Risk Managt

8/13/2019 Risk Managt

1/40


2/40

14.1 Activities to Risk Assessment 30

14.1.1 Activity One: Look for the hazards 31

14.1.2 Activity Two: Decide who might be harmed and how? 31

14.1.3 Activity Three: Evaluate the risk 32

14.1.4 Activity Four: Record your findings 32

14.1.5 Activity Five: Review your assessment 33

15.0 Risk management in chemical manufacturing unit 34

16.0 Data Analysis 35

17.0 Risk management Process in the Chemical manufacturing Unit 37

Chapter 4 41-45

18.0 Findings & suggestions 42

19.0 Final recommendations 43

20.0 Bibliography 44

1.0 Introduction

Risk management embraces the efforts taken to minimize the impact of uncertain events. Risk

management can be defined as Identification, analysis & economic control of those risks which

can threaten to the assets or the earning capacity of an enterprise.

The definition has focused three fold nature of risk management; firstly risk must be identified before

measured; only after their impact has been evaluated, one can decide on the most effective method of

control. Cost of control of risk must be commensurate with the benefit expected to be derived.

It also mentions the assets and the earning capacity of the organization. These assets can be human or

physical; they are both important and risk management must be seen to have a part to play in both.


3/40

However, risks do not strike at assets directly and for this reason the definition also mentions the

earning capacity of an enterprise.

The emphasis of the risk management is on reducing the cost of handling risk by whatever means

that are considered most appropriate and insurance is viewed as simply one of the several approaches

for minimizing the pure risks the firm faces.

2. Objective of this report is to study concepts of risk management and its importance. It also includes

different activities involved in risk management as well as risk management process for Industrial

manufacturing plant.

Additionally, report will include Potential risk analysis, controlling aspects of risk exposure key

features of to be addressed in changing environment.

This report will be containing suggestions & recommendations

3.0 Need of the project

Risk management is relatively new and its precise boundaries are still debated. Some basic concepts

of risk to analyze the nature & the cost associated with it & to see how the risk can be managed

Insurance company can perform much better if there are no claims or few claims. In order to

minimize the claims company should accept the premium by proper analysis of the risks associated

with the proposal.


4/40

Chemicals have become a part of our life, they sustain many of our day-to-day activities, preventing

and controlling diseases, and increasing agricultural productivity. At least one thousand new

chemicals enter the market every year, and about 100000 chemical substances are used on a global

scale. These chemicals are mostly found as mixtures in commercial products. Over one million such

products or trade names are available.

4.0 Scope of the project:

The study reveals all the major aspects of risk management and their implications. Study entangles

possible factor for identifying a risk and its type. Research provides metrics to summarize specific

activities in risk management which in-turn helps an organization to identify mitigate and avoid risk.

Study covers all the major aspect of risk management in Chemical Industries.

5.0 Research methodology

The information upon which the report has been based has mainly been collected from secondary

sources. Most of the facts and figures originate from desk research of publicly available data.

These sources were:

1. Books of Insurance Institute of India

Risk Management -(IC-86)

Principles of Insurance -(IC-01)

General Insurance -(IC-36)

2. The Public liability Insurance act 1991

3. The Public liability Insurance act 1991.

4. Survey of the NUS business school under title Singapore companies recognize


5/40

importance of the risk management but many not matching this with action.

5. Survey of Ernst & Young Risk management in India in 2008-09

6.0 Limitations of the project

The project is based purely on the literature survey and does not include any practical experiences of

chemical company. I could not visit any chemical company and was unable to get in touch with plant

specific risks to which chemical plants are subjected to. Another major limitation of this project is

that the author has reviewed publically available material and author could only peep through

published materials.

Results of the project could be biased towards the chemical manufacturing plants and since risk

management is a universal phenomenon across all industries, generalization of results might become

slightly difficult. Also, the risk analysis is based purely from the Insurance company point of view

and does not involve any intangible risks. Study could not involve any technical analysis and was

purely based on statistics.

Chp 2

7.0 Company Profile:

Universal Sompo General Insurance Company Ltd. (USGI) is an first of its kind public

private partnership in Public-Private Partnership in Indian General Insurance Industry with

capatilization of 235 cr. including share premium.

The company has received license from Insurance regulatory & Development Authority (IRDA)

in November 2007.

Three of the Indian partners are leading banks with a combined asset base of Rs. 2, 46,088

crores and over 4800 branches and distribution centers. Plus the 4th largest FMCG Company in

India with over 15 million retail outlets. The JV partners will extend their vast distribution reach


6/40

and customer base for soliciting our bouquet of non-life insurance business. In addition, the

company's distribution network will also consist of brokers, agents and focused below the line

direct marketing promotions.

Shareholding Pattern :

Allahabad Bank (National) - 30%

Indian Overseas Bank (National) - 19%

Karnataka Bank (Private) - 15%

Dabur Investment - 10%

Sompo Japan Inc. - 26%

Sompo Japan Insurance Inc. Headquartered in Tokyo, is a Fortune 500 Company with a capital

of 70 billion yen, is present in 27 countries - has over 16,905 employees and 54,282 agents and

its total premium income for 2008 - 2009 was in excess of (equivalent to) US$17.9 bn twice that

of the Indian General insurance industry.

Company have further plan to open up 21 branches by the end of FY 2010-11 there by giving

rise to the total number of branches to 61 including existing network of 40 operating

corporate/regional/branch offices.

