What is a Risk Management Assessment and what does it entail?
The Risk Management Assessment, or RMA, is the first step in developing a comprehensive risk management program. The RMA identifies, analyzes, and reports on an organization’s material risk exposures. It provides a multi-dimensional view of risk, taking into account organization-wide enterprise risks and specific insurance-related exposures.
A typical Risk Management Assessment consists of five steps, they are:
Get to know the organization. Gather as much information as possible to learn about the organization, establish objectives, and review a timeline for completion of the RMA.
Examine risk management techniques. Take a closer look at the existing insurance coverage, what losses have been experienced, and the organization’s Total Cost of Risk (TCoR), as well as the risk management best practices currently in use.
Identify and analyze exposures. Ask a series of questions designed to uncover risk exposures and prepare an action plan to protect against these risks.
Implement the plan. Address gaps in insurance, finalize loss reserve reviews and procedures and set a strategy for improvement.
Monitor results and provide support. Form a work group with members from the organization and provide ongoing guidance on risk-related issues. Recommend actions that support continued TCoR improvement.
Before an organization engages a risk management consultant firm for a Risk Management Assessment, they’ll need to clearly understand:
Compliance --- Reacting to externally imposed corporate governance guidelines that concern risk identification, disclosure, management, and monitoring.
Defense --- Anticipating problems before they threaten the company’s strategic objectives. This is largely avoiding unknown issues that could undermine company progress.
Coordination/Integration --- Breaking down internal silos by coordinating various pockets of risk management activity and awareness to improve overall company performance.
Exploiting Opportunities and Creating Value --- Appreciating how risks interact across the enterprise and exploiting natural ways to avoid or manage those risks.
• Loss exposure analysis
• Evaluation of insurance program administrative practices
• Insurance coverage analysis
• Conclusions and recommendations