Reducing risks on big projects
Big projects (> 1 Million) have too many unknowns. The secret in managing Big projects is to be proactive about knowing what your unknowns are and planning enough room for managing the unknowns. This is the biggest challenge.
Passive management on big projects is a guaranteed recipe for failure.
In the internet startup business this philosophy doesn’t have too many followers. The idea there is to let the business grow organically and let the project be managed based on the demands. Twitter is a good example of that where a concept grew organically very fast and the team behind it had to scale the systems based on the demand.
A canadian company http://localads.org is planning to do the same thing by organically growing a unique concept and taking on the classifieds industry.
How far the concept will be accepted is something to be seen.
4 Questions to ask when selecting an audit software
1 – Do you need a centralized facility to model your audit universe?
2 – What are your expectations with respect to work papers automation?
3 – What type of audit planning do you engage in and how do you do it?
4- How does your audit process integrate with the company wide ECM strategy?
Read more about how these questions can help you with selecting your audit software here.
Great article on how to reduce costs with Internal Audit and SOX processes
BPS is a software company which produces Integrated risk management software. This article on their blog is an eye opener for people who believe things should be done the traditional way.
Reputational risk – competitive advantage for sure
At this age of reduced pricing, increased quality, optimized workforce a differentiating factor for any company is how they are perceived by their existing customers and by the public in general. ‘Reputation’ matters.
Reputation may be an intangible but it is a highly prized asset, often equated with the goodwill of the business. For the majority of enterprises it is seen as the most critical risk. One of the major reasons for this is measuring this and putting a price on this considered more of an art than a science. And very few companies have mastered this art.
The CEO may be directly responsible for the management of reputational risk, this is normally shared with the Board of Directors, while deploying a number of functions such as corporate communications in its day-to-day operational mode.
There is, however, some consensus on the key elements of managing reputational risk:
- Prompt and effective communication with all categories of stakeholder – shareholders, employees, customers and suppliers.
- Strong and consistent enforcement of controls on governance, business and legal compliance.
- Continuous monitoring of threats to reputation.
- Ensuring ethical practice throughout the supply chains.
- Establishment and continual updating of a crisis management plan and establishment of a crisis management team, empowered with specific power and authority.
Controlling reputational risk through a managed or controlled way is very possible, a marketing and PR division of an organization should be involved in all aspects of setting this up.
How to reduce risk when buying online products and services
Recently, one of our staff bought a cologne (Chemistry from clinique) for her husband for father’s day from an online shop (not mentioning the name because she is still sorting out the issue). The perfume, cheaper compared to other online merchants, turned out to be a ’fake’ . Anyways, to keep things short, the reason this person bought this was because of the reviews she read on their testimonials page. Obviously, even though the reviews sounded authentic, turned out to be made up. She found that out by googling one of the names of the companies listed there.
The risk of buying a bad product / service online reduces greatly when you have other people giving a positive review or a testimonial. But what if these are not original reviews and were made up by the seller of the service to increase his conversion rate. Conversion rate increases dramatically when you have positive reviews and online marketeers know that and use that to their advantage.
Validating these online reviews or testimonials is a challenge for the end consumer and hence trusting the seller or the service provider becomes a challenge. Buyers should look for verified testimonials. A video testimonial with the name of the person and his job, his company would be ideal. But that is hard for small companies to produce and maintain and even that might not be authentic. So what do consumers do ? Look for independent 3rd party verified reviews and testimonials.
A startup company is getting launched solving this very problem. The company (http://www.ReviewScale.com) helps in improving online reputation and builds tools to manage testimonials, reviews and rating and also has a process to independently verify them. I guess a service offering like that might help consumers from getting ripped by the online sharks.
Trading risk managment rule
Trader’s should know this – The 2% risk management rule. The two percent risk management rule states that you must limit your risk on any single trade to a maximum of two percent of your trading capital. For amateur traders, the two percent rule gives leeway for mistakes and gives the amateur trader time in the market to learn and survive for the longer term. For professional traders, the two percent risk management is their margin of error.
Read more about this here
Market Risk – what does it comprise of ?
To quote from wikipedia http://en.wikipedia.org/wiki/Market_risk
Market risk is the risk that the value of an investment will decrease due to moves in market factors. The four standard market risk factors are:
- Equity risk, or the risk that stock prices will change.
- Interest rate risk, or the risk that interest rates will change.
- Currency risk, or the risk that foreign exchange rates will change.
- Commodity risk, or the risk that commodity prices (i.e. grains, metals, etc.) will change.
How Audit Objectives are Met Under the Integrated Framework for Internal Control
Under the Framework there are three basic audit objectives:
- to determine whether controls provide reasonable assurance of effective and efficient operations;
- to determine whether controls provide reasonable assurance as to the reliability of financial data and reports; and
- to determine whether controls provide reasonable assurance of compliance with laws and regulations.
Each of these objectives has five components of control:
- A sound Control Environment;
- A sound Risk Assessment Process;
- Sound Operational Control Activities;
- Sound Information and Communications System; and
- Sound Monitoring Practices
1. For the Control Environment Component auditors assess
- whether managers and employees possess integrity, ethical values and competence;
- whether the nature of management’s philosophy and operating style is appropriate;
- whether there is proper assignment of authority and responsibility;
- whether there is proper organization of available resources;
- whether there is proper training and development of people; and
- whether there is proper attention and direction from management.
