2 Jul 2020

Set your organisation a world apart from the rest with expert risk management guidance

Set your organisation a world apart from the rest with expert risk management guidance news article image

Inspired by the processes of NASA, the Alliance Governance Team explore the ins and outs of risk management that will help your organisation expect the best and be prepared for the worst. 

 
rnNASA

Risk Management the NASA way 

Unsurprisingly, putting a rocket into space is an incredibly risky endeavour and as such NASA takes its risk management process incredibly seriously.

Its risk management handbook is over 220 pages long, incredibly detailed and in places completely irrelevant to organisations on earth (it’s not often that we have to deal with space debris colliding with our customers, staff or shareholders). 

However, the core principles are invaluable and applied to our organisations to improve the way we deal with risk. 

What is Risk? 

At a basic level, risk is the possibility of an outcome not being as expected.

We weigh up risk everyday of our waking lives, mostly on an unconscious level.

Should I take an umbrella on my walk today? 
Is this the best time to cross the road? 
Should I have that extra slice of cake?  

(the answer to the latter question is almost always ‘yes’ and ‘I’m happy to take the risk’) 

On an organisational level, risk comes from both internal and external sources. The external risks are those that are not in direct control of the management. These include political issues, exchange rates, interest rates, pandemics and so on. Internal risks, on the other hand, include non-compliance, information breaches, staff absence etc 

How do we manage risk? 

In order to manage the impact of risks in an organisation we need a systematic approach to alleviate any negative consequences of a specific phenomenon. This is known as risk management and is a process by which firms: 

“IDENTIFY MEASURE, PRIORITIZE AND MITIGATE THE ADVERSE EFFECT OF UNCERTAINTIES” 

— Chapman and Ward 

Risk management is incredibly important and should be at the heart of an organisation’s strategy and coupled with its future objectives. If a company defines objectives without taking the risks into consideration, the organisation will lose direction if any risks come to fruition. 

The process that NASA uses to manage risk is called the Continuous Risk Management (CRM). This cyclical method consists of 5 steps with an overarching layer of constant communication.

 
rnCRM

RISK IDENTIFICATION 

Continuous efforts to capture, acknowledge, and document risks as they are found. In organisations this can be done with workshops, interviews or data analysis. 

RISK ANALYSIS 

An evaluation of all identified risks to estimate the probability of occurrence, severity of impact, timeframe of expected occurrence and when mitigation actions are needed. The use of risk matrices are a great tool to lead your thinking during this process. 

RISK PLANNING 

Establishes actions, plans, and approaches for addressing risks and assigns responsibilities and schedules for completion. Thinking of potential scenarios where things don’t go to plan will help clarify your thinking when risk planning. 

RISK TRACKING 

Capturing, compiling, and reporting risk attributes/metrics to determine whether risks are being mitigated effectively and risk mitigation plans are being performed correctly. For example, to avoid loss of office equipment, a sign out register would be completed by staff when an item is required. A monthly inventory check can be taken to see how effective that register is. 

RISK CONTROLLING 

An activity that utilises the status and tracking information to make a decision about a risk or risk mitigation effort. In your organisation this process could involve action planning, controls and training procedures to help increase control over the risk 

Risk Communicating and Documenting 

Well-defined, documented communication tools, formats, and protocols assure that there is an overt action to communicate and document the risk at all steps of the CRM process.

Communication and documentation can be in the form of an action item log, risk information sheet, risk database, mitigation plan, status report, tracking log, and/or meeting decision.  

Here is an example of NASA’s Zeus project risk management and data flow with communication prompts at every step: 

 
rnRisk Flow Chart

Now is as good a time as any to review your risk management processes.

Whilst NASA’s processes seem arduous, even if you don’t quite achieve space grade risk processes, adopting certain elements will improve the way you identify, navigate and mitigate any potential issues to your organisation. 

To quote Norman Vincent Peale: 

“SHOOT FOR THE MOON. EVEN IF YOU MISS, YOU’LL LAND AMONG THE STARS.”  

Latest News

6 Nov 2024

Updated UK Concussion Guidelines published underlining the message ‘If in doubt, sit them out’

Today, the Sport and Recreation Alliance is publishing an updated version of the UK Concussion Guidelines for Non-Elite (Grassroots) Sport.

Read more Arrow Right
5 Nov 2024

Alliance welcomes Ruth Hall and Alex Jordan to its Board

The Alliance is delighted to announce that Ruth Hall and Alex Jordan have joined the Board, and started their four-year terms following the Alliance’s Annual General Meeting on 15 October.

Read more Arrow Right
31 Oct 2024

Autumn Budget 2024 – What does it mean for sport and recreation?

On Wednesday 30 October, Chancellor of the Exchequer Rachel Reeves MP delivered her first Budget statement to the House of Commons. Whilst the Budget’s core focus was on a number of key tax rises to fund increased spending on health and education, we look below at some of the measures which will be of interest for Alliance members and the sport and recreation sector.

Read more Arrow Right

Become a member

Joining the Sport and Recreation Alliance is pretty simple, but worthwhile!

Register now

Our Partners

Admincontrol logoAir IT logoGateley Legal logohelp me Angela logoHowden logoMarsh Sport logoSport:80 logoZellar logo93FT logo