Video Transcript
Risk Management
Two words that bring calm to some and fear to others. The backbone of a strong company is good risk management, but what if you are just getting started? How do you even begin effectively managing your risks?
Well, let’s walk through an example…
First lets talk about two terms:
- QA
- QC
In this example you will see examples of both as these quality activities as the apply to one process but in different places.
QA is a risk control assessment done within a process, You can compare it to a Almost like a chef tasting a sauce to make sure the flavor is just right before the sauce is put on a plate and a waitress that checks to make sure that a dish with sauce was ordered by the guest. QA ensures your product is made and delivered according to what you advertised and QC ensures your process controls are working.
QC is a risk control activity done after the fact. It could be reviewing the number of plates sent back or identifying the number of errors made each day.
Let’s get down to business!
We need to be profitable. So…we start a business and put processes in place to produce and product or service. Let’s look at how we can apply risk management to a basic business process:
Taking the order at a fast food restaurant
Risks:
- Employee Stealing from Register
- Employee Taking Cash from Change back to Client
- Employee Slip/Fall
- Order is incorrect
- Customer Presents Risk (Theft/Robbery)
Each Risk Must Have a Specific Control
Controls can be manual or automated processes or policies. One risk could have multiple controls.
Employee Stealing from Register
Control: Back ground Checks on Each New EmployeeEmployee Taking Cash from Change back to Client
Control: Intermittent Register AuditsEmployee Slip/Fall
Control: Scheduled Cleaning/Cleaning PolicyOrder is incorrect
Control: Customer sees order on screenCustomer Presents Risk (Theft/Robbery)
Control: Install Security Cameras
Control: Redirect Traffic to Drive-through only after a certain hour
Each control needs a test of control.
This is a way to prove that your control is working for the purpose it was designed.
Employee Stealing from Register
Control: Back ground Checks on Each New Employee
Test of Control: Verifying a background check was completed. (This could be based on a random sample or a population check. Timing could be based on risk level. This could be weekly, monthly or quarterly)Employee Taking Cash from Change back to Client
Control: Intermittent Register Audits
Test of Control: Ensuring Audits are complete (possibly 3rd party completes. Timing is based on risk-random sample or population data)Employee Slip/Fall
Control: Scheduled Cleaning/Cleaning Policy
Test of Control: Review documented falls/slips, Observation order is incorrectOrder is incorrect
Control: Customer sees order on screen
Test of Control: Review # of orders remade (this is tricky as you may need to put tracking in place to identify errors or remade itemsCustomer Presents Risk (Theft/Robbery)
Control: Install Security Cameras
Test of Control: Check security Cameras make sure they are functioning- they have recorded material and they are pointed in the correct location (this may be a high risk meaning if the fails are greater than a certain # an escalation is necessary)
Control: Redirect Traffic to Drive-through only after a certain hour
Test of Control: # of reported incidents
But what if your process isn’t concrete and your methods to production are not traditional?
These same rules apply.
For example… What if you are an author of children books. Children’s books about yellow unicorns? How do you apply concrete risk management concepts to a nontraditional creative process?
Identify your risks
a. Failure to complete
b. Errors/Quality
c. Failure to meet the VOC
d. Copyright issues
e. SalesDetermine how you plan to mitigate those risks.
a. It is imperative that your creative process have measurable goals. Pages per day.
b. Having a predictable process that you follow to achieve a sustainable end is key. This is only if your goal is financial.
c. Ensure that you know how to create repeatability when you can especially if you have any aspects of your business that require 3rd party scrutiny.Be sure and assess all of your risks and have appropriate verification procedures. a. In every business it is very easy to overlook risks tied to Technology and Intellectual capital.
Keep good records.
Risk can be a scary thing as a business owner. Let Kindly Ops help guide you through the big bad world of risk. Allowing you to focus on growing your business.