Strategic risk management

1

Rejoy.Sirvel

Executive MBA

Email – [email protected]

Table of Contents

1. Executive Summary …………………………………………………………..………..4

2. Introduction to Risk Management ………………………………………….….……..4

2.1 Examples of the drivers of key Risks …………………………………………….…5

3. Types of Possible Risk @ Marriott Sprowston Manor Hotel ……………………….6

3.1 Risk Chart …………………………………………………………………………..10

3.2 Risk Table………………………………………………………………………...…10

4. Purpose of Strategic Plan ……………………………………………………………..13

4.1 Status of Strategy Plan ………………………….…………………………………..13

4.2 Key Issues …………………………………………………………………………..14

5. ERM Framework for Marriott Sprowston Manor Hotel …………………………..15

5.1 Enterprise Risk Management Framework Objectives…………………………...….18

5.2 Enterprise Risk Management Key Concepts ………………………………...……..19

5.3 Implementation of Enterprise Risk Management Process ………………………….21

5.4 ERM Communication and Consultation ………………………………………...…22

5.5 Roles & Responsibilities ………………………………………………………...…23

2

6. Risk Mitigation Action Plan & Responsibilities…………………………………..…24

7. Business Continuity Plan……………………….……………………………………..29

8. Conclusion……………………………………….…………………………………..…30

9. References……………………………………….…………………………………..…30

Table of Figures

Risk Chart -- Figure 1 ……………………………………………………………………..10

ERM Framework -- Figure 2 ……………………………………………………………..15

ERM Process -- Figure 3 ………………………………………………………………….21

Risk Matrix -- Figure 4 ……………………………………………………………………22

3

1. Executive Summary

This report has designed a strategic risk management plan for Marriott Sprowston Manor Hotel

in Norwich. The objective of the strategic risk management plan is to manage the Hotel risk

swiftly and effectively to an interruption to normal business operations, protecting the associates

and assets of the hotel, and ensuring the continuity of critical business functions.

Enterprise risk management framework is used as a strategy to develop the plan for Hotel to deal

with risk and opportunities by enterprise risk management process. Enterprise risk management

process helps to ensure effective reporting and compliance with laws and regulations, and helps

avoid damage to the business reputation and associated consequences. This report shows how

enterprise risk management helps the Hotel to achieve its objectives and get to where it wants to

go and avoid pitfalls and surprises along the way.

2. Introduction to Risk Management

Risk can be defined as combination of the probability of an event and its consequences. In all

types of understanding, there is the potential for events and consequences that constitute

opportunities for benefit and threats to success.

Risk Management is increasingly recognized as being concerned with both positive and negative

aspects of risk. Therefore this standard considers risk from both perspectives.

Risk Management is a central part of any organizations strategic management. It is the process

whereby organizations methodically address the risks attaching to their activities with the goal of

achieving sustained benefit within each activity and across the portfolio of all activities.

The focus of good risk management is the identification and treatment of these risks. Its

objective is to add maximum sustainable value to all the activities of the organization. It

4

increases the probability of success, and reduces both the probability of failure and the

uncertainty of achieving the organizations overall objectives.

It must be integrated into the culture of the organization with an effective policy and a

programme led by the most senior management. It must translate the strategy into tactical and

operational objectives, assigning responsibility throughout the organization with each manager

and employee responsible for the management of risk as part of their job description. It supports

accountability, performance measurement and reward, thus promoting operational efficiency at

all levels.

2.1 Examples of the drivers of key Risks

Financial Risk

Externally Driven

Interest Rates

Foreign Exchange

Credit

Internally Driven

Liquidity & Cash Flow

Accounting Controls

Strategic RisksExternally Driven

Competition

Customer Changes

Industry Changes

Customer Demand

Internally Driven

Research & Development

Operational Risk

Externally Driven

Regulations

Culture

Internally Driven

Hazard Risks

Externally Driven

Natural Events

Environment

Suppliers

5

Information Systems / Supply Chain Internally Driven - - Products & Services

3. Types of Possible Risk @ Marriott Sprowston Manor Hotel

There are various ways to think about risk, and one of the more comprehensive approaches to

categorize risks into four quadrants

A. Financial Risk

Financial risk for the hotel concerns money, including capital availability, cash-flow

management, investment evaluation and credit default. Following types of financial risk;

Global Economic Crisis Risk

Economic conditions continue to challenge hotel to achieve business and profit margins. Due to

economic downturn it is becoming difficult for the hotel to maintain Marriott brand as a lesser

amount of capital given to run the operation. As lack of spending by customers has created a big

risk to the hotel to achieve targeted sales and revenue to run the hotel. Example - The new

government plans of budget cuts in public sector has affected hotel adversely, as public sector

such as Norfolk county council do not hold any events or conferences at the hotel. This has taken

off a huge profit making business of the hotel. While the global economy is not a free fall as it

was, it will be a challenge for the hotel to remain profitable and successful in next 5 years.

