Risk Management The objective of this study is to discuss the role and nature of organizational risk management in justice and security organizations and why it is so important. The following will be addressed in the assessment; (1) risk planning and resource identification; (2) management of risk in justice and security organizations; (3) costs associated in managing risk; (4) consequences of failing to manage risk; and benefits; and (5) benefits a properly performed risk analysis has for management and key stakeholders.

Risk Management

Risk management planning involves the consideration of a strategy for managing risk and responsibilities related to assessing, responding, and mitigating risk as well as contingency planning, tracking and reporting. Risk is reported to be defined as an event that is very likely to occur and that would either positively or negatively impact a project if and when that risk did occur. (National Disaster Medical System, nd, paraphrased) Managing risk involves first identifying risk which can be understood in terms of an event "that could prevent the project from progressing as planned. Some risks are identified when a project begins and other risks are only able to be identified during the project's lifecycle. (National Disaster Medical System, nd, paraphrased) Risk management planning involves understanding how it is that risk management works. It is reported that risk is the effect, whether it be of a positive or of a negative nature of "an event or series of events that take place in one or several locations." (National Disaster Medical System, nd) Risk is such that may be computed from the likelihood of the event and the effect of that event. (National Disaster Medical System, nd, paraphrased)

II. Risk Analysis

Risk analysis involves asking questions such as those related to:

(1) The event -- or what it is that might happen.

(2) Probability -- or the event's likelihood.

(3) Impact -- how big will the disaster be

(4) Mitigation -- how to risk the possibility of the event

(5) Contingency -- how can a reduction in the effects be realized

(6) Reduction migration X Contingency;

(7) Exposure = Risk -- Reduction. (National Disaster Medical System, nd)

The second step in the risk management process is that of defining the risk management project. Risk exposures include such as land planning decisions, management of financial affairs/investments, changes in state or federal law, dependence on real estate tax base, changes in community economic conditions, as well as natural and human-caused disasters." (National Disaster Medical System, nd)

III. Risk Response

Risk response involves the development and implementing of an action plan that addresses the risks. (National Disaster Medical System, nd) The Risk Institute reports that it is not necessary to have a risk manager in the risk management initiative however, it is critically important that upper management be involved and that the process is organized for analysis of risk and risk response. As well specific risk responsibilities must be assigned and accountability for performance be set out. The culture of the organization must be such that everyone understands risk and their own role in addressing the risk. Risk should be established as a priority and a program mission created and distributed.

The response to risk options is noted in the work of the Office of International Programs, which states those options to include the following:

Unrecognized, unmanaged, or ignored (by default).

Recognized, but no action taken (absorbed by a matter of policy).

Avoided (by taking appropriate steps).

Reduced (by an alternative approach).

Transferred (to others through contract or insurance).

Retained and absorbed (by prudent allowances).

Handled by a combination of the above. (Office of International Programs, 2013)

IV. Risk Management Strategies

The risk management initiative identifies the most appropriate strategy for each risk and designs actions specifically focused toward implementation of that strategy. Strategies are stated to include those as follows:

(1) Avoidance;

(2) Transference;

(3) Mitigation; and (4) Acceptance. (Office of International Programs, 201)

Avoidance involves the changing the project plan in order to bring about an elimination...

This might be achieved through the team "changing scope, adding time, or adding resources." (Office of International Programs, 2013) Transference involves the transferring of the financial impact of risk by the team "contracting out some aspect of the work." (Office of International Programs, 2013) The risk is reduced by use of transference only when the contractor "is more capable to taking steps to reduce the risk and does so." (Office of International Programs, 201)
V. Risk Mitigation

Mitigation involves the team attempting to bring about a reduction in the chances or the results of a risk event to an acceptable level of harm. Steps to mitigate the risk are preferable to going ahead with the risk unmitigated. Acceptance involves the project manager and team accepting certain risks. In other words, the risk is agreed to should it occur. (Office of International Programs, 2013, paraphrased) Risk planning is reported to involve " the thoughtful development, implementation, and monitoring of appropriate risk response strategies" (Office of International Programs, 2013) The plan of action to manage risk involves the development and documentation of an "organized, comprehensive and interactive risk management strategy." (Office of International Programs, 2013, paraphrased) As well, there is a need for a determination of the methods to be utilized in the execution of a risk management strategy and a need to plan for resources of an adequate nature. Risk planning is reported as "interactive and includes describing and scheduling the activities and processes to assess (identify and analyze), mitigate, monitor, and document the risk associated with a project." (Office of International Programs, 2013, paraphrased) Each risk plan should have documentation while the amount of detail will experience variation depending on the specifics of each project. A risk charter is created for formal identification of risk and to develop a list of red flag items. A risk charter is a document comprised of a qualitative or quantititative risk analysis and is a tool used by management in identifying, communicating, and monitoring and control risks. (Office of International Programs, 2013, paraphrased)

VI. Risk Charter

Included in the risk charter are the following components: (1) risk description; (2) status; (3) date identified; (4) project phase; (5) functional assignment; (6) risk trigger; (7) probability of occurrence (by percentage); (8) impact (costs or days); (8) response actions; and (9) responsibility (task manager). (Office of International Programs, 2013) In the field of health care risk management involves consideration of policy options to "accept, minimize or reduce risks and to select and implement appropriate options." (Office of International Programs, 2013) Risk management options in the healthcare and emergency response field may include such as: (1) decontamination; (2) quarantines; (3) cutting and burning; (4) restricted zones; (5) vaccination; and (6) disinfection of vehicles. (Office of International Programs, 2013) Risk communication is reported as "interactive information exchange among risk assessors, risk managers and other stakeholders; and an integral and ongoing part of all stages of risk analysis." (Office of International Programs, 2013)

VII. Risk Management Communication & Contingency Planning

Risk management communication is such that should be decided and agreed upon between those assessing and those managing the risks early in the process of risk management. Linked to risk management is contingency planning which is defined as "the development and maintenance of a framework for responding to suspected and confirmed incidences with significant consequences for public health, safety or welfare e.g. outbreak of exotic human, plant disease or serious food contamination." (Office of International Programs, 2013) Included in contingency planning are the arrangements, structures, systems and individual and group responsibilities." (Office of International Programs, 2013) The focus of contingency planning in risk management is the protection of the health of humans, animals, and plants and reducing economic losses and the disruption of the food supply change. Contingency planning also seeks to protect livelihoods and reduce environmental damage. (Office of International Programs, 2013, paraphrased)

VIII. Risk Management in Justice and Security Organizations

The OECD reports a multi-layered approach to…