SlideShare une entreprise Scribd logo

Risk Analytics

Neeraj Gupta
Neeraj Gupta
1  sur  3
Télécharger pour lire hors ligne
47 November 2016 www.InfralinePlus.com ExpertSpeak Majority of the oil & gas enterprises implement ERM (Enterprise Risk Management) as a compliance requirement. It means they will develop risk registers and governance framework but lacks a robust day to day monitoring and integrated reporting and alerts framework. The ultimate objective of any ERM framework is to mitigate risk before it happens, avoid black swans and identify some of the uncontrollable risks, monitor them on day to day basis and implement ERM as a decision support system. The root cause analysis reports of some the recent disasters in oil industry also point towards this by stating that risk control failure is one of the primary reasons. Risk Management has to be integrated in day to day business activities of a company. Its ultimate objective is to maximize shareholder’s value. Based on some secondary research it can be said that -- Over 80% use industry trends and peer analysis to identify risks -- Over 80% values importance of internal audit reports -- Over 70% think key risk indices and performance indicators are same -- Over 80% believes there is a lack of integration is the key issue -- Nearly 40% have some unstructured risk taxonomy in place -- Over 90% did not have any enter- prise risk monitoring dashboards Board and CEO give utmost importance to the following factors: -- Measure performance against the key risk indicators -- Periodic mea- surement for appropri- ateness -- Deviation from a risk per- formance plan -- Periodical review of risk governance policy, controls, and mitigations -- Evaluate changes in internal or external environment -- Monitor risk progress report an variance following the policies -- Periodic review of risk control framework robustness -- Use structured scientific and ana- lytical tools As a result, following step-based approach needs to be considered in order to facilitate transition from an elementary risk control framework to a more robust one. 1. Build the Risk Taxonomy 2. Develop inter-relationships between various risk drivers across different risk domains like strategic, opera- tional, financial and legal 3. Develop key risk indices and control measures 4. Transform it into a decision support system using analytical engines Risk Taxonomy is an important stepping stone in the entire risk framework. It is not possible to build a high rise building on a weak foundation and same is true for a risk management program. A risk taxonomy outlines are risk categories, their drivers, key performance areas and risk indices across entire organization. Post taxonomy creation, it is important identify inter-relationships across risk sub-categories and drivers. There is no point in having a thousand risk indices when all of them are related to each other. All risk drivers which are related to each other should be part of same risk indices. At a board level it is not advisable to have more than ten risk indices at the maximum. Even tree methodologies were used to develop relationships between Oil & gas companies need to develop a risk analytics engine Neeraj Gupta, Director, iEnergy Innovations Pvt. Ltd., feels that oil and gas is a high-risk industry and hence requires timely risk mitigation to avert crisis. As a solution, he recommends that oil and gas companies should adopt a step-by-step approach to build a decision support enabled risk framework. Neeraj Gupta, Director, iEnergy Innovations Pvt. Ltd.Oil & gas com- panies should adopt a step-by-step approach to build a decision support enabled risk framework
48 ExpertSpeak November 2016 www.InfralinePlus.com triggers events of a particular risk, assigning a likelihood percentage based on number of similar events in the past (Fig 2.0). Even tree helped in prioritization of key risk indices as once you complete your analysis, one can easily find out the top five or ten indices that have relatively more chance of occurring and not necessarily based on past events but also on the existing processes as well. It is recommended that oil & gas companies adopt a step-by-step approach to build a decision support enabled risk framework. -- Develop a comprehensive tax- onomy across four areas of risk i.e. strategic, operational, financial and compliance and map it across all the business units of an organization. It is the foundation of the entire risk framework. -- Explore inter-connectivity between various risk drivers identified in taxonomy to create a risk It is recommended that oil & gas companies adopt a step-by- step approach to build a decision support enabled risk framework. There is a need to develop a comprehensive taxonomy across four areas of risk i.e. strategic, operational, financial and compliance and map it across all the business units of an organization. It is the foundation of the entire risk framework Fig 1, Identifying risk Inter-relationships (Boleslaw et.al 2015) Fig 2, Developing Risk event tree Diagram (Fig 2.1) shows how key risk indices were prioritized and converted into a decision support system. Fig 1, Identifying risk Inter-relationships (Boleslaw et.al 2015)
49 November 2016 www.InfralinePlus.com to assign weightages by looking at historical data or susceptibility of a business unit based on annual probabilistic analysis performed. -- Develop synergies with other existing data systems (ERP, SCADA etc.) to have one version of truth. These systems or other historical data can be used to build analytical engines. -- Perform regular monitor of key risk indices. Frequency of monitoring may vary. E.g., for high risk field operations, all compliance data should be monitored on daily (or even hourly, if required). And a probabilistic consequence analysis should be performed. For other strategic decisions like bidding decisions, cost and schedule simulations can be used whenever required and a probabilistic estimate may be obtained using previous risk drivers or new compliance requirements. connectivity map. It helps in identifying the common risk drivers affecting multiple risks to avoid duplication of monitoring efforts across multiple business units. -- Use existing key performance indices to derive key risk indices. Event tree should be used in order For suggestions email at feedback@infraline.com Companies need to perform regular monitor of key risk indices. Frequency of monitoring may vary. E.g., for high risk field operations, all compliance data should be monitored on daily (or even hourly, if required). And a probabilistic consequence analysis should be performed. For other strategic decisions like bidding decisions, cost and schedule simulations can be used whenever required Fig 2.1, Decision Model for Risk Control Framework