B. Strategic Risk

Strategic risk arises out of volatility in the hospitality industry, market changes and challenges to

brand and reputation; may include leadership, competition and owner. Following types of

strategic risk;

Competition Risk

Increasing number of competitors in Norfolk has created a significant risk to the hotel. It is

important for Marriott to perform well and to be competitive in fast growing market. Norfolk

6

have number of different branded hotels providing high quality of service to guest and offering

competitive rates to customers to achieve business. Due to increasing competition in Norfolk the

business at hotel is declining and it’s has created more complexity for Marriott to attract more

customers and gain business. Because of the recession corporate companies are spending less

and looking to move their business to different hotels for possible competitive rates. It will be a

challenge for Marriott to gain more business and remain competitive in increasing competition.

Reputational Risk

Managing reputational risk is a paramount concern for any organization that has valuable brands;

and brand value is the one of the most important asset. Reputation is very significant for the hotel

to be competitive in fast growing market. Reputation risk is becoming a key source of

competitive advantage as products / services become less differentiated. Failure to provide high

quality of service according to set Marriott brand standards and dissatisfying customer needs

could impair bad hotel reputation. It’s very important for the hotel to focus on how to enhance

and protect that asset

C. Operational Risk

Operational risk arises out of the daily operations at the hotel and, ultimately, affects bottom line;

includes the traditionally insurable risks, such as fire, natural disasters, guest and associate

injuries and theft at the hotel; also include many uninsurable risks, such as guest and employee

satisfaction, information security and efficiency in operating the hotel. Following types of

operational risk;

Technology Risk

A failure to keep pace with developments in technology could damage operation or competitive

position. Hospitality industry continue to demand the use of sophisticated technology and

systems, including those used for reservation, revenue management and property management

systems and technologies that are available for guest during their stay. These technologies and

systems must be refined, updated or replaced with more advanced systems on a regular basis. If

7

hotel is unable to do so as quickly as competitors or within budgeted costs then business could

suffer.

Increasing Cost Risk

High inflation rate and changes in tax and other laws and regulations could reduce profit

margins, and increase the hotel running cost. Example - Food prices are increasing dramatically

which has become difficult for the hotel to achieve food cost of sales. According to Marriott

standards it is very important for the hotel to deliver high quality of food to guest and meet

expectations. It has become inflexible for hotel to control the cost of sales and achieve targeted

profit margins. Due to increasing cost and limited budget to spend, it will be a challenge for the

hotel to sustain profit margins.

Associates (Employees) Risk

If Marriott cannot attract and retain talented associates then business could suffer. Marriott

compete with other companies both within and outside of industry for talented personnel. If

unable to recruit, train, develop, and retain sufficient numbers of talented associates, hotel could

experience increased associate turnover, decreased guest satisfaction, low morale, inefficiency,

or internal control failures, Insufficient numbers of talented associate could also limit the ability

to grow and expand business.

Hazards Risk

Hotels. Large or small, rural or city based, can be hazardous places. The following details

highlight some of the hazards and risks that might exist in hotel. They are by no means

exhaustive and will vary depending on the particular business.

8

Main Types of Hazards

1. Natural Hazards

Flooding

Fire

Earthquakes

Tornadoes

Hurricanes

Winter storms

2. Technical Hazards

Power failure/fluctuation

HVAC failure

Computer hardware failure

Computer software failure

Gas leaks

Transportation accidents (chemical/bio-

hazard spills)

D. Compliance Risk

Compliance risk such as traditional contract and regulatory compliance; also focuses on accurate

and timely financial reporting, adherence to company policies, and workplace health and safety.

It’s Important for a risk manager to manage the hotel’s risk productively. In doing so, it

can make difference in hotel’s bottom line, while at the same time protecting the reputation

of Marriott brand.

9

3.1 Risk Chart

Figure 1

3.2 Risk Table

Numbers

Types of Risk

Impact / Likelihood

A

Financial Crisis

Global Economic Crisis

Risk

Very High / Almost Certain

A.

