gradually come to accept this new approach for large commercial insurers, it has been slower to react to the changing needs of small and medium-sized businesses, commonly called the middle market. Fortunately, the situation is changing and many insurers are beginning to offer various risk financing alternatives for these sized insurers. One approach to underwriting embraced by the middle market companies is the multi-peril or basket aggregate program. An example of this approach is presented.

Collier, Rick. A better approach: Wrap-ups deliver construction savings. Vol. 45, Risk Management, New York, March 1998, pp. 26-30.

Under a construction wrap-up insurance framework, an integrated program is designed to address a project's insurance, claims services and risk management needs. Instead of contractors and subcontractors purchasing separate policies and building the expense into the project, participants can be covered through the wrap-up at lower cost. In addition to providing the benefits of consistent liability limits and economies of scale by eliminating expensive duplication, this approach enables project participants to initiate significant safety measures that limit losses, reduce costs and avoid delays that interfere with the project's on time completion. Since the participants are insured under the same program, disputes about whose coverage should respond to an accident are eliminated.

Hanley, Mike. Bespoke Solutions. Vol. 5, No. 8, International Risk Management, An Emap Business Publication, September 1998, p. 27.

There is a growing trend by re-insurers to enter into the corporate market. The captive market had $19 billion in premiums written last year which makes it an attractive client base for re-insurers. This trend is propelled by companies seeking to address risk management needs through alternative risk financing techniques.

Hunt, Ben. On the Crest of a Global Wave. Vol. 4, No. 13, International Risk Management, March 1998, An Emap Business Publication, p. 21.

Ben Hunt discusses recent developments in London's re/insurance market. The growing trend of companies setting up alternative risk transfer divisions is limiting the growth in the traditional insurance market. Mr. Hunt notes that insurance requirements are being tailored to strategy as companies require speculative risks to be covered.

Kelly, William. Policies for the Real World. Vol. 4, No. 13, International Risk Management, March 1998, An Emap Business Publication, p. 25.

This article is an edited version of a speech given by William Kelly, managing director of JP Morgan, to the National Risk and Insurance Management Conference. Mr. Kelly argues that insurers did not provide coverage for risks that companies were beginning to require, i.e., exposure to unauthorized trading. Mr. Kelly helped to design an insurance programme that would permit the transfer of the risks that a firm is currently concerned about. The programme would cover previously uninsurable risks, and include catastrophe coverage over the directors' and officers' liability policy.

Kroll, Karen M. Integrated Risk - Corporate Insurance. Vol. 247, No.2, Industry Week, p.77.

This article discusses the trend toward not compartmentalizing risk. Large sized companies, i.e. Sun Microsystems, Jostens Inc., Huntsman Chemical Corporation, are creating integrated insurance programs that are designed to cover a number of risks. Main benefits include: an extended policy period which reduces the never-ending yearly renewal process; easier to identify who is responsible for a claim when filed; easier to quantify a firm's overall cost of risk; and opportunity for re-evaluation of the amount of risk retained internally. Companies are also beginning to include risks that were not traditionally covered by insurance, i.e., foreign exchange and interest rate risks. This article would be of interest to managers in Insurance functions.

Peto, Hugh. Customized Solutions. Vol. 6, No. 2, International Risk Management, An Emap Business Publication, February 1999, p. 25.

This article discusses the growing demand for finite risk insurance as companies note the lack on the part of insurance markets to cover uninsurable risks. As companies retain more risk, finance risk insurance has grown. The author also notes that public companies demand finite risk insurance to respond to shareholder demand for smooth fluctuations from one quarter to the next.

Pia Perkins. Profile: Judith Hanratty. International Risk Management, July/August 1998.

Judith Hanratty, company secretary at British Petroleum (BP), discusses recent changes at BP where the company went from relying heavily on insurance to having almost no insurance except that required by law. Each manager of local operating units at BP were responsible for losses under $10 million and was only allowed to insure if he/she could give a good reason why. The changes at BP ensured that risk management was owned by the operating companies.

