Description
Book SynopsisYour business reputation can take years to build and mere minutes to destroy The range of business threats is evolving rapidly but your organization can thrive and gain a competitive advantage with your business vision for enterprise risk management.
Table of ContentsList of Figures xxvii
Preface to the Second Edition xxxi
Acknowledgements xxxv
About the Author xxxvii
Part I Enterprise Risk Management In Context 1
1 Introduction 3
1.1 Risk Diversity 4
1.2 Approach to Risk Management 5
1.3 Business Growth Through Risk Taking 5
1.4 Risk and Opportunity 6
1.5 The Role of the Board 7
1.6 Primary Business Objective (or Goal) 8
1.7 What is Enterprise Risk Management? 9
1.8 Benefits of Enterprise Risk Management 10
1.9 Structure 12
1.9.1 Corporate Governance 12
1.9.2 Internal Control 13
1.9.3 Implementation 14
1.9.4 Risk Management Framework 14
1.9.5 Risk Management Policy 15
1.9.6 Risk Management Process 15
1.9.7 Sources of Risk 16
1.10 Summary 16
1.11 References 16
2 Developments in Corporate Governance in the UK 19
2.1 Investor Unrest 19
2.2 The Problem of Agency 20
2.3 The Cadbury Committee 21
2.4 The Greenbury Report 23
2.5 The Hampel Committee and the Combined Code of 1998 23
2.6 Smith Guidance on Audit Committees 23
2.7 Higgs 24
2.8 Tyson 24
2.9 Combined Code on Corporate Governance 2003 25
2.10 Companies Act 2006 26
2.11 Combined Code on Corporate Governance 2008 26
2.12 Sir David Walker’s Review of Corporate Governance, July 2009 (Consultation Paper) 27
2.13 Sir David Walker’s Review of Corporate Governance, November 2009 (Final Recommendation) 29
2.14 House of Commons Treasury Committee 2009 30
2.15 UK Corporate Governance Code, June 2010 32
2.16 The “Comply or Explain” Regime 34
2.17 Definition of Corporate Governance 34
2.18 Formation of Companies 35
2.19 The Financial Services Authority and Markets Act 2000 36
2.20 The London Stock Exchange 36
2.21 Summary 37
2.22 References 38
3 Developments in Corporate Governance in the US 41
3.1 Corporate Governance 41
3.2 The Securities and Exchange Commission 42
3.2.1 Creation of the SEC 42
3.2.2 Organisation of the SEC 43
3.3 The Laws That Govern the Securities Industry 44
3.3.1 Securities Act 1933 44
3.3.2 Securities Exchange Act 1934 44
3.3.3 Trust Indenture Act 1939 45
3.3.4 Investment Company Act 1940 45
3.3.5 Investment Advisers Act 1940 45
3.4 Catalysts for the Sarbanes-Oxley Act 2002 45
3.4.1 Enron 46
3.4.2 WorldCom 47
3.4.3 Tyco International 47
3.4.4 Provisions of the Act 50
3.4.5 Implementation 52
3.4.6 Sarbanes-Oxley Section 404 52
3.4.7 The Positive Effects of Post-Enron Reforms 52
3.4.8 Criticism of Section 404 Before the Global Financial Crisis 54
3.4.9 Criticism of Section 404 After the Global Financial Crisis 54
3.5 National Association of Corporate Directors 2008 55
3.6 Summary 56
3.7 References 57
4 The Global Financial Crisis of 2007–2009: A US Perspective 59
4.1 The Financial Crisis in Summary 59
4.2 How the Financial Crisis Unfolded 60
4.3 The United States Mortgage Finance Industry 61
4.4 Subprime Model of Mortgage Lending 61
4.4.1 Contributing Events to the Credit Crisis 61
4.4.2 Foreclosures 63
4.4.3 Negative Equity 65
4.4.4 Housing Surplus 67
4.4.5 Vicious Circles 68
4.5 Why this Crisis Warrants Close Scrutiny 68
4.6 Behaviours 70