Recommandé

Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Risk Management Case Study - Applied Concepts
Risk Management Case Study - Applied ConceptsRisk Management Case Study - Applied Concepts
Risk Management Case Study - Applied ConceptsResolver Inc.
 
Safety & Asset Integrity Excellence - A Study of Three Mile Island
Safety & Asset Integrity Excellence - A Study of Three Mile IslandSafety & Asset Integrity Excellence - A Study of Three Mile Island
Safety & Asset Integrity Excellence - A Study of Three Mile IslandKienbaum Consultants
 
Safety & Asset Integrity Excellence Overview
Safety & Asset Integrity Excellence OverviewSafety & Asset Integrity Excellence Overview
Safety & Asset Integrity Excellence OverviewKienbaum Consultants
 
Ranking Strategic Risk
Ranking Strategic RiskRanking Strategic Risk
Ranking Strategic RiskWorkiva
 
Globals - Too Big to Govern?
Globals - Too Big to Govern?Globals - Too Big to Govern?
Globals - Too Big to Govern?Resolver Inc.
 
Critical risk and control frameworks - James Ritchie
Critical risk and control frameworks - James RitchieCritical risk and control frameworks - James Ritchie
Critical risk and control frameworks - James RitchieNSW Environment and Planning
 
Evolution of risk management Jim Joy
Evolution of risk management Jim JoyEvolution of risk management Jim Joy
Evolution of risk management Jim JoyNSW Environment and Planning
 

Recommandé

Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Risk Management Case Study - Applied Concepts
Risk Management Case Study - Applied ConceptsRisk Management Case Study - Applied Concepts
Risk Management Case Study - Applied ConceptsResolver Inc.
 
Safety & Asset Integrity Excellence - A Study of Three Mile Island
Safety & Asset Integrity Excellence - A Study of Three Mile IslandSafety & Asset Integrity Excellence - A Study of Three Mile Island
Safety & Asset Integrity Excellence - A Study of Three Mile IslandKienbaum Consultants
 
Safety & Asset Integrity Excellence Overview
Safety & Asset Integrity Excellence OverviewSafety & Asset Integrity Excellence Overview
Safety & Asset Integrity Excellence OverviewKienbaum Consultants
 
Ranking Strategic Risk
Ranking Strategic RiskRanking Strategic Risk
Ranking Strategic RiskWorkiva
 
Globals - Too Big to Govern?
Globals - Too Big to Govern?Globals - Too Big to Govern?
Globals - Too Big to Govern?Resolver Inc.
 