Sanderson, Scott. Taking stock of your risks, includes related article. Vol. 13; No. 4, 1997 Information Access Company, a Thomson Corporation Company, 1997 Financial Executives Institute Financial Executive, p.42.

The author discusses how companies may take on a high-risk retention rather than invest money in insured arrangements. The author notes that companies should view risk retention as an investment. The test of a good retention decision is whether senior management considers it a wise choice after the company has experienced a loss.

Human Resources

A Texas-Size. Risk Management, December 1998, pp. 16-17.

Patti Carroll is a risk manager for Total America, a player in the oil and gas business. Her focus is on loss control, lowering worker's comp expenses and preventing problems rather than just buying lots of insurance. Risk management means getting involved with HR to manage and control worker's comp costs. (i.e. use of training program as preventive measures). Carroll speaks about her experiences as a risk manager.

Corporate culture a concern for job seekers. Vol. 43, Risk Management, New York, Aug. 1996, p. 9.

According to a recent survey of executives, apart from inquiries about salary, prospective employees today most often ask about corporate culture and benefits during interviews.

Crockett, James, Pare, Carolyn, Montanez, William, Anello, Angelo, and et al. The future of employee benefits. Vol. 44, Risk Management, New York, June 1997, pp. 28-34.

Traditional programs providing medical, dental, life, and pension benefits are becoming more flexible to meet the needs of an increasingly diverse work force. The structure of the workplace is also changing. Organizations throughout the world are reevaluating processes and questioning how products and services can best be delivered to their external and internal customers. Allowing workers to customize their benefits programs will make them happier, more productive and better able to meet their individual and family needs. Better use of technology has been key to employers' delivering more comprehensive services, often at a lower administration.

Curbing sexual harassment complaints. Vol. 44, Risk Management, New York, January 1997, p. 52.

Working with People: A personal Responsibility Guide for Preventing Sexual Harassment from BNA Communications Inc. is a video-based training program that helps organizations avoid costly and time-consuming sexual harassment lawsuits and makes sure that employees are properly representing the organization at off-site business functions.

Driving change. Vol. 45, Risk Management, New York, December 1998, pp. 56-57.

Johnny Centineo is the director of risk management and workers' comp at the University of Houston. He implemented a risk management web site that gives faculty, staff, students and anyone with an interest access to information about the activities in his department. Aggressive marketing, auditing, claims handling and monitoring have also helped reduce the costs by $2 million.

Feldman, Paul. The case for peer review. Vol. 45, Risk Management, New York, April 1998, p. 104.

A growing number of employers are exploring the use of peer review panels to provide a reasonable and appropriate means of resolving internal disputes arising out of employee disciplinary measures or terminations. One advantage of peer review is that it can sometimes reduce the likelihood of a lawsuit being brought against an employer.

Hansen, Larry. Loss Control Strategies for. Risk Management, October 1998, pp. 38-41.

This article describes the steps to take when a downsizing has been considered. Far in advance of formal disclosure of downsizing, it is the risk manager's job to identify the critical issues and address them with a detailed and thorough plan to ensure that any negative aspects are minimized. After a critical analysis of the reasons for a downsizing, a team must be formed to address specific concerns in the five related key areas: Claims Management; Medical Management; Loss Control; Site Security; and Human Resources. The proposed plans should then be tested to ensure they are operationally sound and support the organization's long-term goals and financial objectives. To that end, the plan must be critically analyzed. A planned strategy will lessen the potential negative reactions and impacts, and protect the company's assets, image and employees.

Hunt, Ben, and Peto, Hugh. Forward Thinking. Vol. 5, No. 7, International Risk Management, An Emap Business Publication, July/August 1998, p. 32.

Losing senior staff in positions of authority without warning can cause serious business interruptions to an organization. The author notes the growing importance of succession planning-ensuring that senior staff have successors. Disney and British Aerospace have both implemented succession risk management policies.

Integrating. Risk Management, December 1997, pp. 48-49.