4.6.1 Investor Behaviour in the Search for Yield 70
4.6.2 Mortgage Lending Behaviour 71
4.6.3 Bank Behaviour and Risk Transfer through Securitised Credit 71
4.6.4 “Group Think” and Herd Behaviour 72
4.6.5 Banks’ Behaviour and Risk Appetite 74
4.6.6 Behaviour of Regulators and the Division of “Narrow Banking” from Investment Banking 75
4.6.7 Banks’ Behaviour and Misplaced Reliance of Sophisticated Mathematics and Statistics 75
4.7 Worldwide Deficiencies in Risk Management 76
4.8 Federal Reform 76
4.9 Systemic Risk 79
4.10 The Future of Risk Management 81
4.11 Summary 82
4.12 References 82
5 Developments in Corporate Governance in Australia and Canada 85
5.1 Australian Corporate Governance 85
5.1.1 Regulation Arising from Corporate Failures 85
5.1.2 Corporate Governance Reforms Following the Accounting Scandals of the Early 2000s 86
5.1.3 Horwath 2002 Corporate Governance Report 88
5.1.4 The ASX Corporate Governance Council 89
5.1.5 Financial Statements 90
5.2 Canada 90
5.2.1 Dey Report 90
5.2.2 Dey Revisited 91
5.2.3 Kirby Report 91
5.2.4 Saucier Committee 92
5.2.5 National Policy and Instrument (April 2005) 92
5.2.6 TSE Corporate Governance: Guide to Good Disclosure 2006 93
5.3 Summary 94
5.4 References 94
6 Internal Control and Risk Management 97
6.1 The Composition of Internal Control 97
6.2 Risk as a Subset of Internal Control 98
6.2.1 The Application of Risk Management 98
6.3 Allocation of Responsibility 102
6.3.1 Cadbury Committee 102
6.3.2 Hampel Committee 102
6.3.3 Turnbull 103
6.3.4 Higgs Review 104
6.3.5 Smith Review 104
6.3.6 OECD 105
6.4 The Context of Internal Control and Risk Management 106
6.5 Internal Control and Risk Management 107
6.6 Embedding Internal Control and Risk Management 107
6.7 Summary 107
6.8 References 108
7 Developments in Risk Management in the UK Public Sector 109
7.1 Responsibility for Risk Management in Government 109
7.1.1 Cabinet Office 110
7.1.2 Treasury 111
7.1.3 Office of Government Commerce 111
7.1.4 National Audit Office 112
7.2 Risk Management Publications 112
7.3 Successful IT 113
7.4 Supporting Innovation 115
7.4.1 Part 1: Why Risk Management is Important 115
7.4.2 Part 2: Comprehension of Risk Management 115
7.4.3 Part 3: What More Needs to be Done to Improve Risk Management 115
7.5 The Orange Book 116
7.5.1 Identify the Risks and Define a Framework 116
7.5.2 Assign Ownership 116
7.5.3 Evaluate 117
7.5.4 Assess Risk Appetite 117
7.5.5 Response to Risk 117
7.5.6 Gain Assurance 118
7.5.7 Embed and Review 118
7.6 Audit Commission 118
7.7 CIPFA/SOLACE Corporate Governance 120
7.8 M_o_R 2002 121
7.9 DEFRA 123
7.9.1 Risk Management Strategy 123
7.10 Strategy Unit Report 124
7.11 Risk and Value Management 125
7.12 The Green Book 126
7.12.1 Optimism Bias 126
7.12.2 Annex 4 127
7.13 CIPFA Guidance on Internal Control 127
7.14 Managing Risks to Improve Public Services 129
7.15 The Orange Book (Revised) 131
7.16 M_o_R 2007 132
7.17 Managing Risks in Government 132
7.18 Summary 134
7.19 References 136
Part II The Risk Management Process 137
References 139
8 Establishing the Context: Stage 1 141
8.1 Process 141
8.2 Process Goal and Subgoals 142
8.3 Process Definition 143
8.4 Process Inputs 143
8.5 Process Outputs 145
8.6 Process Controls (Constraints) 145
8.7 Process Mechanisms (Enablers) 146
8.7.1 Ratios 146
