Risk Management

Risk is the occurrence of an event that has some consequences. A vulnerability or exposure is a weakness that enables a risk to have an impact. Controls are measures that mitigate the impact of an event or stop it from having an effect. The probability of a risk is its likelihood of occurrence (e.g., a 60 percent chance of happening). The impact of a risk is its degree of influence (e.g., minor, major) on the execution of a process, project, or system.

The basic idea is to have controls in place that minimize the negative consequences of a "bad" outsourcing agreement, known as risk management.

Risk management consists of three closely related actions:

Risk identification Risk analysis

Risk control

Risk identification is identifying risks that confront a system or project. Risk analysis is analyzing data collected about risks, including their impact and probability of occurrence. Risk control is identifying and verifying the existence of measures to lessen or prevent the impact of a risk.

Risk management for outsourcing agreements offers several advantages. It enables identifying potential problems with agreements. It enables developing appropriate responses to those problems. Finally, it helps to better identify mission-critical functions to retain and others to outsource.

Despite the advantages of risk management, there several reasons why it is not done. One, it is viewed as an administrative burden. Two, the understanding and skills for conducting risk management are not readily available. Finally, the information required to do risk management is not available.

There are several keys to effective risk management. Risk management is best performed as early as possible, preferably before signing an agreement. It requires identifying and clarifying assumptions and addressing key issues early. It requires having the right people involved with the outsourcing agreement, such as subject matter experts knowledgeable about key issues.

One final caveat. Risk management is not a one-time occurrence. It must be done continuously. The reason is that risk management involves taking a snapshot in time and using it to anticipate what might happen in the future. The conditions of an environment, however, may be extremely dynamic and may challenge the validity of assumptions incorporated when managing risk. Hence, it is wise to continuously revalidate risk management before, during, and after negotiating an outsourcing agreement.

Understanding Outsourcing

Understanding Outsourcing

If you can answer yes to the following questions you'll want to get your hands on the Understanding Outsourcing Crash Course Package! Have you been looking for a great way to get more subscribers? Do you constantly seek quality information to provide to your readers? Have you been looking for a way to quickly increase awareness, traffic and profits for your business?

Get My Free Ebook

Post a comment