The Main RiskSE Framework Purposes
Risk Structure and Environment framework are to allow risk management in a structured and systematic way in order to reduce an organization’s risk profile as well as maintain a safer environment for different stakeholders through continued refined processes.
The framework is meant to make certain the Organization’s strategies that are appropriate for risk reduction are in place in order to maximize opportunities.
Another purpose is to put the risk management process into an organization’s planning process at operational and strategic levels so that it becomes an integral part of it which helps the organization in achieving its goals.
RiskSE framework also creates a culture of risk awareness from operational, fraud, individual projects, and strategic perspectives in an organization. It is meant to give the risk management process trustworthiness so that those involved in the process can consider monitoring, treatment, reporting and review of risks, and even identification of new risks (Froot et al, 1994).
The main RiskSE primary deliverable products include the risk assessment document, the project structure, and the vision document (Crouhy et al, 2000).
RiskSE Benefits: RiskSE leads to improved focus on an organization’s strategic goals.
It leads to outstanding thoroughness in planning and the Organization’s management activities. RiskSE promotes proactive management due to the early identification of risks and their management (Crouhy et al, 2000).
It also leads to the following; enhanced responsibility and accountability levels, improved decision making (informed decisions) on new projects and new opportunities, reduced chances of taking needless opportunistic risks, a better foundation for an organization’s strategic planning, a reception for opportunity and risk changing models in a competitive environment and improved service delivery due to effective allocation of resources in appropriate areas such as high-risk areas and key services (Crouhy et al, 2000).
Importance of RFRC
RFRC promotes confidence in corporate reporting and governance. The council ensures the use of high corporate governance standards, sets corporate reporting and actuarial practice standards, and enforces auditing and accounting standards. It, therefore, helps mitigate risks in the audit market hence plays a very important role in risk management in the audit market (Crouhy et al, 2000). An example of RFRC is the RFC of the UK.
ITIL and its Use
This is an approach/a framework to IT service management. ITIL is an acronym for Information Technology Infrastructure Library that provides guidance on the delivery, planning, and management of information technology services. This infrastructure library series has been designed for efficient and cost-effective management of Information Technology by organizations (Kennedy, 2005).
Why Use ITIL?
ITIL provides improved motivation and productivity by encouraging employees to recognize IT service management as a professional skill. It provides better services that can be adapted to the customers’ needs hence improved customer service and ITIL also provides quality IT service even in budgetary constraint business environments and so is cost-effective (Kennedy, 2005).
ISO 20000 and its Use
This is an international standard for the management of Information Technology services. The standard is based on the previous BS 15000. It has two parts, the ISO 20000-1 and ISO 20000-2. Part one encourages management of services through the use of an integrated process approach; that is, a service management specification, while part two gives the service management code of practice by describing the requirements and best practices for ISO 20000 part one (ISO 20000 Central, 2008).
References
- Crouhy, Michel, Galai, Dan. and Mark, Robert., 2000, Risk Management. McGraw-Hill Professional.
- Froot, Kenneth A., Scharfstein, David S. and Stein, Jeremy C., 1994, A Framework for Risk Management, Harvard Business School, Massachusetts Institute of Technology. Web.
- Kennedy, Jason J., 2005, How do I Use ITIL in my Organization?, Tsunami Communications Inc.
- ISO 20000 Central, 2008, ISO 20000.