2. For the Risk Assessment Component auditors assess
- whether management has established a set of objectives that integrate all the organization’s resources so that the organization operates in concert;
- whether there is an awareness of and ability to deal with the risks and obstacles to successful achievement of business objectives; and
- whether management identifies, analyzes and manages the risks and obstacles to successful achievement of business objectives.
3. For the Operational Control Activities Component auditors assess
- whether management has established and executed policies and procedures to help ensure effective implementation of the actions they have identified as being necessary to address risks and obstacles to achievement of business objectives;
4. For the Information and Communications Systems Component auditors assess
- whether the information system produces the financial, operational and compliance reports needed to run the business;
- whether the reports that are produced deal with internal and external activities, conditions and events necessary to informed business decision making and external reporting;
- whether the organizations people are able to capture and exchange the information they need to conduct, manage and control operations;
- whether pertinent information is identified, captured and communicated in a form that enables people to effectively carry out their responsibilities;
- whether communications flows in all directions throughout the organization;
- whether management has made it clear to all employees that control responsibilities are to be taken seriously;
- whether employees understand their own roles in the internal control system, as well as how their individual activities relate to the work of others;
- whether all employees have the means of communicating significant information upstream; and
- whether their is effective communication with external parties.
5. For the Effective Monitoring Component auditors assess
- whether the entire control system is monitored to assess the quality of the system’s performance over time;
- whether there is on-going monitoring in the normal course of doing business, such as regular supervisory and management activities, and actions employees take in performing their normal duties;
- whether internal deficiencies are reported upstream, with serious matters reported directly to top management;
- whether there are separate, independent evaluations of the internal control system.
Reduce 80% problems on projects
Some experts have said that a strong risk management process can decrease problems on a project by as much as 80 or 90 percent. In combination with solid project management practices–having a well-defined scope, incorporating input from the appropriate stakeholders, following a good change management process, and keeping open the lines of communication–a good risk management process is critical in cutting down on surprises, or unexpected project risks. Such a process can also help with problem resolution when changes occur, because now those changes are anticipated and actions have already been reviewed and approved, avoiding knee jerk reactions.
Read further on this CIO article – Project Risk Management – Practical and Effective Approach
Risk adjusted Return for a portfolio – Part 2
As time progressed, three major composite measures of risks for a Portfolio were adopted by the risk professionals.
- Treynor Index
- Sharpe Performance Index
- Jensen Performance Index
Treynor Index :
In order to use the Treynor Index, you must know three things; the portfolio return, the risk-free rate of return, and the beta of the portfolio. For the risk-free rate of return, you may use the average return (over the period of time) of some government bond or note. The beta of the portfolio is a measure of the systematic risk of the portfolio. Using the beta, rather than the standard deveiation, you are assuming that the portfolio is a well diversified portfolio. If you are looking at the return of a mutual fund, this figure is typically available from the fund company itself.
For those of you who want to know the formula for the index;
Treynor = (Portfolio Return – Risk-Free Return) / Beta
Let’s use the same example information. A portfolio manager achieved a return of 15.0%, his portfolio had beta measurement of 1.1 and the market achieved a return of 14.6% vs. a risk free rate of return of 7%. To calculate the Jensen Index:
index = (.15 – .07) / 1.1 = 0.0727
To compare, another portfolio manager achieved a return of 13.5% with a beta of .81. The Treynor index for this porfolio manager is:
index = (.135 – .07) / 0.81 = 0.0802
This means that the 2nd portfolio manager out performed the first portfolio manager on a risk-adjusted basis.
Sharpe Performance Index :
In order to use the Sharpe Index, you must know three things; the portfolio return, the risk-free rate of return, and the Standard Deviation of the portfolio. For the risk-free rate of return, you may use the average return (over the period of time) of some government bond or note. The Standard Deviation of the portfolio is a measure of the systematic risk of the portfolio. Using the Standard Deviation, rather than the beta (as in the Treynor Index), you are assuming that the portfolio is NOT a deversified portfolio.
Because the numerator is the Portfolio’s Risk Premium, the Sharpe Index measures the Risk Premium earned per unit of total risk.
Si = Ri – RFR / oi
Ri = Average Rate of Return for Portfolio
RFR = Average Rate of Return for Risk-Free Assets
oi = Standard Deviation of Rate of Portfolio’s Return
Jensen Peformance Measure:
Superior portfolio managers who accurately predict market turns or who identify undervalued investments earn higher have consistently positive random error terms
rjt = rfrt + bj[rmt - rfrt ] + ujt
this version of capm suggests that return is a function of risk-free rate, plus risk premium that depends on systematic risk, plus, random error term with an intercept to measure the positive or negative difference,
the equation becomes rjt – rfrt = alpha + bj[rmt - rfrt ] + ujt
rearranged —– alpha = (rjt – rfrt) – bj (rmt – rfrt)
where alpha measures how much of the rate of return on the portfolio is attributable to the manager’s ability to derive above-average returns adjusted for risk