B.

C.

D.

10

B

Strategic Risk

Competition Risk

Reputational Risk

High / Likely

C

Operational Risk

Technology Risk


Associate (Employee) Risk

Hazards Risk

Very High / likely

D

Compliance Risk

High / Moderate

A. Examples of range of operating risk common to the Hotel.

The profitability of the hotels that may be adversely affected by a number of factors that includes

Pricing strategies of competitors

The availability of and demand for hotel rooms

International, national and regional economic and geopolitical conditions

The impact of war, actual or threatened terrorist activity and heightened travel security

measures instituted in response to war, terrorist activity or threats

The desirability of particular locations and changes in travel patterns

The occurrence of natural disasters, such as earthquakes, tsunamis, and hurricanes

Taxes and government regulations that influence or determine wages, prices, interest

rates, construction procedures and costs

11

The availability and cost of capital to allow hotel and potential hotel owners and joint

venture partners to fund investments

Regional and national development of competing properties

Foreign currency exchange fluctuations

Increases in wages and other labor costs, energy, healthcare, insurance, transportation and

fuel and other expenses

B. Examples of risk (incidents) that cause direct and indirect disruptions to the

Hotel business

Disruption to hotel business can occur through many Direct & in-Direct means

Whilst intentional security related incidents such as Criminal & Terrorism, many other

serious disruptions are created though unintentional Accidental, Climate or

Environmental incidents and disasters

An organization may become a ‘Proximity Victim’ from an un – related external threat or

incident

Direct Disruption Examples

Crime/Fraud/ Terrorism

Fire

Flooding

Bomb threat

IT Failure

Power Outage

High Security Alert

Industrial Action

Indirect Disruption Examples

External Financial Crisis

Pandemic Issue

Currency Fluctuation

Legislative Practices

Adverse Weather Conditions

Transport Disruptions

4. Purpose of Strategic Plan

12

The Strategic plan aims to identify the main objectives and activities that Marriott Sprowston

Manor Hotel will focus on over the next five years.

The most significant issues to be addressed are:-

The development of a risk culture

The integration of ‘risk’ as a factor in decision making

The importance of the risk management system to the future viability of the Hotel

Key recommendations are:-

That Marriott Approve the strategy plan.

4.1 Status of Strategy Plan

Basic information about the strategy is contained in the table.

Strategy effective from this date Jan 2011

Strategy Covers this period Jan 2011 to Jan 2016

Strategy approved by General Manager / Cluster GM

Strategy to be adopted by the Hotel Jan 2011

Person Accountable for this strategy Human Resources Manager

1st Person to contact about this strategy Human Resources Manager

Stakeholders to consult with (minimum) GM, Executive Directors, Managers, Staff

Performance will be reported through Management Plan

This strategy must be reviewed at least Annually

This Plan is an integral support document for the organization and guide for the Hotel and policy

making in the area of risk management.

4.2 Key Issues

13

Strengths :-

Well Managed

Financially Sound operation

More awareness of risk management

standards over recent years

Regular committee meetings

Opportunities :-

integration of current systems with risk

management

Utilization of talented staff

Weaknesses :-

Process documentation in risk

management is lacking

Lack of knowledge at a supervisor level

regarding risk management

Resources appear to be inadequate in

the risk management areas

Recording important information

Threats :-

Bad risk may occur due to lack of

process documentation

Poor Decision making as a result of not

enough emphasis on risk analysis

Risk of bad reputation as not

maintaining the brand standards.

5. ERM Framework for Marriott Sprowston Manor Hotel

14

ERM Framework -- Figure 2

This enterprise risk management strategy is chosen for the Marriott Sprowston Manor hotel to

deal with risks and opportunities and to manage risk by enterprise risk management process.

With the enterprise risk management framework, it will enable Marriott to mitigate risk for the

smooth flow of business.

Risk Management is important to the operations of the hotel. The identification, assessment and

control of all risks are important to the successful achievement of the hotel’s vision and mission.

An important part of the enterprise risk management strategy is the development of processes for

the smooth flow of business. As a Marriott brand it is important for the hotel to maintain the

standards and provide high quality of service to customer, and maintain the reputation risk.

