User:CWNEAL13/sandbox

Mitigating strategic risk

Since strategic risk comes from the business strategy of a company, it is important for top management and the board of directors to be involved in creating a plan to reduce risk in this area. Management should use their knowledge of the company and its industry to formulate a strategy, and work in collaboration with the board of directors to identify and assess possible risks associated with that strategy. It is then the role of the board to decide upon an acceptable level of risk and whether the potential gains from the strategy proposed are worth the risk.

Three approaches to managing strategic risk include:


 * Using independent experts
 * Experts from outside of the firm can be used to periodically assess the risk level of projects
 * Facilitators
 * A central group manages risk across different departments of a company by collecting information from operating managers and creating a comprehensive review of the company's risk
 * Embedded experts
 * In industries such as financial services where the company's level of risk is highly variable and dependent upon the actions of traders and investment managers, risk experts can work alongside these employees to continuously monitor and assess their daily actions

Strategic risk management framework

By following a strategic management process, a company can ensure that risk is addressed at every step of


 * Strategic risk profile analysis
 * In this step, risks are identified by examining factors that could affect the business. These could be internal factors, such as the organization's structure and culture, or external factors such as industry trends, consumer preferences, or the regulatory environment the company is operating in. A SWOT analysis can be performed to evaluate and prioritize certain risks.
 * Formulation of strategic plan
 * Using insight gained from the analysis, the company outlines proposed strategies and defines the objectives and goals needed to carry out its strategic mission/vision. The strategic plan should detail key risk metrics and performance indicators to measure, how they will be measured, and who is responsible for managing them. It should also establish thresholds, or trigger points for these metrics, which will be used to determine when management should take action to mitigate or accept more risk.
 * Implementation
 * During this step, the company puts the strategy into practice through their operations. This includes setting budgets and the organizational structure. This is also where strategic risk is controlled and managed by monitoring the risk metrics identified during the analysis.