8.7.2 Risk Management Process Diagnostic 147
8.7.3 SWOT Analysis 148
8.7.4 PEST Analysis 148
8.8 Process Activities 149
8.8.1 Business Objectives 149
8.8.2 Business Plan 150
8.8.3 Examining the Industry 151
8.8.4 Establishing the Processes 151
8.8.5 Projected Financial Statements 153
8.8.6 Resources 155
8.8.7 Change Management 155
8.8.8 Marketing Plan 155
8.8.9 Compliance Systems 156
8.9 Summary 156
8.10 References 156
9 Risk Identification: Stage 2 159
9.1 Process 159
9.2 Process Goal and Subgoals 159
9.3 Process Definition 160
9.4 Process Inputs 161
9.5 Process Outputs 162
9.6 Process Controls (Constraints) 162
9.7 Process Mechanisms (Enablers) 163
9.7.1 Risk Checklist 163
9.7.2 Risk Prompt List 163
9.7.3 Gap Analysis 163
9.7.4 Risk Taxonomy 164
9.7.5 PEST Prompt 165
9.7.6 SWOT Prompt 168
9.7.7 Database 168
9.7.8 Business Risk Breakdown Structure 169
9.7.9 Risk Questionnaire 169
9.7.10 Risk Register Content/Structure 170
9.8 Process Activities 171
9.8.1 Clarifying the Business Objectives 171
9.8.2 Reviewing the Business Analysis 171
9.8.3 Need for Risk and Opportunity Identification 171
9.8.4 Risk and Opportunity Identification 172
9.8.5 Facilitation 172
9.8.6 Gaining a Consensus on the Risks, the Opportunities and
their Interdependencies 182
9.8.7 Risk Register 182
9.9 Summary 182
9.10 References 182
10 Risk Analysis: Stage 3 185
10.1 Process 185
10.2 Process Goal and Subgoals 186
10.3 Process Definition 186
10.4 Process Inputs 186
10.5 Process Outputs 188
10.6 Process Controls (Constraints) 188
10.7 Process Mechanisms (Enablers) 188
10.7.1 Probability 188
10.8 Process Activities 189
10.8.1 Causal Analysis 190
10.8.2 Decision Analysis and Influence Diagrams 190
10.8.3 Pareto Analysis 193
10.8.4 CAPM Analysis 194
10.8.5 Define Risk Evaluation Categories and Values 195
10.9 Summary 195
10.10 References 196
11 Risk Evaluation: Stage 4 197
11.1 Process 197
11.2 Process Goal and Subgoals 197
11.3 Process Definition 198
11.4 Process Inputs 198
11.5 Process Outputs 198
11.6 Process Controls (Constraints) 199
11.7 Process Mechanisms (Enablers) 200
11.7.1 Probability Trees 200
11.7.2 Expected Monetary Value 201
11.7.3 Utility Theory and Functions 203
11.7.4 Decision Trees 204
11.7.5 Markov Chain 208
11.7.6 Investment Appraisal 210
11.8 Process Activities 215
11.8.1 Basic Concepts of Probability 215
11.8.2 Sensitivity Analysis 216
11.8.3 Scenario Analysis 217
11.8.4 Simulation 217
11.8.5 Monte Carlo Simulation 218
11.8.6 Latin Hypercube 220
11.8.7 Probability Distributions Defined from Expert Opinion 220
11.9 Summary 221
11.10 References 222
12 Risk Treatment: Stage 5 223
12.1 Process 223
12.2 Process Goal and Subgoals 223
12.3 Process Definition 224
12.4 Process Inputs 224
12.5 Process Outputs 224
12.6 Process Controls (Constraints) 225
12.7 Process Mechanisms 225
12.8 Process Activities 226
12.9 Risk Appetite 226
12.10 Risk Response Strategies 228
12.10.1 Risk Reduction 228
12.10.2 Risk Removal 228
12.10.3 Risk Reassignment or Transfer 229
12.10.4 Risk Retention 230
12.11 Summary 230
12.12 References 231
13 Monitoring and Review: Stage 6 233
13.1 Process 233
13.2 Process Goal and Subgoals 234
13.3 Process Definition 234
13.4 Process Inputs 235
13.5 Process Outputs 235
13.6 Process Controls (Constraints) 235
13.7 Process Mechanisms 236