The company is present across almost all product lines, classified into five major classes:

Property, Marine, General Accident, Workmen Compensation and Motor.

Company has filed 18 products for approval to IRDA in 2010-11.

Company clientele base include Airport authority of India Airports Authority of India

,DaburIndia,DOW Chemical, Hitachi Group, Honda Motorcycles &Scooters India Pvt.

Ltd,Honda SielCars India Ltd,Jaquar&Co. Ltd.,JindalSteel & Power Ltd,MarutiSuzuki India

Ltd.,Reliance Industries Ltd,Renault Nissan Technology, Suzuki Motor Cycle India


7/40

PvtLtd,Unison Hotels Ltd (Hotel Grand),Yutaka Auto parts India

8.0 Organization Chart:

Chp 3

9.0 Concept of risk:

Risk:

Risk can be defined as the combination of the probability of an event and its consequences (ISO/IEC

Guide 73). In all types of undertaking, there is the potential for events and consequences that

constitute opportunities for benefit (upside) or threats to success (downside)

OR

Uncertainty event at future that not only influence the income of a business entity but also can

determine the alive or die it entity

Characteristics of risk

Uncertainty

Concerning Loss

Classification of Risk:

Pure risk : It is used to designate those situations that involve the chance of loss

Or no loss e.g. - Fire, Robbery & disaster

Speculative risk : It is the situation where there is possibility of gain

e.g. - gambling, investment & decision

Fundamental risk : These involve losses that are impersonal in origin .They are group risks,

these risks leads to many consequences e.g.- unemployment , Inflation, Earthquake

Particular risk : These include losses that are arise out of individual events & are felt by

rather than individuals rather than by entire group e.g. - burning of house & robbery of a


8/40

bank.

Dynamic risk: Dynamic risks are those resulting from the changes in the economy. These

dynamic risks normally benefit society over a long period of time since they are result of

adjustments to the misallocation of resources.

Static risks: It involves those losses that occur even if there is no change in the economy.

Static losses tend to occur with degree of regularity over time & are predictable. Unlike

dynamic risk, static risk is not a source of gain to the society. Some individuals suffer

financial loss due to perils of nature & dishonesty of the individuals.

Transferable risk : These include all the risks which can be transferred to another person

or entity e.g. Pure risks

Non transferable risk : These include all the risks which cannot be transferred to another

person or entity e.g. Speculative Risks

Internal risk: It includes all the risks within organization e.g. - In 2006 July Associated Press

reported that a secretary working at Coke's head office in Atlanta." is accused of helping two

men steal trade secrets from her employer and try to sell them to rival PepsiCo Inc."

External risk: These include all the risks that are produced by a non human source and are

beyond human control.

(Source - Giddens, Anthony (1999). Risk and Responsibility. Modern Law Journal, Vol. 62 No. 1, p. 4)

Peril and Hazard:

Peril: A Peril is a cause of loss or a situation of serious and immediate danger. e.g. - fire, windstorm,

theft.

Hazard: It is a chance of suffering from danger or peril which may increase profitability of loss.


9/40

There are two types of hazard:

1. Physical Hazard: It consists of those physical conditions that increase the chance of loss from

any Peril e.g.-

Sociological -crime, civil disorder

Technical - fire, structural collapse

TransportationAviation, Rail, road disaster

2. Moral Hazard: This refers to increase in profitability of those results from the dishonesty in

the character of the insured person.

10.0 Concept of risk management:

Every Organization across the world is working with a goal to maximize profits & maximization of

Shareholder's wealth. Due to the advanced technologies life is very comfortable now a day but at the

same time risk & uncertainties are increased in same or greater proportion.

Organizations can increase their profit margins by two ways:

By increasing profits & maintaining risk at the constant level

By reducing risk to a lower extent.

Risk management is a scientific approach to the problem of dealing with the pure risks faced by

individuals and business.


10/40

Definition of Risk Management:

IDENTIFICATION, ANALYSIS & ECONOMIC CONTROL OF THOSE RISKS WHICH CAN

THRATEN THE ASSETS OR THE EARNING CAPACITY OF AN ENTERPRISE

Three folded nature of Risk Management is highlighted in the definition. Risk must be identified

before they can be measured, & only after their impact has been evaluated & at same time Cost of

control must be commensurate with the benefits to be derived.

It also mentions the assets & earning capacity of organization .These assets can be physical or

human. However, risk does not strike at assets directly & for this reason the definition also mentions

the earning capacity of an Enterprise.

Nature of risk management:

It is scientific approach to the problem of dealing with the pure risks faced by individuals &

business. It deals with insurable & uninsurable risk & appropriate techniques for dealing with them.

Basic difference between insurance management & risk management is that insurance management

includes all the techniques other than insurance [e.g. non insurance, retention etc].

But insurance management is restricted to the area of those risks that are considered to be insurable.

Risk management on the other hand is concerned with pure risks regardless of whether they

are insurable or not, it has emphasis on reducing the cost of handling risk by any means they are

considered as appropriate.

11.0 Risk management process:


11/40

It is comprised of 6 steps:

11.1 Determination of objectives:

The primary objective of risk management is to preserve the operating effectiveness of the

organization, to make sure that it is not prevented from attaining its other goals by the losses arising

from pure risks. A second objective may be humanitarian goal of protecting employees from

accidents that might be result in death or serious injury. Other goals may focus on cost, use of

resources social responsibility & preservation of good public relations.