Marriott Sprowston Hotel is subject to various risks that could have a negative effect on the

company and its financial condition. Marriott considers the skills, resources and technology

required to manage and monitor risk exposures in the context of risk appetite. It does this by

helping staff to understand the relative significance of the risks faced by the hotel and thus better

priorities risk monitoring and control activities. The aim of the plan is to plot the risk for the

hotel for next 5 years that might impact on adverse incidents and may interrupt normal business

15

operations. This plan will show the implementation of strategies in hotel operation for efficient

flow during the 5 years period.

Example --

Marriott recognizes that it is too late to plan an effective response to an adverse incident

and resulting business interruption once the incident has occurred.

The extraordinary events that have occurred since September 2001 have only served to re

emphasize the need and to be prepared to respond to old as well as new challenges to the

world in which it operate. As the old adage tells, ‘Failing to Prepare is Preparing to Fail’

Enterprise business risk is defined as threats to the organization's capability to achieve its

objectives and execute its business strategies successfully. The organization's value creation

objectives define the context for management's determination of risk management goals and

objectives which, in turn, drive and focus the process of managing business risk.

The top face of the cube in figure 2 indicates that enterprise risk management spans the

hotels decision making process both strategically and it’s day to day operation. Enterprise

risk management is also integrated into the hotel’s reporting structure and all that it does

to meet compliance. The right hand side of the cube demonstrates that enterprise risk

management is considered throughout all levels of the hotel. The eight interrelated

components represented on the front face of the cube form the basis for establishing and

putting enterprise risk management into practice at the hotel. Each component is described

in more detail as follows;

Internal Environment – The internal environment comprises the Hotel’s history, culture,

values, organizational structure, strategy, policies and procedures. It forms the foundation for

16

defining the hotel’s risk approach and risk appetite.

Objective Setting – The objective setting is the process of determining the strategic objectives

for the Hotel and its risk strategy. The Hotel’s risk tolerance and the alignment between its risk

appetite and its objectives form part of the overall hotel strategy.

Event Identification – Event identification describes those developments either or external to

the Hotel that could significantly affect its ability to meet its strategic objectives, either

positively or negatively. In order to assure that the full scope of the Hotel is considered, event

and trend identification is done broadly engaging the management team.

Risk Assessment – Risk Assessment describes the extent to which potential events and trends

might affect Hotel’s objectives. Events and trends are assessed by two criteria – impact and

likelihood. Risk assessment can be done by qualitative or quantitative methods. Inherent and

residual risk assessments are employed. Both positive and negative impacts of events should be

examined.

Risk Response – The risk response is assessed for each risk event and trend by considering the

Hotel’s risk tolerance. Typical risk responses considered for a risk event include avoidance,

reduction, transferring, sharing or acceptance.

Control Activities – Control activities include the policies, procedures, reporting and initiatives

performed by the Hotel to ensure that the desired risk response is carried out. These activities

take place at all levels and functions of the hotel.

Information and Communication – Hotel information and communication regarding risk

management is identified, captured and communicated broadly to enable all personnel to deliver

on their responsibilities.

17

Monitoring – Monitoring refers to managing risk in the course of day to day operations.

Periodic evaluations where management defines the scope, methodology and frequency are done

to ensure currency of information in the Hotel business.

Enterprise risk management is not strictly a serial process, where one component affects only the

next. It is a multinational, iterative process in which almost any component can and does

influence another.

5.1 Enterprise Risk Management Framework Objectives

Enterprise risk management through the application of the framework objectives aids in the

achievement of the Hotel strategic priorities and advances the management practices at the hotel

specially, the ERM framework objectives are to:

A. Incorporate a consistent approach to risk management into the culture and strategic planning

process of the hotel, supporting the setting of priorities and making of decision making at the

management level within the operation.

B. Apply a consistent approach to risk response and control activities to support the hotel

governance responsibilities for innovation and responsible risk taking, policy development,

programs and objectives. In all cases appropriate measures will be put in place to address

unfavorable impacts from risks and favorable benefits from opportunities.

C. Manage a transparent approach to risk through formal and informal communication and

monitoring of all key risks, balancing the cost of managing the risk with the anticipated benefit.

Risk management practices will be adapted to encompass best practices, specific circumstances

and mandate.

5.2 Enterprise Risk Management Key Concepts

18

A hotel has complicated operations generating a risk that is broad and diverse. Risk is defined as

those potential events and trends that may significantly affect the hotel’s ability to achieve its

strategic goals or maintain its operation either positively or negatively. Once the event or trend

happens, it is no longer a risk; rather it is an issue for the hotel to deal with.