13.8 Process Activities 236
13.8.1 Executing 236
13.8.2 Monitoring 236
13.8.3 Controlling 237
13.9 Summary 239
13.10 Reference 240
14 Communication and Consultation: Stage 7 241
14.1 Process 241
14.2 Process Goal and Subgoals 242
14.3 Process Definition 242
14.4 Process Inputs 243
14.5 Process Outputs 243
14.6 Process Controls (Constraints) 244
14.7 Process Mechanisms 244
14.8 Process Activities 244
14.9 Internal Communication 245
14.10 External Communication 245
14.11 Summary 245
14.12 Reference 246
Part III Internal Influences – Micro Factors 247
15 Financial Risk Management 249
15.1 Definition of Financial Risk 249
15.2 Scope of Financial Risk 250
15.3 Benefits of Financial Risk Management 250
15.4 Implementation of Financial Risk Management 251
15.5 Liquidity Risk 251
15.5.1 Current and Quick Ratios 251
15.5.2 Mitigation of Liquidity Risk 253
15.6 Credit Risk 253
15.6.1 Default Risk 253
15.6.2 Exposure Risk 254
15.6.3 Recovery Risk 254
15.6.4 Credit Insurance 255
15.6.5 Counterparty Risk 256
15.6.6 Due Diligence 256
15.7 Borrowing 259
15.8 Currency Risk 259
15.9 Funding Risk 260
15.10 Foreign Investment Risk 262
15.10.1 Country Risk 262
15.10.2 Environment Risk 263
15.11 Derivatives 263
15.11.1 Exchange Traded Derivatives 263
15.11.2 Over-the-Counter Derivatives 264
15.12 Summary 264
15.13 References 265
16 Operational Risk Management 267
16.1 Definition of Operational Risk 268
16.2 Scope of Operational Risk 269
16.3 Benefits of Operational Risk 270
16.4 Implementation of Operational Risk 270
16.5 Strategy 270
16.5.1 Definition of Strategy Risk 270
16.5.2 Objectives 271
16.5.3 Business Plan 272
16.5.4 New Business Development 272
16.5.5 Resources 273
16.5.6 Stakeholder Interests 273
16.5.7 Corporate Experience 274
16.5.8 Reputation 274
16.6 People 275
16.6.1 Definition of People Risk 275
16.6.2 Types of People Risk 276
16.6.3 Human Resource Management Practices 276
16.6.4 Ability to Pay Salaries 277
16.6.5 Regulatory and Statutory Requirements 277
16.6.6 Staff Constraints 280
16.6.7 Staff Dishonesty 287
16.6.8 Risk Management 287
16.6.9 Health and Safety 292
16.7 Processes and Systems 292
16.7.1 Definition of Processes and Systems Risk 293
16.7.2 Controls 293
16.7.3 Regulatory and Statutory Requirements 294
16.7.4 Continuity 294
16.7.5 Indicators of Loss 295
16.7.6 Transactions 295
16.7.7 Computer/IT Systems 297
16.7.8 Knowledge Management 301
16.7.9 Project Management 302
16.8 External Events 303
16.8.1 Change Management 303
16.8.2 Business Continuity 304
16.9 Outsourcing 305
16.10 Measurement 307
16.11 Mitigation 307
16.12 Summary 307
16.13 References 308
17 Technological Risk Management 309
17.1 Definition of Technology Risk 310
17.2 Scope of Technology Risk 310
17.3 Benefits of Technology Risk Management 311
17.4 Implementation of Technology Risk Management 311
17.5 Primary Technology Types 312
17.5.1 Information Technology 312
17.5.2 Communications Technology 315
17.5.3 Control Technology 319
17.6 Responding to Technology Risk 324
17.6.1 IT Governance 324
17.6.2 Investment 326
17.6.3 Projects 329
17.7 Summary 330
17.8 References 331
18 Project Risk Management 333
18.1 Definition of Project Risk 334
18.2 Definition of Project Risk Management 334
18.3 Sources of Project Risk 335
18.4 Benefits of Project Risk Management 335