The University of California shares a risk management philosophy that everyone in the company is in it together. Deborah Luthi, director of human resources and risk management, says the partnership which includes the campus environmental health and safety and vocational rehabilitation departments along with a third party administrator has reduced the average cost per workers compensation injury claim. Practices included establishing an employee health services clinic, a return-to-work policy and exercise programs with trainers. The partnership also promoted employee morale and productivity.

Liethhead, Barry S. Managing "people" risks. Vol. 55, No. 6, 1998 UMI, Inc., Institute of Internal Auditors Inc. 1998, Internal Auditor, pp.66-67.

This article discusses the importance of managing people risks which can cause disruptions within organization, i.e., unexpected resignation, lack of qualified staff. Typical human resource risks faced by organizations are presented and the article describes how the internal auditor can analyze the risk as a service to management.

Limperis, John. EDI Bringing workers' comp up to speed. Vol. 45, Risk Management, New York, October 1998, pp. 29-30.

The application of electronic data interchange is increasing the efficiency in workers' compensation administration. State mandates are part of what is driving the interest in EDI. EDI eliminates the rekeying of data, duplication and keystroke errors, and provides an almost instantly verifiable means to connect employers, healthcare providers, payers, and jurisdictions, allowing them to share data smoothly. It improves workflow and data integrity, resulting in considerable cost savings. As risk managers scramble to find answers and develop solutions to meet mandates, they must choose whether to bring in vendors to meet their EDI needs or write and maintain their own systems.

Pearson, Judith. Preventing sexual harassment: Risk management tools. Vol. 44, Risk Management, New York, January 1997, pp. 25-28.

Allegations of sexual harassment affect a company's bottom line directly through litigation and settlement costs and indirectly through redirection of management attention, reduction in employee morale and loss of shareholder confidence. Risk management departments can assist their companies in handling this exposure by evaluating and implementing a plan to prevent and effectively deal with sexual harassment in the workplace. Steps to manage this risk are examined (i.e. policies, insurance).

Pelland, Dave. Risk manager applies quality: Litigation management. Vol. 44, Risk Management, New York, December 1997, p. 68.

To gain better control of his company's workers' compensation lawsuits, Mick McGavin, manager of safety planning and claims for Johnson Controls Inc., has developed a total quality management approach to litigation-a process that generates consistent positive results by eliminating variability. McGavin cautions that in evaluating a company's litigation efforts, risk managers should pay attention to several potential warning signals from their attorneys. The process could result in potential savings from litigation.

Promoting healthy living. Vol. 44, Risk Management, New York, October 1997, p. 8.

By offering managed health initiatives, employers are now becoming more actively involved in the health of their employees before they get sick. Such initiatives, which often include preventive care, health screening, education, counseling and disease prevention and management, are designed to enhance or maintain the health of an employer's covered population.

Skilled, trained workers in short supply. Vol. 43, Risk Management, New York, October 1996, p. 9.

Nearly half the CEO's of fast growing companies say finding adequate numbers of skilled, trained workers to staff their operations is a problem that threatens to slow company growth and intensify employee burnout in 1996.

Study: Work pressures prompt unethical acts. Vol. 44, Risk Management, New York, September 1997, p. 6.

Workplace pressures have prompted workers to engage in unethical behaviour in a number of industries including insurance according to a recent study. Workers are feeling stress from increasing competition from abroad as well as from job insecurity as their employers continue to downsize.

Date modified:: 1999-10-01

Language selection

Search and menus

Search

Annotated Bibliography for the Study on: Best Practices in Risk Management: Private and Public Sectors Internationally

Strategic:

Frameworks, Modeling, Tools & Training

Governmental:

Canadian, International

Operational

Health & Safety

Finance

Environmental

Insurance

Human Resources

We are currently moving our web services and information to Canada.ca.

Annotated Bibliography for the Study on: Best Practices in Risk Management: Private and Public Sectors Internationally

Strategic:

Frameworks, Modeling, Tools & Training

Governmental:

Canadian, International

Operational

Health & Safety

Finance

Environmental

Insurance

Human Resources