Good Managers address risk by implicitly building it into their programming and decision

making. The enterprise risk management framework is a methodology that formalizes risk

management and provides an all encompassing view of risk in order to aid in the operation of the

hotel.

A. The enterprise risk manager facilitates achieving the hotel’s strategic objectives by bringing a

systematic approach to evaluating and improving the effectiveness of risk management and

control.

B. All risks facing the hotel whether quantifiable or not is to be considered. Several types of risk

that are not easily quantified can potentially hold significant impact on a hotel, e.g. reputation,

customer experience.

C. All risks facing the hotel will be evaluated based on the likelihood of the risk occurring as

well as the impact on the Hotel if the risk event were to occur. The likelihood and impact of each

risks is evaluated both at an inherent (without Management) and residual (with Management)

level.

D. The following elements are essential when managing risk:-

1. Assurance: - Stakeholders are assured that risk is being managed within the hotel’s risk

tolerance and receive information regarding the quality and type of control in place.

2. Oversight and responsibility: - All critical risks facing the hotel have been identified,

managed and reported on at a level and frequency that support the hotel’s risk tolerance.

19

3. Ownership: - Risks owners are assigned and understand their responsibility for management,

oversight and assurance.

E. Risk response for identified risks will be assessed according to the hotel’s risk appetite.

The Five possible risk responses are to:-

o Avoid (eliminate) the risk;

o Reduce (mitigate) the risk;

o Transfer the risk (e.g. insurance);

o Share the risk; or,

o Accept the risk.

F. A formal or informal evaluation of risk will be considered depending on the scope of the

decision or action taken at the Hotel. This will be done both at the onset and throughout the life

of the decision or action. Where applicable and quantifiable, the expected cost of the risk will be

considered in the business case used in the decision and evaluation process.

G. There will be a desire to learn from events that have transpired – the risk management process

is a cycle where experience providers key information for new decision and actions. Open and

appropriate communication of results and lessons learned is required to facilitate learning.

H. The hotel business risk will be evaluated annually. New risks will be considered. Risks no

longer relevant will be removed. The risk will be refreshed by rating the likelihood and impact

for each risk. The information is used to prioritize the risks and this in turn flows into the Hotel’s

business planning cycle.

5.3 Implementation of Enterprise Risk Management Process

The hotel process for risk management is shown below in figure 3 and is simply a flow chart of

expression of the front face of the cube shown in Figure 2. The process is continues and can be

applied at the hotel business level.

20

ERM Process -- Figure 3

A. ERM Risk Matrix and corresponding Management Action

Risk is evaluated by two criteria – likelihood and Impact. Figure 4 displays a matrix that

graphically represents impact and likelihood of each risk, as well as the corresponding

Management action. The Color gradient from green (low) to red (high) provides a comparative

level of priority when evaluating the hotel’s risk. The matrix is used to evaluate risk at the

inherent (without management) and residual (with management) levels. The corresponding

Management action suggests the appropriate response for risk assessed in that area of the matrix.

B. Risk Matrix and Corresponding Management Action

Impact

Significant

Considerable

management

required

Must manage

and

monitor risks

Extensive

management

essential

Moderate

Risks may be

worth

Management

effort

Management

effort

Risk Management Actions

Objective

setting

Internal

Environment

Event

identification

Risk

Response

Risk

Assessment

Information /

Communicati

on

Control

Activities

Monitoring

21

accepting with

monitoring

worthwhile required

Minor

Accept

risk

Accept,

but monitor

risk

Manage and

monitor

risks

Low

36 month

Medium

18 to 36 months

High

12-18 months

Risk Matrix -- Figure 4

5.4 ERM Communication and Consultation

Effective enterprise risk management requires information to be obtained of the hotel for

identifying, assessing and responding risk. Consultation will be as broad as possible within the

hotel business and use a variety of approaches. Hotel personnel will be encouraged to identify

risks that are both internal and external to the business. The knowledge gained through ERM will

be communicated in a relevant form and timeframe enabling Hotel personnel to carry out their

responsibilities while incorporating risk management.