18.5 Embedding Project Risk Management 336
18.5.1 Common Challenges in Implementing Project Risk Management 336
18.5.2 Lack of Clearly Defined and Disseminated Risk Management Objectives 337
18.5.3 Lack of Senior Executive and Project Director Commitment and Support 337
18.5.4 Lack of a Risk Maturity Model 337
18.5.5 Lack of a Change Process to Implement the Discipline 338
18.5.6 No Common Risk Language (Terms and Definitions) 338
18.5.7 Lack of Articulation of the Project Sponsor’s Risk Appetite 338
18.5.8 No Definition of Roles and Responsibilities 339
18.5.9 Lack of Risk Management Awareness Training to Build Core Competencies 339
18.5.10 Lack of Integration of Risk Management with Other Project Disciplines 340
18.5.11 Reticence of Project Personnel to Spend Time on Risk Management 340
18.5.12 Risk Owners not Automatically Taking Responsibility for Assigned Risks 341
18.5.13 No Clear Demonstration of How Risk Management Adds Value and Contributes to Project Performance 341
18.5.14 Overcomplicated Implementation from an Unclear Risk Policy, Strategy, Framework, Plan and Procedure 341
18.5.15 Lack of Alignment between the Business Strategy, Business Model and the Risk Management Objectives 341
18.5.16 Lack of the Integration of Risk Management Activities into the Day-to-Day Activities of Project Managers 342
18.6 Project Risk Management Process 342
18.6.1 Establish the Context 342
18.6.2 Risk Identification 344
18.6.3 Risk Analysis 344
18.6.4 Risk Evaluation 345
18.6.5 Risk Treatment 345
18.6.6 Risk Monitoring and Review 345
18.6.7 Communication and Consultation 346
18.7 Responsibility for Project Risk Management 346
18.8 Project Director’s Role 347
18.9 Project Team 347
18.9.1 Lack of Team Structure 347
18.9.2 Lack of Definition of Roles 348
18.9.3 Lack of Responsibility Assignment Matrix 348
18.9.4 Poor Leadership 348
18.9.5 Poor Team Communication 348
18.10 Optimism Bias 349
18.10.1 The Investment Decision 349
18.10.2 Optimism Bias 350
18.10.3 Monitoring 350
18.10.4 Using Numerical Indicators in Project Decision Making 350
18.10.5 Causes of Optimism Bias 351
18.10.6 The Distinction between Risk Events and Optimism Bias 351
18.11 Software Tools Used to Support Project Risk Management 351
18.12 Techniques Used to Support Project Risk Management 352
18.13 Summary 352
18.14 References 354
19 Business Ethics Management 355
19.1 Definition of Business Ethics Risk 355
19.2 Scope of Business Ethics Risk 356
19.3 Benefits of Ethics Risk Management 357
19.4 How Unethical Behaviour can Arise 357
19.5 Recognition of the Need for Business Ethics 358
19.5.1 US Department of Commerce 358
19.5.2 The G8 Summit in Italy Pushes for a Return to “Ethics” 359
19.5.3 OECD and Its Approach to Business Ethics 359
19.5.4 UK Financial Services Authority 360
19.5.5 US Department of Justice 360
19.6 Factors that Affect Business Ethics 361
19.7 Risk Events 361
19.8 Implementation of Ethical Risk Management 365
19.8.1 Areas of Focus 365
19.8.2 Levels of Application 366
19.8.3 The System 368
19.9 Summary 374
19.10 References 374
20 Health and Safety Management 375
20.1 Definition of Health and Safety Risk 375
20.2 Scope of Health and Safety Risk 376
20.3 Benefits of Health and Safety Risk Management 376
20.3.1 Business Benefits 377
20.3.2 The Enterprise Context: AstraZeneca 378