11.2 Risk identification:

Risk identification is the first step in the Risk management process. It gives answer to the question

'How can the assets be or earning capacity of an organization can be threatened? For this risk

manager must dig into the operations of the organization & discover the risks to which organization

is exposed. He must be armed with 'tools of trade ' & must make use of them.

These tools include insurance policy checklists; risk analysis questionnaires, analysis of financial

statements, hazard & operability studies, physical inspections of operations, flow charts and

organizational charts but no method can replace diligence & imagination of the risk manager in

discovering risk.

11.3 Risk analysis:

It is defined as systematic use of available information to identify hazards and to estimate the risk

[ISO/IEC Guide 51:1999, definition 3.10]

Once the risk is identified then the steps have to be taken to measure potential impact of that risk on


12/40

the organization. Hence, this step includes statistical analysis & measurement of risk. In practical

sense measurement starts with gathering of information, followed by analysis of past experience and

then move to look at what the data tells us about level of severity of risk & periodicity to which

organization is exposed.

11.4 Risk assessment:

It is defined as overall process comprising a risk analysis and a risk evaluation [ISO/IEC Guide

51:1999, definition 3.12]

The risk manager must evaluate the risk that are identified .This means that measuring the potential

size of loss associated with risk .The cost of risk can be looked from different perspectives like:

a) Frequency of risk

b) Monetary cost or financial harmfulness

c) Human cost in terms of pain & suffering

These risks may therefore be grouped as:

Critical risks: All the risks in which possible losses are of magnitude that would result in

bankruptcy for e.g. - Bhopal (1984) Hillsborough, Mexico.

Important risks: These include those exposures in which the possible losses would not lead

to bankruptcy, but would require the firm to borrow in order to continue operation.

Unimportant risks: These include those exposures in which the possible losses could be met


13/40

out of the existing assets or current income of the firm without imposing undue financial

strain. Also size of the organization would influences the above categorization for example a

risk which is important to a small organization may be reckoned as unimportant risk by a

large organization

11.5 Implementation of the Decision:

The decision for dealing with risk may be

a) To retain riskthis may be attained with or without a reserve or fund.

b) To deal with the risk through loss preventionthe proper loss prevention program must be

designed and implemented.

c) To transfer risk through insurance and this must be followed by the selection of an insurer.

11.6 Evaluation & review:

This is an essential to the risk management program because of two reasons

1. The risk management process does not tales place in vacuum. Things change, new risk arises

and old ones disappear. The techniques that were appropriate last year may not be most

advisable this year, and constant attention is required.

2. Mistakes occur sometimes .Evaluation and review of risk management programs permits the

manager to review decisions and discover mistakes hopefully, before become costly. For this

purpose an independent risk management consultant may also be hired to evaluate the entire

risk management to provide an independent outside review.


14/40

12.0 Importance of risk management:

1. Risk management suggests or provides a framework for an organization that enables future

activity to take place in consistent and controlled manner.

2. Risk management helps to improve decision making, planning and prioritization by

comprehensive and structured understanding of business activity, volatility and project

opportunity/threat.

3. Risk management contributes to efficient use/allocation of capital and resources within the

organization.

4. It reduces volatility in the non essential areas of the business.

5. Risk management helps in protecting and enhancing assets and company image

6. Employee safety and protection is an important part of safety and risk management.

7. Most warehouses use expensive equipment, including forklifts, conveyors, and transport

trucks, in their operations. Using strict license requirements and employee training will

protect this equipment from improper use

8. Proper safety and risk management policies help companies keep their general and liability

insurance premiums low. Low overhead costs allow companies to employ more workers and

focus on profitable business operations.

9. Companies may be sued if they are deemed liable for employee or third-party injuries from

negligent warehouse operations. Lawsuits arise when companies do not have strong safety

management policies or violate their current safety policies.

13.0 Activities in Risk Management:

13.1 Risk Identification:

Risk Identification ascertains which risks have the potential of affecting the project and documenting


15/40

the risks' characteristics. Risk Identification begins after the Risk Management Plan is constructed

and continues iteratively throughout the project execution. The Risk Identification process naturally

progresses into the Qualitative Risk Analysis or the Quantitative Risk Analysis Process. Sometimes it

is wise to include the identification of a risk and its response in order for it to be included in Risk

Response Planning.

At the beginning of the Risk Identification process it is a good idea to have gathered all of the inputs

you and your team will need. The inputs to the Risk Identification Process are:

The Project Management Plan - The Project Management Plan is used in gain an

understanding of the project's mission, scope, schedule, cost, Work Breakdown Structure

(WBS), quality criteria, and other elements.

Risk Management Plan - The Risk Management Plan provides the blueprint of overseeing

risk management throughout the project describing who, what, when, where, why, and how.

The Risk Management Plan provides the following four critical inputs to Risk Identification:

Assignment of roles and responsibilities - Identifying people for risk management by

assigning the handling of specific tasks and roles to specific individuals.

Budget provisions for risk-management activities - The approved funds available for risk-

management activities. You will need to track your actual costs against these approved

budget numbers.

Schedule for risk management - The revised schedule including the time needed for risk-

management activities over the duration of the project's life cycle.