5.5 Roles & Responsibilities

Everyone in an entity has some responsibility for enterprise risk management. The general

manager of the hotel is ultimately responsible and should assume ownership. Other Managers

support the hotel’s risk management philosophy; promote compliance with its risk appetite and

mange risks within their spheres of responsibility consistent with risk tolerance. A risk officer,

financial officer, internal auditor and others usually have key support responsibilities. Other

entity personnel are responsible for executing enterprise risk management in accordance with

established directives and protocols. The general manager provides important oversight to

enterprise risk management, and is aware of and concurs with the entity’s risk appetite. A

number of external parties, such as customers, vendors, business partners, external auditors,

regulators and financial analysts often provide information useful in effecting enterprise risk

Likelihood

22

management, but they are not responsible for the effectiveness of, nor are they a part of, the

entity’s enterprise risk management.

Position Responsibilities

General Manager

The General Manager should discuss with the Executive Directors the

state of the hotel’s enterprise risk management and provide oversight

as needed. The GM should ensure it is apprised of the most significant

risks, along with actions management is taking and how it is ensuring

effective enterprise risk management. The General Manager should

consider seeking input from internal auditors and external auditors and

others.

Executive Directors

The study suggests that Executive Directors assess the hotels

enterprise risk management capabilities. In one approach the

Executive Directors brings together business unit heads and key

functional staff to discuss an initial assessment of enterprise risk

management capabilities and effectiveness. Whatever its form, an

initial assessment should determine whether there is a need for and

how to proceed with, a broader, more in dept evaluation.

Managers & other

Personnel’s

Managers and other Personnel should consider how they are

conducting their responsibilities in light of this framework and discuss

with more senior personnel ideas for strengthening enterprise risk

management. Internal auditors should consider the breadth of their

focus on enterprise risk management.

With this foundation for mutual understanding, all parties will be able to speak a common

language and communicate more effectively. Management will be positioned to assess the hotel

enterprise risk management process against a standard, and strengthen the process and move the

enterprise toward established goals.

6. Risk Mitigation Action Plan & Responsibilities

23

Focus Area & Actions Who When

A. Financial Risk :-

Economic and Financial Crisis Risk

To enhance technology and revenue

management tool that will enable to

monitor and respond quickly to the

changing landscape

Reduce investment in business

expansion

To preserve profit margin lines by

driving revenue, increasing market

share and managing costs and debt,

this is important to keep the business

healthy and preserve as many jobs as

possible.

Develop promotions and sales

strategies to help hotel to drive

incremental revenue and capture

greater market share

Cancel bonuses of all head of

departments within the hotel that will

General Manager / Executive

Directors


Directors


Directors

General Manager / Director

of Sales

General Manager / Finance

01/11 / Review

between Jan

2011 – Jan

2016)

Annually

Review between

(Jan2011 – Jan

2016)

Quarterly

Review between

(Jan 2011 – Jan

2016)

Monthly review

between (Jan

2011 – Jan

2016)

Annually

Review between

24

help to cover the debt

Director (Jan 2011 – Jan

2016)

B. Strategic Risk :-

Competition Risk

Implement pricing strategy tool and

offer competitive prices to customers

Develop effective marketing plan to

be successful in the competitive

market

To understand strengths &

weaknesses of the hotels in

competitive set and classify the hotels

unique features to sell the product and

winning the competition

To offer discounted rates to customer

to gain business

Provide high quality and standard

service to customers and satisfy needs

in order to be competitive in market.

Reputational Risk

Develop good brand image in order to

be competitive in market


Directors

Director of Sales

Director of Sales/ Sales

Executive / Sales Team


Directors

Managers / Team Leaders


01/11 / Review

Between (Jan

2011 – Jan

2016)

Annually

review between

(Jan 2011 – Jan

2016)

Quarterly

review between

(Jan 2011 – Jan

2016 )

Monthly review

between (Jan

2011 – Jan 2016

Daily review

between (Jan

2011 – Jan

2016)

Regular review

between (Jan

25

Provide high quality of service to

guest and satisfy needs for excellent

reputation

Manage guest complaints effectively

so it doesn’t affect the reputation

Directors

Hotel Associates


Directors

2011 – Jan 2016

Regular review

between (Jan

2011 – Jan 2016

Regular review

between (Jan

2011 – Jan 2016

C. Operational Risk :-

Technology Risk

Improve technology and systems, and

update or replace to advanced system

on regular basis

Provide training to all the associates

and its importance for business


Implement tool to minimize cost and

to increase revenue

Review and control costs for smooth

functioning of business and to meet

profit margin line.

