Risk management is the process of identifying, quantifying, and
managing the risks that an organisation faces. As the outcomes of business
activities are uncertain, they are said to have some element of risk.
These risks include strategic failures, operational failures, financial
failures, market disruptions, environmental disasters, and regulatory
violations. Risk is a statistical concept that is measured using statistical
concepts that are related to the unknown future. Almost all investments are
exposed to it.
Risk management involves identifying the types of risk exposure
within the company, measuring those potential risks, proposing means to hedge,
insure or mitigate some of the risks and estimatin the impact of various risks
on the future earnings of the company.
While it is impossible that companies remove all risk from the
organisation, it is important that they properly understand and manage the
risks that they are willing to accept in the context of the overall corporate
strategy. The management of the company is primarily responsible for risk
management, but the board of directors, internal auditor, external auditor, and
general counsel also play critical roles.
Risk can be managed in a number of ways: by the buying of
insurance, by using derivative instruments as hedges, by sharing risks with
others, or by avoiding risky positions altogether.