Categories of risk - The risk categories are used during Risk Identification to organize and

prioritize risks as they are identified. Alternatively, the Risk Breakdown Structure (RBS) may

be the source of risk categories. .

Enterprise environmental factors - These factors include any and all external environmental


16/40

factors and internal organizational environmental factors that surround or influence the

project's success, such as organizational culture and structure, infrastructure, existing

resources, commercial databases, market conditions, and project management software. After

gathering all necessary inputs, it is to tie employ the recommended tools and techniques of

risk identification.

The tools and techniques used for risk analysis are:

Documentation reviews - Documentation reviews involve comprehensively reviewing the

project documents and assumptions from the project overview and detailed scope perspective

in order to identify areas of inconsistency or lack of clarity. Missing information and

inconsistencies are indicators of a hidden risk.

Information gathering techniques - Information gathering techniques are used to develop lists

of risks and risk characteristics. Each technique is helpful for collecting a particular kind of

information. The five techniques are:

Brainstorming - Brainstorm is employed as a general data-gathering and creativity technique

which identifies risks, ideas, or solutions to issues. Brainstorming uses a group of team

members or subject-matter experts spring boarding off each others' ideas, to generate new

ideas.

Delphi technique - The Delphi technique gains information from experts, anonymously, about

the likelihood of future events (risks) occurring. The technique eliminates bias and prevents

any one expert from having undue influence on the others.

Interviewing - Interviewing in a face-to-face meeting comprised of project participants,

stakeholders, subject-matter experts, and individuals who may have participated in similar,

past projects is a technique for gaining first-hand information about and benefit of others'

experience and knowledge.


17/40

Root cause identification - Root cause identification is a technique for identifying essential

causes of risk. Using data from an actual risk event, the technique enables you to find out

what happened and how it happened, and understand why it happened, so that you can devise

responses to prevent recurrences.

Strengths, weaknesses, opportunities, and threats (SWOT) analysis - A SWOT analysis

examines the project from the perspective of each project's strengths, weaknesses,

opportunities, and threats to increase the breadth of the risks considered by risk management.

Checklist analysis - Checklists list all identified or potential risks in one place. Checklists are

commonly developed from historical information or lessons learned. The Risk Breakdown

Structure (RBS) can also be used as a checklist. Just keep in mind that checklists are never

comprehensive, so using another technique is still necessary.

System or process flow charts - Flow charts illustrate how elements and processes interrelate.

Influence diagrams - Influence diagrams depict causal influences, time ordering of events and

other relationships between input variables and output variables.

The tools and techniques used for the Risk Identification process are designed to help the project

manager gather information, analyze it, and identify risks to and opportunities for the project's

objectives, scope, cost, and budget. The information gathered is entered on the Risk Register, which

is the primary output of Risk Identification.

Risk Register - The Risk Register containing the results of the Qualitative Risk Analysis,

Quantitative Risk Analysis, and Risk Response Planning. The Risk Register illustrates all identified

risks, including description, category, and cause, probability of occurring, and impact on objectives,

proposed responses, owners, and current status. While the risk register will become the

comprehensive output.


18/40

Risk Identification process results in four entries in the Risk Register:

1. Lists of identified risks - Identified Risks with their root causes and risk assumptions are

listed.

2. List of potential responses - Potential responses identified here will serve as inputs to the

Risk Response Planning process.

3. Root causes of risk - Root causes of risk are fundamental conditions which cause the

identified risk.

4. Updated risk categories - The process of identifying risks can lead to new risk categories

being added.

13.2 Risk analysis:

There may be some terminology and definition differences related to risk analysis, risk assessment

and business impact analysis. Although several definitions are possible and can overlap:

1. Risk analysis involves identifying the most probable threats to an organization and analyzing the

related vulnerabilities of the organization to these threats.

2. Risk assessment involves evaluating existing physical and environmental security and controls,

and assessing their adequacy relative to the potential threats of the organization.

3. Business impact analysis involves identifying the critical business functions within the

organization and determining the impact of not performing the business function beyond the

maximum acceptable outage. Types of criteria that can be used to evaluate the impact include:

customer service, internal operations, legal/statutory and financial.


19/40

Most businesses depend heavily on technology and automated systems, and their disruption for even

a few days could cause severe financial loss and threaten survival. The continued operations of an

organization depend on managements awareness of potential disasters, their ability to develop a plan

to minimize disruptions of mission critical functions, and the capability to recover operations

expediently and successfully. The risk analysis process provides the foundation for the entire

recovery planning effort. A primary objective of business recovery planning is to protect the

organization in the event that all or parts of its operations and/or computer services are rendered

unusable. Each functional area of the organization should be analyzed to determine the potential risk

and impact related to various disaster threats.

Risk analysis process:

Regardless of the prevention techniques employed, possible threats that could arise inside or outside

the organization need to be assessed. Although the exact nature of potential disasters or their resulting

consequences are difficult to determine, it is beneficial to perform a comprehensive risk assessment

of all threats that can realistically occur to the organization.

Regardless of the type of threat, the goals of business recovery planning are to ensure the safety of

customers, employees and other personnel during and following a disaster.

The relative probability of a disaster occurring should be determined.

Items to consider in determining the probability of a specific disaster should include, but not be


20/40

limited to: geographic location, topography of the area, proximity to major sources of power, bodies

of water and airports, degree of accessibility to facilities within the organization, history of local

utility companies in providing uninterrupted services, history of the areas susceptibility to natural

threats, proximity to major highways which transport hazardous waste and combustible products.