20.4 The UK Health and Safety Executive 378
20.4.1 The UK Perspective: Health and Safety Record 379
20.5 The European Agency for Safety and Health at Work 379
20.5.1 Main Challenges Concerning Health and Safety at Work 380
20.6 Implementation of Health and Safety Risk Management 380
20.6.1 Management Arrangements 381
20.6.2 Risk Controls 381
20.6.3 Workplace Precautions 381
20.6.4 System Implementation 382
20.7 Workplace Precautions 382
20.8 Contribution of Human Error to Major Disasters 382
20.8.1 Tenerife, 27 March 1977 382
20.8.2 Chernobyl, 26 April 1986 384
20.8.3 Kegworth, 8 January 1989 385
20.8.4 Herald of Free Enterprise, 6 March 1987 386
20.8.5 Piper Alpha, 6 July 1988 387
20.8.6 Ladbroke Grove, 5 October 1999 387
20.9 Improving Human Reliability in the Workplace 388
20.10 Risk Management Best Practice 389
20.10.1 Crisis Management Plan 389
20.11 Summary 390
20.12 References 390
Part Iv External Influences – Macro Factors 391
21 Economic Risk 393
21.1 Definition of Economic Risk 393
21.2 Scope of Economic Risk 393
21.3 Benefits of Economic Risk Management 394
21.4 Implementation of Economic Risk Management 394
21.5 Microeconomics and Macroeconomics 394
21.6 Macroeconomics 395
21.6.1 Gross Domestic Product 395
21.7 Government Policy 397
21.7.1 Fiscal Policy 397
21.7.2 Monetary Policy 397
21.7.3 Competing Theories 398
21.8 Aggregate Demand 398
21.8.1 Using Aggregate Demand Curves 399
21.8.2 Determinants of Consumer Spending 399
21.8.3 Determinants of Investment Expenditure 400
21.8.4 Determinants of Government Spending 400
21.8.5 Determinants of Net Expenditure on Exports and Imports 401
21.9 Aggregate Supply 401
21.10 Employment Levels 403
21.11 Inflation 403
21.12 Interest Rate Risk 404
21.13 House Prices 405
21.14 International Trade and Protection 405
21.14.1 Trade 405
21.14.2 Methods of Protectionism 406
21.14.3 Trade Policy 406
21.14.4 Balance of Trade 406
21.15 Currency Risk 407
21.15.1 Risk Mitigation by Hedging 407
21.16 Summary 412
21.17 References 412
22 Environmental Risk 413
22.1 Definition of Environmental Risk 413
22.2 Scope of Environmental Risk 415
22.3 Benefits of Environmental Risk Management 415
22.4 Implementation of Environmental
Risk Management 415
22.5 Energy Sources 416
22.5.1 Renewable Energy 417
22.6 Use of Resources 419
22.7 Pollution 420
22.8 Global Warming 420
22.9 Response to Global Warming 422
22.9.1 Earth Summit 422
22.9.2 The Kyoto Protocol 422
22.9.3 Pollution Control Targets 422
22.9.4 Sufficiency of Emission Cuts 423
22.9.5 US Climate Pact 423
22.9.6 The Copenhagen Accord 424
22.9.7 European Union 425
22.9.8 Cancún Agreements 425
22.9.9 Domestic Government Response to Climate Change 426
22.9.10 Levy 427
22.9.11 Emissions Trading 428
22.9.12 Impact on Business 428
22.10 Stimulation to Environmental Considerations 429
22.10.1 FTSE4Good Index 429
22.10.2 Carbon Trust 429
22.10.3 Public Pressure 430
22.11 Environmental Sustainability 431
22.12 Summary 432
22.13 References 433
23 Legal Risk 435
23.1 Definition of Legal Risk 435
23.2 Scope of Legal Risk 435
23.3 Benefits of Legal Risk Management 436
23.4 Implementation of Legal Risk Management 436
23.5 Business Law 437
23.6 Companies 438
23.6.1 The Company Name 438
23.6.2 The Memorandum of Association 438