Critical risk and control frameworks - James Ritchie
Critical risk and control frameworks - James RitchieCritical risk and control frameworks - James Ritchie
Critical risk and control frameworks - James RitchieNSW Environment and Planning
 
Evolution of risk management Jim Joy
Evolution of risk management Jim JoyEvolution of risk management Jim Joy
Evolution of risk management Jim JoyNSW Environment and Planning
 
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...IBAS International Brazil Air Show
 
Infographic - Critical Capabilities of a Good Risk Management Solution
Infographic - Critical Capabilities of a Good Risk Management SolutionInfographic - Critical Capabilities of a Good Risk Management Solution
Infographic - Critical Capabilities of a Good Risk Management SolutionCorporater
 
Presentation Makes the Case for Enterprise Risk Management
Presentation Makes the Case for Enterprise Risk ManagementPresentation Makes the Case for Enterprise Risk Management
Presentation Makes the Case for Enterprise Risk ManagementPYA, P.C.
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesCorporater
 
Building an Effective AML Program
Building an Effective AML ProgramBuilding an Effective AML Program
Building an Effective AML ProgramCorporater
 
Integrated Risk Management
Integrated Risk ManagementIntegrated Risk Management
Integrated Risk ManagementOmicron Systems
 
Introduction to Core Assessments
Introduction to Core AssessmentsIntroduction to Core Assessments
Introduction to Core AssessmentsResolver Inc.
 
Risk Assessment vs. Risk Management in Manufacturing
Risk Assessment vs. Risk Management in ManufacturingRisk Assessment vs. Risk Management in Manufacturing
Risk Assessment vs. Risk Management in ManufacturingContentAssets
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk ManagementResolver Inc.
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Managementvikasraina
 
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsGRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsKate Tomlinson
 
#Corpriskforum2016 - Tatiana Budishevskaya
#Corpriskforum2016 - Tatiana Budishevskaya#Corpriskforum2016 - Tatiana Budishevskaya
#Corpriskforum2016 - Tatiana BudishevskayaAlexei Sidorenko, CRMP
 
Security risk management
Security risk managementSecurity risk management
Security risk managementG Prachi
 
Operational Risk Management and Bpm
Operational Risk Management and BpmOperational Risk Management and Bpm
Operational Risk Management and BpmNathaniel Palmer
 
Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Sal Velasco
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)ishan parikh production
 
Unit 3 risk management strategies
Unit 3 risk management strategiesUnit 3 risk management strategies
Unit 3 risk management strategiesEdwin Amponsah
 
Relating Risk to Vulnerability
Relating Risk to Vulnerability Relating Risk to Vulnerability
Relating Risk to Vulnerability Resolver Inc.
 
Dimensions in Risk Measurement
Dimensions in Risk MeasurementDimensions in Risk Measurement
Dimensions in Risk MeasurementHernan Huwyler, MBA CPA
 
CISSPills #3.04
CISSPills #3.04CISSPills #3.04
CISSPills #3.04Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateIRM India Affiliate
 
Facilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaFacilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaHanaysha
 

Contenu connexe

Tendances

Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...IBAS International Brazil Air Show
 
Infographic - Critical Capabilities of a Good Risk Management Solution
Infographic - Critical Capabilities of a Good Risk Management SolutionInfographic - Critical Capabilities of a Good Risk Management Solution
Infographic - Critical Capabilities of a Good Risk Management SolutionCorporater
 
Presentation Makes the Case for Enterprise Risk Management
Presentation Makes the Case for Enterprise Risk ManagementPresentation Makes the Case for Enterprise Risk Management
Presentation Makes the Case for Enterprise Risk ManagementPYA, P.C.
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesCorporater
 
Building an Effective AML Program
Building an Effective AML ProgramBuilding an Effective AML Program
Building an Effective AML ProgramCorporater
 
Integrated Risk Management
Integrated Risk ManagementIntegrated Risk Management
Integrated Risk ManagementOmicron Systems
 
Introduction to Core Assessments
Introduction to Core AssessmentsIntroduction to Core Assessments
Introduction to Core AssessmentsResolver Inc.
 
Risk Assessment vs. Risk Management in Manufacturing
Risk Assessment vs. Risk Management in ManufacturingRisk Assessment vs. Risk Management in Manufacturing
Risk Assessment vs. Risk Management in ManufacturingContentAssets
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk ManagementResolver Inc.
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Managementvikasraina
 
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsGRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsKate Tomlinson
 
#Corpriskforum2016 - Tatiana Budishevskaya
#Corpriskforum2016 - Tatiana Budishevskaya#Corpriskforum2016 - Tatiana Budishevskaya
#Corpriskforum2016 - Tatiana BudishevskayaAlexei Sidorenko, CRMP
 
Security risk management
Security risk managementSecurity risk management
Security risk managementG Prachi
 
Operational Risk Management and Bpm
Operational Risk Management and BpmOperational Risk Management and Bpm
Operational Risk Management and BpmNathaniel Palmer
 
Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Sal Velasco
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)ishan parikh production
 
Unit 3 risk management strategies
Unit 3 risk management strategiesUnit 3 risk management strategies
Unit 3 risk management strategiesEdwin Amponsah
 
Relating Risk to Vulnerability
Relating Risk to Vulnerability Relating Risk to Vulnerability
Relating Risk to Vulnerability Resolver Inc.
 