Potential exposures may be classified as natural, technical, or human threats. Examples include:

1. Natural Threats: internal flooding, external flooding, internal fire, external fire, seismic

activity, high winds, snow and ice storms, volcanic eruption, tornado, hurricane, epidemic,

tidal wave, typhoon.

2. Technical Threats: power failure/fluctuation, heating, ventilation or air conditioning failure,

malfunction or failure of CPU, failure of system software, failure of application software,

telecommunications failure, gas leaks, communications failure, nuclear fallout.

3. Human Threats: Robbery, bomb threats, embezzlement, extortion, burglary, vandalism,

terrorism, , hazardous waste, vehicle crash, airport proximity, work stoppage

(Internal/External), computer crime.

All locations and facilities should be included in the risk analysis. Rather than attempting to

determine exact probabilities of each disaster, a general relational rating system of high, medium and

low can be used initially to identify the probability of the threat occurring.

The risk analysis also should determine the impact of each type of potential threat on various

functions or departments within the organization. A Risk Analysis Form, found can facilitate the

process. The functions or departments will vary by type of organization.

The planning process should identify and measure the likelihood of all potential risks and the impact

on the organization if that threat occurred. To do this, each department should be analyzed separately.


21/40

Although the main computer system may be the single greatest risk, it is not the only important

concern. Even in the most automated organizations, some departments may not be computerized or

automated at all. In fully automated departments, important records remain outside the system, such

as legal files, PC data, software stored on diskettes, or supporting documentation for data entry. An

impact can be rated as:

0= No impact or interruption in operations,

1= Noticeable impact, interruption in operations for up to 8 hours,

2= Damage to equipment and/or facilities, interruption in operations for 8 - 48 hours,

3= Major damage to the equipment and/or facilities, interruption in operations for more than

48 hours.

All main office and/or computer center functions must be relocated.

Certain assumptions may be necessary to uniformly apply ratings to each potential threat. Following

are typical assumptions that can be used during the risk assessment process:

1. Although impact ratings could range between 1 and 3 for any facility given a specific set of

circumstances, ratings applied should reflect anticipated, likely or expected impact on each

area.

2. Each potential threat should be assumed to be localized to the facility being rated.

3. Although one potential threat could lead to another potential threat (e.g., a hurricane could

spawn tornados), no domino effect should be assumed.

4. If the result of the threat would not warrant movement to an alternate site(s), the impact

should be rated no higher than a 2.

5. The risk assessment should be performed by facility.


22/40

To measure the potential risks, a weighted point rating system can be used. Each level of probability

can be assigned points as follows:

Probability Points

high - 10

Medium - 5

Low - 1

To obtain a weighted risk rating, probability points should be multiplied by the highest impact rating

for each facility. For example, if the probability of hurricanes is high (10 points) and the impact

rating to a facility is 3 (indicating that a move to alternate facilities would be required), then the

weighted risk factor is 30 (10 x 3). Based on this rating method, threats that pose the greatest risk

(e.g., 15 points and above) can be identified.

Considerations in analyzing risk include:

Investigating the frequency of particular types of disasters (often versus seldom).

Determining the degree of predictability of the disaster.

Analyzing the speed of onset of the disaster (sudden versus gradual).

Determining the amount of forewarning associated with the disaster.

Estimating the duration of the disaster.

1. Considering the impact of a disaster based on two scenarios;

a. Vital records are destroyed

b. Vital records are not destroyed.

2. Identifying the consequences of a disaster, such as;

a. Personnel availability


23/40

b. Personal injuries

c. Loss of operating capability

Determining the existing and required redundancy levels throughout the organization to

accommodate critical systems and functions, including;

a. Hardware

b. Information

e. Services.

3. Estimating potential dollar loss;

a. Increased operating costs

b. Loss of business opportunities

c. Loss of financial management capability

d. Loss of assets

e. Negative media coverage

f. Loss of stockholder confidence

g. Loss of goodwill

h. Loss of income

i. Loss of competitive edge

j. Legal actions.

4. Estimating potential losses for each business function based on the financial and service

impact and the length of time the organization can operate without this business function. The

impact of a disaster related to a business function depends on the type of outage that occurs

and the time that elapses before normal operations can be resumed.

5. Determining the cost of contingency planning.


24/40

13.3 Disaster Prevention

Because a goal of business recovery planning is to ensure the safety of personnel and assets during

and following a disaster, a critical aspect of the risk analysis process is to identify the preparedness

and preventive measures in place at any point in time. Once the potential areas of high exposure to

the organization are identified, additional preventative measures can be considered for

implementation.

Disaster prevention and preparedness begins at the top of an organization. The attitude of senior

management toward security and prevention should permeate the entire organization. Therefore,

managements support of disaster planning can focus attention on good security and prevention

techniques and better prepare the organization for the unwelcome and unwanted.

Disaster prevention techniques

These include two categories: procedural prevention and physical prevention.

1. Procedural prevention relates to activities performed on a day-to-day, month-to-month, or

annual basis, relating to security and recovery. Procedural prevention begins with assigning

responsibility for overall security of the organization to an individual with adequate

competence and authority to meet the challenges. The objective of procedural prevention is to

define activities necessary to prevent various types of disasters and ensure that these

activities are performed regularly.