To reduce capital expenditure and

other miscellaneous costs

Associates (Employees) Risk

Information Resources

Manager

Information Resources

Manager


of Finance


of Finance


of Finance

Regular review

between (Jan

2011 – Jan 2016

Regular review

between (Jan

2011 – Jan 2016

01/11/ review

between (Jan

2011 – Jan 2016

Regular review

between (Jan

2011 – Jan 2016

Annually

review between

(Jan 2011 – Jan

26

Hire talented associates for business

development

Provide training to associates on

regular intervals to offer standardized

service and satisfy customer

expectations

To look after associates and in turn

associates will look after customers

and increase business

Hazard Risk

Implement policies and procedures to

minimize harm to associates and

visitors and to control and mitigate

damage to property and equipment

Procedures for evacuation and

assembly point at hotel

Implement Procedures to contain the

operational, service and public image

impacts of an adverse incident and to

manage and communicate information

regarding the incident.


Directors


Director

Loss & Prevention Director

2016)

Regular review

between (Jan

2011 – Jan

2016)

Regular review

between (Jan

2011 – Jan

2016)

01/11 / review

between (Jan

2011 – Jan

2016)

27

D. Compliance Risk :-

Policies & procedures to ensure health

safety standards are maintained

Conduct Health & Safety audit to

meet the compliance

Loss & Prevention Director

Quarterly

review between

(Jan 2011 – Jan

2016)

7. Business Continuity Plan

Business continuity plan is a strategic plan that can also be used to manage risk and achieving

goals & objectives of the hotel.

Business Continuity Planning can be defined as a process which provides for the continuation of

critical business functions regardless of any event (called an Adverse Incident) that may interrupt

normal business operations. In the words the Company's Business Continuity is:

A process that can be implemented by Marriott management to ensure that Adverse Incidents are

responded to appropriately and timely, and, if the Adverse Incidents result in a business

interruption, to ensure the timely resumption of Mission Critical processes in a prioritized and

pre-planned manner.

Marriott's can compose a Business Continuity Program in four interdependent components,

which can together ensure a timely and appropriate response to an Adverse Incident:

A. Emergency Response: –

Procedures to minimize harm to customers and associates and damage to facilities and

equipment

B. Crisis Management:-

Procedures to contain the operational, service and public image impacts of an Adverse Incident

and manage and communicate information.

28

C. Disaster Recovery: -

Procedures to ensure the availability of mission critical computer systems, applications and

telecommunications

D. Business Resumption:-

Procedures to ensure the continuity and/or resumption of business operations in the event of a

partial or complete closure of a Marriott-managed property or corporate office.

The above four components will enable Marriott hotel to respond swiftly and effectively to an

interruption to normal business operation, protecting associates and assets, and ensuring the

continuity of critical business functions.

8. Conclusion

This report has developed the strategic risk management plan for Marriott Sprowston Manor

hotel to manage the hotel business risk and mitigating the risk. The main aim was to devise a

strategic risk management plan for next 5 years. The pan has developed an Enterprise risk

management strategy to respond the hotel risk effectively within a specific risk category.

Every step has taken to ensure that there was continuity throughout the whole plan and each risk

management elements are explained in detail. This will enable to understand each and every step

of risk management plan clearly. Continue assessment of all the modes will make the strategic

risk management plan successful and protect the Marriott brand in the fast growing hospitality

industry.

9. References

1. Strategic Risk – Risk management & different types of risk in business – (Viewed 24th

Nov)

<http://www.strategicrisk.co.uk/>

http://www.strategicrisk.co.uk/

29

2. The Risk Management Universe: A Guided Tour by David Hillson – Risk management

best practices and future development, understanding risk, (Viewed Nov 2010)

3. World Economic Forum – Global Risk Report 2010 – (Viewed 26rd

Nov 2010)

<http://www.weforum.org/en/initiatives/globalrisk2010//index.htm>

4. IRM -- Risk Management Standard – (Viewed 28th

Nov, 2010)

<http://www.theirm.org/publications/documents/Risk_Management_Standard_030820.pdf

5. Enterprise Risk Management – Integrated Framework - (Viewed 29th

Nov 2010)

<http://www.idkk.gov.tr/>

6. Marriott Global Source MGS – Risk Management Strategy and Process – (Viewed 1st

Dec 2010)

<http://extranet.marriott.com>

7. Lecture Notes

http://www.weforum.org/en/initiatives/globalrisk2010/index.htm

http://www.theirm.org/publications/documents/Risk_Management_Standard_030820.pdf

http://www.idkk.gov.tr/

http://extranet.marriott.com/