Tendances (20)

Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
Carey Fagan - SAFETY & SECURITY WORKSHOP - Panel 1: Standards and regulation ...
 
Infographic - Critical Capabilities of a Good Risk Management Solution
Infographic - Critical Capabilities of a Good Risk Management SolutionInfographic - Critical Capabilities of a Good Risk Management Solution
Infographic - Critical Capabilities of a Good Risk Management Solution
 
Presentation Makes the Case for Enterprise Risk Management
Presentation Makes the Case for Enterprise Risk ManagementPresentation Makes the Case for Enterprise Risk Management
Presentation Makes the Case for Enterprise Risk Management
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
 
Building an Effective AML Program
Building an Effective AML ProgramBuilding an Effective AML Program
Building an Effective AML Program
 
Integrated Risk Management
Integrated Risk ManagementIntegrated Risk Management
Integrated Risk Management
 
Introduction to Core Assessments
Introduction to Core AssessmentsIntroduction to Core Assessments
Introduction to Core Assessments
 
Risk Assessment vs. Risk Management in Manufacturing
Risk Assessment vs. Risk Management in ManufacturingRisk Assessment vs. Risk Management in Manufacturing
Risk Assessment vs. Risk Management in Manufacturing
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk Management
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Management
 
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsGRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
 
#Corpriskforum2016 - Tatiana Budishevskaya
#Corpriskforum2016 - Tatiana Budishevskaya#Corpriskforum2016 - Tatiana Budishevskaya
#Corpriskforum2016 - Tatiana Budishevskaya
 
Security risk management
Security risk managementSecurity risk management
Security risk management
 
Operational Risk Management and Bpm
Operational Risk Management and BpmOperational Risk Management and Bpm
Operational Risk Management and Bpm
 
Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Example of fisma compliance analysis.1
Example of fisma compliance analysis.1
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)
 
Unit 3 risk management strategies
Unit 3 risk management strategiesUnit 3 risk management strategies
Unit 3 risk management strategies
 
Relating Risk to Vulnerability
Relating Risk to Vulnerability Relating Risk to Vulnerability
Relating Risk to Vulnerability
 
Dimensions in Risk Measurement
Dimensions in Risk MeasurementDimensions in Risk Measurement
Dimensions in Risk Measurement
 
CISSPills #3.04
CISSPills #3.04CISSPills #3.04
CISSPills #3.04
 

Similaire à Risk Analytics

Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateIRM India Affiliate
 
Facilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaFacilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaHanaysha
 
SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...
SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...
SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...PMI Indonesia Chapter
 
STRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_Newsletter
STRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_NewsletterSTRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_Newsletter
STRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_NewsletterDion K Hamilton
 
A to Z of Risk Management
A to Z of Risk ManagementA to Z of Risk Management
A to Z of Risk ManagementMark Conway
 
分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素
分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素
分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素XiaoMing Zeng
 
StratexSystems_270115
StratexSystems_270115StratexSystems_270115
StratexSystems_270115Andrew Smart
 
Cyber Security Program Realization in the Mid Market - Executive Summary
Cyber Security Program Realization in the Mid Market - Executive SummaryCyber Security Program Realization in the Mid Market - Executive Summary
Cyber Security Program Realization in the Mid Market - Executive SummarySteve Leventhal
 
Enterprise 360 degree risk management
Enterprise 360 degree risk managementEnterprise 360 degree risk management
Enterprise 360 degree risk managementInfosys
 
RISK-ACADEMY’s guide on risk appetite in non-financial companies. Free download
RISK-ACADEMY’s guide on risk appetite in non-financial companies. Free downloadRISK-ACADEMY’s guide on risk appetite in non-financial companies. Free download
RISK-ACADEMY’s guide on risk appetite in non-financial companies. Free downloadAlexei Sidorenko, CRMP
 
DISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docx
DISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docxDISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docx
DISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docxmadlynplamondon
 
Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Franco Ferrario
 
How AGCO implemented an Supply Chain Risk management solution to save millions
How AGCO implemented an Supply Chain Risk management solution to save millionsHow AGCO implemented an Supply Chain Risk management solution to save millions
How AGCO implemented an Supply Chain Risk management solution to save millionsHeiko Schwarz
 
Implementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfImplementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfRobert Serena, FSA, CFA, CPCU
 
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...The Role of Risk Appetite in embedding the ORSA and linking with Business Str...
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...Susan Young
 
Ehs risk mgmt-1-4
Ehs risk mgmt-1-4Ehs risk mgmt-1-4
Ehs risk mgmt-1-4Sunil Arora
 

Similaire à Risk Analytics (20)

Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
 
Facilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaFacilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq Hanaysha
 
SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...
SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...
SymEx 2015 - Turning Risks Into Results, A Wider Perspective to Understand P...
 
STRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_Newsletter
STRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_NewsletterSTRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_Newsletter
STRATEGIC RISK ADVISORY SOLUTIONS_Risk Management_Newsletter
 
A to Z of Risk Management
A to Z of Risk ManagementA to Z of Risk Management
A to Z of Risk Management
 
Deloitte_Risk Sensing
Deloitte_Risk SensingDeloitte_Risk Sensing
Deloitte_Risk Sensing
 
分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素
分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素
分会场3-01-曾小明-论文-公司级过程安全管理和风险管理:三个关键要素
 
GP for Risk Management product sheet
GP for Risk Management product sheetGP for Risk Management product sheet
GP for Risk Management product sheet
 
StratexSystems_270115
StratexSystems_270115StratexSystems_270115
StratexSystems_270115
 
Governance-design
Governance-designGovernance-design
Governance-design
 
Cyber Security Program Realization in the Mid Market - Executive Summary
Cyber Security Program Realization in the Mid Market - Executive SummaryCyber Security Program Realization in the Mid Market - Executive Summary
Cyber Security Program Realization in the Mid Market - Executive Summary
 
Enterprise 360 degree risk management
Enterprise 360 degree risk managementEnterprise 360 degree risk management
Enterprise 360 degree risk management
 
RISK-ACADEMY’s guide on risk appetite in non-financial companies. Free download
RISK-ACADEMY’s guide on risk appetite in non-financial companies. Free downloadRISK-ACADEMY’s guide on risk appetite in non-financial companies. Free download
RISK-ACADEMY’s guide on risk appetite in non-financial companies. Free download
 
DISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docx
DISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docxDISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docx
DISUSSION-1RE Chapter 15 Embedding ERM into Strategic Planning.docx
 
Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry
 
Erm talking points
Erm talking pointsErm talking points
Erm talking points
 
How AGCO implemented an Supply Chain Risk management solution to save millions
How AGCO implemented an Supply Chain Risk management solution to save millionsHow AGCO implemented an Supply Chain Risk management solution to save millions
How AGCO implemented an Supply Chain Risk management solution to save millions
 
Implementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfImplementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdf
 
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...The Role of Risk Appetite in embedding the ORSA and linking with Business Str...
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...
 
