Enterprise Risk Management
You are required to undertake research on Tata Motors Limited to produce a risk register for their Board of Directors. The risk identification and assessment process will cover the following stages:
a) What are the aims and objectives of the organisation? (Note: ERM links risks to aims)
b) What problems has the organisation encountered in the past?
c) What problems have other organisations in the same sector encountered in the past?
d) What regulation is applicable to the organisation/sector and are there any planned changes. Are there differences in regulatory requirements in different locations in which the organisation operates?
e) Are there any potential opportunities that could enhance company performance?
f) Utilising the information gathered, identify risks (both threats and opportunities) to the organisation, describe, assess and score each risk.
g) Define the acceptable risk threshold
h) Identify mitigation actions for risks that are above the stated threshold.
The research evidence you gather will be used to populate a standard format risk register, using the example provided overleaf.
Risk Register for Company X
Risk Number Risk Description Risk Information sources (ie references from research) Likelihood (1-5) Impact
(1-5) Risk Rating (Likelihood x Impact) Above acceptable rating? Mitigation actions
3. Coursework assignment assessment criteria
Requirement Marks
Identify risks which could threaten or enhance the achievement of the aims of the organisation (ie: both threats and opportunities). Here you should briefly outline each risk, and provide evidence of sources of information used. The description should be full enough to support assessment of the risk. There is no set number of risks to aim for, but thought about risks across the enterprise, both geographical and functional should be evident. 40
Critically assess the relative threat or opportunity it poses for the organisation and then score it. Score each identified risk for frequency (1 [low] – 5 [high]) and impact (1-5) and multiply these ratings to provide a risk score 25
Define the acceptable risk threshold, and use it to prioritise risk actions 5
Propose mitigation actions for risks that are above the stated threshold. Where appropriate this should include academic references to support your suggestions. 30