2. Physical prevention and preparedness for disaster begins when a site is constructed. It

includes special requirements for building construction, as well as fire protection for various

equipment components. Special considerations include: computer area, fire detection and

extinguishing systems, record(s) protection, air conditioning, heating and ventilation,


25/40

electrical supply and UPS systems, emergency procedures, vault storage area(s), archival

systems.

Insurance considerations:

Adequate insurance coverage is a key consideration when developing a business recovery plan and

performing a risk analysis. Having a disaster plan and testing it regularly may not, in itself, lower

insurance rates in all circumstances. However, a good plan can reduce risks and address many

concerns of the underwriter, in addition to affecting the cost or availability of the insurance.

Most insurance agencies specializing in business interruption coverage can provide the organization

with an estimate of anticipated business interruption costs. Many organizations that have experienced

a disaster indicate that their costs were significantly higher than expected in sustaining temporary

operations during recovery. Most business interruption coverage includes lost revenues following a

disaster. Extra expense coverage includes all additional expenses until normal operations can be

resumed. However, coverage differs in the definition of resumption of services. As a part of the risk

analysis, coverage should be discussed in detail with the insurer to determine their adequacy.

To provide adequate proof of loss to an insurance company, the organization may need to contract

with a public adjuster who may charge between three and ten percent of recovered assets for the

adjustment fee. Asset records become extremely important as the adjustment process takes place.


26/40

13.4 Conclusion

The risk analysis process is an important aspect of business recovery planning. The probability of a

disaster occurring in an organization is highly uncertain. Organizations should also develop written,

comprehensive business recovery plans that address all the critical operations and functions of the

business.

The plan should include documented and tested procedures, which, if followed, will ensure the

ongoing availability of critical resources and continuity of operations.

A business recovery plan, however, is similar to liability insurance. It provides a certain level of

comfort in knowing that if a major catastrophe occurs, it will not result in financial disaster for the

organization.

Insurance, by itself, does not provide the means to ensure continuity of the organizations operations,

and may not compensate for the incalculable loss of business during the interruption or the business

14.0 Risk Assessment:

In the many activities we can offer, we provide challenges that seek to encourage the development of

young people. These are often challenges they do not face every day and young people can

experience a great sense of achievement in completing them. Some degree of risk is unavoidable if

the sense of adventure and excitement is to be achieved, but it is - and should be - much less than the

participant perceives.

Accordingly we need to assess and control the risks associated with activities in order to minimize


27/40

the chance of injury.

It is not that difficult. A risk assessment is simply a look at what could go wrong - both before and

during the activity - and then deciding on ways to prevent - or minimize - these potential problems.

Hazards and Risks two terms are frequently used during a risk assessment:

A hazard is anything that could cause harm. In the context of adventurous activities, a hazard

could be extreme cold, a fall from a height or hypothermia.

A risk is the chance - high or low - that someone will be harmed by a hazard. The most

important part of a risk assessment, is to decide whether a hazard is significant.

This determines what measures you can take to minimize the risk to an acceptable level. It could be

considered that hypothermia is a significant risk when taking part in mountain activities, canoeing or

sailing. However the risk can be reduced, for example, by wearing appropriate windproof clothing or

wet suits -depending upon the activity!

14.1 Activities to Risk Assessment:

14.1.1 Activity One: Look for the hazards:

It is necessary for you to stand back from the activity, and look afresh at what could cause harm. It is

important to concentrate on the significant hazards. These are hazards which harm or affect several

people. It might be a good idea to ask others what they think; they may have noted things that were

not immediately obvious to you.

14.1.2 Activity Two: Decide who might be harmed and how?


28/40

These could be young people taking part (or waiting to do so), the instructors, others supervising the

activity, those in the area of the activity or casual observers. In identifying the hazards (Step One)

you have already identified the potential of how these people might be harmed.

14.1.3 Activity Three: Evaluate the risk and decide whether existing precautions are

adequate or whether more should be done:

You have already identified the hazards. Now consider the likelihood of each of these hazards

causing harm. This will determine whether or not you need to do more to reduce the risk. It is

possible that even after all reasonable precautions have been taken some degree of risk will remain.

What you have to decide, for each significant hazard, is whether the remaining risk is high, medium,

or low.

For some activities you have to ask yourself if everything has been done to comply with the law -

and, in our context, the requirements also of Policy, Organization and Rules. Everything reasonably

practicable must be done to reduce and control the risk. Your aim is to minimize risks by adding such

precautions as may be necessary. Likewise, the competence of instructors/leaders and adherence to

good practice play a vital role in the provision of safe activities. There are many ways in which risks

can be minimized. This might be a change in venue, additional training, an increased staff/participant

ratio and properly equipped participants. Likewise, plans may have to be modified during the

activity, based on an on-going risk assessment. Later in this fact sheet, we will relate this to typical

Scout activities.

14.1.4 Activity Four: Record your findings:

You must inform those who will be taking part in the activity of your findings and what action should

be taken. The recording of your findings might vary depending upon circumstances. A risk

assessment for the use of a permanent climbing tower on a campsite should be a document that each

instructor has to read (and sign) prior to the start of each session. It should cover the points you have


29/40

identified in Steps one-three above. The risk assessment must be suitable and effective and must

show that

A proper check was made.

You decided who might be affected.