23.6.3 Articles of Association 439
23.6.4 Financing the Company 439
23.6.5 The Issue of Shares and Debentures 440
23.6.6 The Official Listing of Securities 440
23.6.7 The Remedy of Rescission 440
23.6.8 Protection of Minority Interests 440
23.6.9 Duties of Directors 441
23.7 Intellectual Property 441
23.7.1 Patents 441
23.7.2 Copyright 445
23.7.3 Designs 446
23.8 Employment Law 447
23.9 Contracts 447
23.9.1 Essentials of a Valid Contract 447
23.9.2 Types of Contract 447
23.10 Criminal Liability in Business 448
23.10.1 Misdescriptions of Goods and Services 448
23.10.2 Misleading Price Indications 449
23.10.3 Product Safety 450
23.11 Computer Misuse 451
23.11.1 Unauthorised Access to Computer Material 451
23.11.2 Unauthorised Access with Intent to Commit or Facilitate
Further Offences 451
23.11.3 Unauthorised Modification of Computer Material 451
23.12 Summary 452
24 Political Risk 453
24.1 Definition of Political Risk 454
24.2 Scope of Political Risk 454
24.2.1 Macropolitical Risks 454
24.2.2 Micropolitical Risks 455
24.3 Benefits of Political Risk Management 455
24.4 Implementation of Political Risk Management 455
24.5 Zonis and Wilkin Political Risk Framework 457
24.6 Contracts 459
24.7 Transition Economies of Europe 459
24.8 UK Government Fiscal Policy 460
24.9 Pressure Groups 461
24.10 Terrorism and Blackmail 461
24.11 Responding to Political Risk 462
24.11.1 Assessing Political Risk Factors 463
24.11.2 Prioritising Political Risk Factors 464
24.11.3 Improving Relative Bargaining Power 464
24.12 Summary 464
24.13 References 465
25 Market Risk 467
25.1 Definition of Market Risk 467
25.2 Scope of Market Risk 468
25.2.1 Levels of Uncertainty in the Marketing Environment 469
25.3 Benefits of Market Risk Management 470
25.4 Implementation of Market Risk Management 470
25.5 Market Structure 470
25.5.1 The Number of Firms in an Industry 471
25.5.2 Barriers to Entry 471
25.5.3 Product Homogeneity, Product Diversity and Branding 473
25.5.4 Knowledge 473
25.5.5 Interrelationships within Markets 474
25.6 Product Life Cycle Stage 475
25.6.1 Sales Growth 476
25.7 Alternative Strategic Directions 476
25.7.1 Market Penetration 477
25.7.2 Product Development 477
25.7.3 Market Development 479
25.7.4 Diversification 481
25.8 Acquisition 482
25.9 Competition 483
25.9.1 Price Stability 483
25.9.2 Non-Price Competition 484
25.9.3 Branding 485
25.9.4 Market Strategies 486
25.10 Price Elasticity/Sensitivity 489
25.10.1 Elasticity 489
25.10.2 Price Elasticity 489
25.11 Distribution Strength 490
25.12 Market Risk Measurement: Value at Risk 490
25.12.1 Definition of Value at Risk 490
25.12.2 Value at Risk 490
25.12.3 VaR Model Assumptions 491
25.12.4 Use of VaR to Limit Risk 493
25.12.5 Calculating Value at Risk 494
25.13 Risk Response Planning 496
25.14 Summary 496
25.15 References 497
26 Social Risk 499
26.1 Definition of Social Risk 499
26.2 Scope of Social Risk 500
26.3 Benefits of Social Risk Management 500
26.4 Implementation of Social Risk Management 501
26.5 Education 501
26.6 Population Movements: Demographic Changes 502
26.6.1 The Changing Market 503
26.7 Socio-Cultural Patterns and Trends 504
26.8 Crime 504
26.8.1 Key Facts 504
26.9 Lifestyles and Social Attitudes 505
26.9.1 More Home Improvements 505
26.9.2 Motherhood, Marriage and Family Formation 505
