Risk management seminar Part 5 •Crisis matrix was designed by Klaus Winterling. The matrix is one of analytical techniques used in risk management. • •The matrix allows risks categorization by two parameters: • •Probability of a risk occur at a given time - how real and probable is that the risk will actually occurs - matrix defines three levels of probability -Low, 1 -Medium, 2 - High, 3 • •Risk effects on an SBU - what what would be the impacts of the risk on an organization or department if the risk occurs - matrix defines three levels of effect -negative, 1 -threatening 2 -Destructive 3 • SBU definition with using 7S Methods SBU - Euromedica s.r.o. Strategy : corporate strategy for 2020 – 2023, integrated with financial strategy and HR strategy. Structure : Managing board, Supervisory board. Direktor. IT Servises. Sales Department. Ekonomics Department. Logistik manager. Systems : IT Systems – MS Office, MS SQL Server Account system Money S7 Small company managed by direcktor and head off the departments. Marketing system integrated in Money S7. Logistik system integrated in Money S7. Style: process oriented organization, with process maps and managed dokumentation. Staff: Managing board 3 persons. Supervisory board 3 persons. Direktor 1 person. IT department 3 persons. Logistik manager 1 person. Sales department : 12 persons. Economy department : 2 persons. Skills: Categorizing date. Audit skills. Process modeling. Process analyzing. Project management. Lead auditor for ISO 9001, 14001, 18001, 20001, 27001. Coordinating. Risk management. Shared values: Strategic thinking. Interviewing. Diplomacy. Advising. Types of risks Human factor : Substance abuse Stres sitaution Certifikation Information and technology risks: Integrity of application systems Incorrectly specified requirements for HW and SW and their evaluation Unauthorized use of information, destruction, damage and its modification Intentional interference with SW or HW Operation risks: Defective feedback system Complexity of processes, operations Organizational risk: Ineffective methodological, control activities and supervision Non-optimized circulation of documents, records, shredding of documents Financial risk: Manipulation of income and expenses State guarantees, financial assistance Risk factors Efekt on an SBU=Inpact Propabilitty of risk Severity of risks Ineffective supervision 3 3 9 Non-optimized circulation of documents 2 1 2 Manipulation of income and expenses 3 3 9 State guarantees, financial assistance 3 2 6 Substance abuse 1 1 1 Stres sitaution 2 2 4 Certifikation 3 2 6 Integrity of application systems 3 3 9 Incorrectly specified requirements 3 1 3 Unauthorized use of information 2 1 2 Intentional interference with SW or HW 2 2 4 Defective feedback system 2 2 4 Duplicity of processes, operations 3 2 6 PxE=Severity of the risk Thank you for your attention! Definition of risk and its types