RSK4801 Assignment 2
2024 - DUE 12 July
2024
[Company address]
, RSK4801 Assignment 2 2024 - DUE 12 July 2024
CASE STUDY:
RISK MANAGEMENT – THE ROLE OF A RISK MANAGER Since 2020, many incidents and events
have caused organisations to adopt a focused approach towards risk management and the role of risk
managers. Examples of these events are the COVID-19 pandemic and its severe effects on many
countries, economies, and businesses. South Africa was not excluded from the pandemic and was further
hampered by severe power interruptions and inadequate service delivery. These are all risk-related
incidents/events involving risk managers to assist in the management thereof. According to an article in
Enterprise Risk Magazine (2023), uncertainty also boosted the profile and role of risk managers. Large-
scale risks are happening more often, which requires sound risk management to cope with the
increasingly unclear business and physical environments. As such, it seems imperative that the role of
risk managers and appropriate risk management tools is clear. The classic three lines of defence in the
risk governance model endeavour to demarcate the various roles regarding the management of risks.
Although there are many issues surrounding this model, it provides a foundational guideline for the roles
of the main role-players in risk management. Regarding the tools for operational risk management, it
seems that there are concerns over the predictive powers of key risk indicators (KRIs), the value of risk
and control self-assessments (RCSAs), and the subjectivity of scenario analysis to manage operational
risks (Enterprise Risk Magazine, 2023). In addition, embedding an operational risk management
framework is becoming essential. However, it appears that there is only a vague understanding of the
exact role of a risk manager. Furthermore, according to Enterprise Risk Magazine (2023), excessive
effort is being expended on issues that generate too little value when using operational risk management
tools. For example, RCSAs are tools that should provide value to organisations by identifying the
primary inherent risks, which can be used for analysing risk scenarios and determining and managing
KRIs. In addition, RCSAs can determine control weaknesses in managing the residual risks effectively.
Enterprise Risk Magazine (2023) mentioned that organisations should focus their RCSA efforts on the
effectiveness and adequacy of controls in mitigating low-, medium-frequency/medium and high-impact
operational risks. Risks leading to high-frequency and low-impact operational loss incidents should be
managed by means of more real-time monitoring of KRIs. This could ensure obtaining value from the
RCSA activity. According to the Institute of Risk Management (IRM, 2023), the year 2024 will see
certain risk events escalate, requiring a more “aggressive” and formal approach by risk managers to
assist organisations in coping with these risk events. Some of these risks, specifically for South Africa,
were identified by various risk managers as follows:
• future disasters, such as ongoing floods, global warming, and drought