26.9.3 Health 506
26.9.4 Less Healthy Diets 507
26.9.5 Smoking and Drinking 508
26.9.6 Long Working Hours 509
26.9.7 Stress Levels 509
26.9.8 Recreation and Tourism 510
26.10 Summary 510
26.11 References 511
Part V The Appointment 513
27 Introduction 515
27.1 Change Process From the Client Perspective 515
27.1.1 Planning 515
27.1.2 Timely Information 516
27.1.3 Risk Management Resources 516
27.2 Selection of Consultants 517
27.2.1 Objectives 517
27.2.2 The Brief 517
27.2.3 Describing Activity Interfaces 517
27.2.4 Appointment Process Management 518
27.2.5 The Long-Listing Process 518
27.2.6 Short-List Selection Criteria 519
27.2.7 Request for a Short-Listing Interview 519
27.2.8 Compilation of Short List 519
27.2.9 Prepare an Exclusion Notification 520
27.2.10 Prepare Tender Documents 520
27.2.11 Agreement to be Issued with the Tender Invitation 521
27.2.12 Tender Process 521
27.2.13 Award 521
27.2.14 Notification to Unsuccessful Tenderers 522
27.3 Summary 522
27.4 Reference 522
28 Interview with the Client 523
28.1 First Impressions/Contact 523
28.2 Client Focus 524
28.3 Unique Selling Point 524
28.4 Past Experiences 526
28.5 Client Interview 527
28.5.1 Scene/Overview 527
28.5.2 Situation/Context 527
28.5.3 Scheme/Plan of Action 527
28.5.4 Solution Implementation 528
28.5.5 Success, Measurement of 528
28.5.6 Secure/Continue 528
28.5.7 Stop/Close 528
28.6 Assignment Methodology 528
28.7 Change Management 529
28.8 Sustainable Change 529
28.9 Summary 530
28.10 References 531
29 Proposal 533
29.1 Introduction 533
29.2 Proposal Preparation 533
29.2.1 Planning 533
29.2.2 Preliminary Review 534
29.3 Proposal Writing 534
29.3.1 Task Management 534
29.3.2 Copying Text 534
29.3.3 Master Copy 534
29.3.4 Peer Review 534
29.4 Approach 535
29.5 Proposal 535
29.5.1 Identify the Parties – the Who 535
29.5.2 Identify the Location – the Where 537
29.5.3 Understand the Project Background – the What 537
29.5.4 Define the Scope – the Which 537
29.5.5 Clarify the Objectives – the Why 537
29.5.6 Determine the Approach – the How 538
29.5.7 Determine the Timing – the When 538
29.6 Client Responsibilities 538
29.7 Remuneration 539
29.8 Summary 539
29.9 References 539
30 Implementation 541
30.1 Written Statement of Project Implementation 541
30.2 Management 541
30.2.1 Objectives 541
30.2.2 Planning the Project 542
30.2.3 Consultant Team Composition 543
30.2.4 Interface with Stakeholders 543
30.2.5 Data Gathering 543
30.2.6 Budget 544
30.2.7 Assessment of Risk 544
30.2.8 Deliverables 544
30.2.9 Presentation of the Findings 545
30.2.10 Key Factors for Successful Implementation 545
30.3 Customer Delight 548
30.4 Summary 548
30.5 References 548
Appendix 1: Successful IT: Modernising Government in Action 549
Appendix 2: Sources of Risk 553
Appendix 3: DEFRA Risk Management Strategy 557
Appendix 4: Risk: Improving Government’s Capability to Handle Risk and Uncertainty 561
Appendix 5: Financial Ratios 567
Appendix 6: Risk Maturity Models 573
Appendix 7: SWOT Analysis 579
Appendix 8: PEST Analysis 583
Appendix 9: VRIO Analysis 587
Appendix 10: Value Chain Analysis 589
Appendix 11: Resource Audit 591
Appendix 12: Change Management 595
Appendix 13: Industry Breakpoints 599
Appendix 14: Probability 601
Appendix 15: Value at Risk 611
Appendix 16: Optimism Bias 613
Index 621