You dealt with all the significant hazards, taking into account potential users.

The precautions are reasonable, and the remaining risk is judged acceptable.

The recording of the assessment should be in a format which is easily read - dont write a book! Risk

assessments are not operating procedures -they inform and determine key aspects of the operating

procedures. At the campsite your risk assessment may have determined that no more than 30 people

may be admitted to the swimming pool at any one time due to the size of the pool and the need to

avoid overcrowding.

This assessment will then be reflected in the pools operating procedure and a requirement placed on

the lifeguard and those controlling bookings for the pool to count. A risk assessment for a day in the

hills or on water that you have not visited before cannot be formalized in exactly the same way. In

these cases, refer to the examples later in the fact sheet

.

14.1.5 Activity Five: Review your assessment and revise it if necessary:

In all cases, it is good practice to review your risk assessments from time to time, to ensure that the


30/40

precautions are still working effectively. If there are any significant changes, review and revise the

assessments to take account of the new hazard. For those risk assessments for a

Composite, and activities on site, it is important to ensure that when carrying out a risk assessment

the date is also set for the next review. Make sure that all relevant documentation is changed.

Risk Assessment - In Practice So far we have looked at theory, with a few examples to illustrate the

key points. There has sometimes been a tendency to usestandard risk assessments for outdoor

activities. We must remember however that as the environments we explore are constantly changing,

such assessments cannot be set in stone. Also, although you may have visited the area before, the

chosen route on land or water may be a new one. Or the weather conditions may be dramatically

different. So how do we start?

Sample risk assessment sheet:

As there are many industrial units are in existence right from chemical, Plastic,

Steel, Cement etc. but among all the industries exists chemical industry is one of

the growing industry. Therefore we will concentrate on Chemical Manufacturing

unit.

15.0 Risk management in chemical manufacturing unit

Chemical industry is one of the worlds largestmanufacturing industries, producing more than

50,000 chemicals and formulations. Starting from raw materials such as oil, coal, gas, water, air and

minerals, the chemical industry produces a vast array of substances that form the basis for almost

every other manufacturing activity. It operates on a global scale; it exists in nearly every country in

the world, and contributes 7% of global income and accounts for 9% of international trade. Supply

chains in the electronics, automobile and other industries have received much attention in literature.

Although some of these lessons can be partly extended to the chemical industry, supply chains in the

chemical and process industry have distinctive features and require special attention. Risk

management is needed in chemical manufacturing unit.


31/40

15.1.1 History of disasters due to chemical units

1932-1968: The McNamara disaster was caused by the dumping of mercury compounds in

McNamara Bay, Japan. The Chisso Corporation, a fertilizer and later petrochemical company,

was found responsible for polluting the bay for 37 years. It is estimated that over 3,000

people suffered various deformities, severe mercury poisoning symptoms or death from what

became known as McNamara disease.

April 16, 1947: Texas City Disaster, Texas.

1948: The explosion of a tank wagon within a BASF site loaded with chemicals, in

Ludwigshafen, Germany causes 207 fatalities.

June 1, 1974: Flixborough disaster, England. An explosion at a chemical plant near the

village of Flixborough kills 28 people and seriously injures another 36.

July 10, 1976: Seveso disaster in Seveso, Italy

December 3, 1984: The Bhopal disaster in India is the largest industrial disaster on record. A

faulty tank containing poisonous methyl isocyanides leaked at a Union Carbide plant. About

20,000 people died and about 570,000 suffered bodily damage. The disaster caused the

region's human and animal populations severe health problems to the present.

October 23, 1989: Phillips Disaster. Explosion and fire killed 23 and injured 314 in Pasadena,

Texas. Registered 3.5 on the Richter scale.

15.1.2Bhopal Gas Tragedy

The Bhopal disaster, also known as the Union Carbide disaster or the Bhopal gas tragedy, was an


32/40

industrial catastrophe that took place at a Union Carbide pesticide plant in the Indian city of Bhopal,

Madhya Pradesh on December 3, 1984.

Thousands died immediately from the effects of the gas and many were trampled in the panic. The

government of Madhya Pradesh confirmed a total of 3787 deaths related to the gas release. Another

source says that a few days later the death toll had doubled. Over the next few years, the lingering

effects of the poison nearly doubled the toll again, to about 15,000, according to government

estimates.

Factors leading to this huge gas leak include:

The use of hazardous chemicals (MIC) instead of less dangerous ones

Storing these chemicals in large tanks instead of over 200 steel drums.

Possible corroding material in pipelines

Poor maintenance after the plant ceased production in the early 1980s

Failure of several safety systems (due to poor maintenance and regulations).

Safety systems shut down to save moneyincluding the MIC tank refrigeration system which

alone would have prevented the disaster.