Ehs risk mgmt-1-4
Ehs risk mgmt-1-4Ehs risk mgmt-1-4
Ehs risk mgmt-1-4
 

Risk Analytics

  • 1. 47 November 2016 www.InfralinePlus.com ExpertSpeak Majority of the oil & gas enterprises implement ERM (Enterprise Risk Management) as a compliance requirement. It means they will develop risk registers and governance framework but lacks a robust day to day monitoring and integrated reporting and alerts framework. The ultimate objective of any ERM framework is to mitigate risk before it happens, avoid black swans and identify some of the uncontrollable risks, monitor them on day to day basis and implement ERM as a decision support system. The root cause analysis reports of some the recent disasters in oil industry also point towards this by stating that risk control failure is one of the primary reasons. Risk Management has to be integrated in day to day business activities of a company. Its ultimate objective is to maximize shareholder’s value. Based on some secondary research it can be said that -- Over 80% use industry trends and peer analysis to identify risks -- Over 80% values importance of internal audit reports -- Over 70% think key risk indices and performance indicators are same -- Over 80% believes there is a lack of integration is the key issue -- Nearly 40% have some unstructured risk taxonomy in place -- Over 90% did not have any enter- prise risk monitoring dashboards Board and CEO give utmost importance to the following factors: -- Measure performance against the key risk indicators -- Periodic mea- surement for appropri- ateness -- Deviation from a risk per- formance plan -- Periodical review of risk governance policy, controls, and mitigations -- Evaluate changes in internal or external environment -- Monitor risk progress report an variance following the policies -- Periodic review of risk control framework robustness -- Use structured scientific and ana- lytical tools As a result, following step-based approach needs to be considered in order to facilitate transition from an elementary risk control framework to a more robust one. 1. Build the Risk Taxonomy 2. Develop inter-relationships between various risk drivers across different risk domains like strategic, opera- tional, financial and legal 3. Develop key risk indices and control measures 4. Transform it into a decision support system using analytical engines Risk Taxonomy is an important stepping stone in the entire risk framework. It is not possible to build a high rise building on a weak foundation and same is true for a risk management program. A risk taxonomy outlines are risk categories, their drivers, key performance areas and risk indices across entire organization. Post taxonomy creation, it is important identify inter-relationships across risk sub-categories and drivers. There is no point in having a thousand risk indices when all of them are related to each other. All risk drivers which are related to each other should be part of same risk indices. At a board level it is not advisable to have more than ten risk indices at the maximum. Even tree methodologies were used to develop relationships between Oil & gas companies need to develop a risk analytics engine Neeraj Gupta, Director, iEnergy Innovations Pvt. Ltd., feels that oil and gas is a high-risk industry and hence requires timely risk mitigation to avert crisis. As a solution, he recommends that oil and gas companies should adopt a step-by-step approach to build a decision support enabled risk framework. Neeraj Gupta, Director, iEnergy Innovations Pvt. Ltd.Oil & gas com- panies should adopt a step-by-step approach to build a decision support enabled risk framework
  • 2. 48 ExpertSpeak November 2016 www.InfralinePlus.com triggers events of a particular risk, assigning a likelihood percentage based on number of similar events in the past (Fig 2.0). Even tree helped in prioritization of key risk indices as once you complete your analysis, one can easily find out the top five or ten indices that have relatively more chance of occurring and not necessarily based on past events but also on the existing processes as well. It is recommended that oil & gas companies adopt a step-by-step approach to build a decision support enabled risk framework. -- Develop a comprehensive tax- onomy across four areas of risk i.e. strategic, operational, financial and compliance and map it across all the business units of an organization. It is the foundation of the entire risk framework. -- Explore inter-connectivity between various risk drivers identified in taxonomy to create a risk It is recommended that oil & gas companies adopt a step-by- step approach to build a decision support enabled risk framework. There is a need to develop a comprehensive taxonomy across four areas of risk i.e. strategic, operational, financial and compliance and map it across all the business units of an organization. It is the foundation of the entire risk framework Fig 1, Identifying risk Inter-relationships (Boleslaw et.al 2015) Fig 2, Developing Risk event tree Diagram (Fig 2.1) shows how key risk indices were prioritized and converted into a decision support system. Fig 1, Identifying risk Inter-relationships (Boleslaw et.al 2015)
  • 3. 49 November 2016 www.InfralinePlus.com to assign weightages by looking at historical data or susceptibility of a business unit based on annual probabilistic analysis performed. -- Develop synergies with other existing data systems (ERP, SCADA etc.) to have one version of truth. These systems or other historical data can be used to build analytical engines. -- Perform regular monitor of key risk indices. Frequency of monitoring may vary. E.g., for high risk field operations, all compliance data should be monitored on daily (or even hourly, if required). And a probabilistic consequence analysis should be performed. For other strategic decisions like bidding decisions, cost and schedule simulations can be used whenever required and a probabilistic estimate may be obtained using previous risk drivers or new compliance requirements. connectivity map. It helps in identifying the common risk drivers affecting multiple risks to avoid duplication of monitoring efforts across multiple business units. -- Use existing key performance indices to derive key risk indices. Event tree should be used in order For suggestions email at feedback@infraline.com Companies need to perform regular monitor of key risk indices. Frequency of monitoring may vary. E.g., for high risk field operations, all compliance data should be monitored on daily (or even hourly, if required). And a probabilistic consequence analysis should be performed. For other strategic decisions like bidding decisions, cost and schedule simulations can be used whenever required Fig 2.1, Decision Model for Risk Control Framework