The chemical industrial sector is highly heterogeneous encompassing many sectors like organic,

inorganic chemicals, dyestuffs, paints, pesticides, specialty chemicals, etc. Some of the prominent

individual chemical industries are caustic soda, soda ash, carbon black, phenol, acetic acid, methanol

and ago dyes. Chemical manufacturing sector in India is well established and has recorded a steady

growth in the overall Indian industrial scenario. The Chemical and allied industries have been

amongst the faster growing segments of the Indian industry. It

1. Contributes to 3% of GDP in the same report*.

2. One of the fastest growing sectors of Indian economy.

3. Chemical Industry in India is fragmented and dispersed - multi product and multi faceted.


33/40


34/40

Review of electrical Preventive Maintenance System

Electrical Risk Assessment (fire, shock explosion) using Semi-Quantitative Risk Ranking

(SQRR) technique

3. Fire risk assessment:

Identification & assessment of fire risks during operations in receipt, storage, transfer and

handling of chemicals (raw materials and finished products)

Identification & control of ignition sources in areas where flammable chemicals are stored /

handled / transferred

Review of chemical compatibility in storage areas and to suggest appropriate fire loss

control measures

Review of fire detection measures adopted in the plant & to suggest suitable

improvement measures

Review of the various active (fire hydrant, sprinkler, portable fire extinguishers) and

passive fire protection requirements for chemical storage and handling areas and to

suggest improvements as necessary

Review of contractor safety awareness (chemical spill, fire fighting, emergency

communication, knowledge of plant hazards & safety regulations) and to recommend

suitable improvement measures to enhance contractor safety

Review of safety awareness and safety training requirements ( training identification and

efficacy) of plant employees with respect to hazards present in the plant


35/40

Fire risk assessment will be carried out based on techniques like

1. Matrix method,

2. Hani Arafat Risk Calculator.

The consequence, likelihood and exposure of each hazard are arrived using a systematic approach

and will help to determine the relative importance of hazard and focus on significant risks.

4. Risk analysis & emergency plan:

Identification of scenarios of potential disasters / emergencies leading to loss of life, property

damage etc. and qualitative assessment of their likelihood.

Quantitative risk assessment for selected scenarios of major credible events.

Recommendations for risk control measures wherever applicable.

Preparation of onsite emergency preparedness plan

5. Risk Management & Insurance planning:

Identification of all major internal and external pure risks including the natural risks and

analysis of the impact of above risks

Review of existing risk control measures and offering comments

Scrutiny of all existing major insurance policies in respect of:

Rationalization of basic rate of premium and widening of covers

Applicability / eligibility of discounts in premium


36/40

Application of suitable clauses, warranties and conditions

Identification of possible areas for refund of premium and suggestions regarding procedure

for the same

Selection of insurance coverage on the basis of risk analysis

Providing guidelines for fixation of sum insured and illustrate the same on a selected

equipment

Evaluation of business interruption exposure due to identified risks

Providing guidelines on documentation requirements, procedures for claims under various

policies, evaluation of insurers

6. Risk Management Training

Specialized and focused training, if imparted effectively, can contribute significantly to Risk

Management. Expert faculty carefully selected training module, interactive and participate approach,

useful training material, case studies and syndicate exercises could help in having effective risk

management system in place. The training topics for bulk drug industry could be:

Chemical Safety


37/40

Safety with Compressed gases

Solvent Safety

Hazard Identification Techniques

Industrial Risk Management

Fire Prevention and Protection

Electrical Risk Management

Emergency Preparedness

Safety Management system

Accident Prevention

Personal Protective Equipment

Potential risk analysis:

Risk manager should be continuously working on the potential risk analysis as these risks have

capacity to affect organization to considerable extent. Also things change; new risk arises and old

ones disappear. The techniques that were appropriate last year may not be most advisable this year,

and constant attention is required


38/40

Potential Risk can be divided into 4 types:

1. Financial risk :

Credit plays an important role in financing of the businesses, and a firm may find it in

difficulties owing to factors affecting either credit received or credit extended. An increased

rate of interest on borrowing will cut the profit margin but more important is availability of

credit. A firm that is heavily dependent upon bank credit to finance its working may be forced

to curtail its activities severely if its overdraft facilities are cut for any reason.

2. Legal risk:

Legal aspects are important for enterprises as legal issue can raised by government, public,

employee, stakeholders in the form of Public litigation.

3. Physical risk :

It is also important risk that should be addressed by risk manager because it will take charge

of life many individuals if not treated properly. Also it may reduce the productivity of the

workforce over the period of time.

4. Environmental risk:

Risk manager should take necessary actions for the waste treatment or other environment

issue so that government bodies such as Pollution control board of that state.

Chp 4

18.0 Findings & Suggestions:

1. It has been found that 85% companies recognized importance of risk management.

2. Only 60% companies have enterprise wide risk management.

3. Only 66% Companies describe the risk faced by their company in their annual report.

4. It has been found that companies believe in Insurance brokers for risk management advice.

5. It has been discovered that most of the enterprises are showing great concern about


39/40

competitive risk or risk associated with the managing of business.

6. This survey also reveals that primary goal of the chemical companies is growth at a faster

rate which is causing intense rivalry within industry.

7. It is found that there is room for improvement in risk information which will facilitate

management in decision making.

8. Companies in India have documented risk management strategies in place, but there is

substantial room for improvement.

9. It has been found that near about 1000 chemicals are added to the market every year from all

the sectors like petrochemical, inorganic, organic, paint& dyes and agrochemicals.

10. It is found that Chemical sector is one of the fastest growing sectors of Indian economy.

11. It is found that Chemical Industry in India is fragmented and dispersed - multi product and

multi faceted.

19.0 Final recommendations

There should be sound co-operation between industries, Government and other interested

stakeholders of the industry.

There should be scientifically sound risk assessment methods.

There should be transparency in the review and utilization of risk assessment data.

There should be support for the precautionary approach.


40/40

Documents

Risk Managt