University of Twente Student Theses

Login

Risk management : regulations and practice

Hauko, H. (2009) Risk management : regulations and practice.

[img]
Preview
PDF
899kB
Abstract:The purpose of this research is to describe and analyze how seven Norwegian municipalities satisfy the requirements for risk management in the economic policy in Norway, and to which degree they integrate risk management in their comprehensive management. Besides the requirements of risk management and internal control, the Royal ministry of finance in Norway does not give any directive of how the method should be developed or implemented in the municipalities. As a result of this, the Norwegian Government Agency for Financial Management, SSØ, published a method of risk management. The directorate for social security and precaution (Direktoratet for samfunnssikkerhet og beredskap: DSB) yearly conducts risk and vulnerability research to indicate the safety of the society and consider the readiness of the municipalities to for instance handle crisis when they are doing the ordinary municipality-planning. These two publications, together with the theory create the foundation to describe and analyse how seven municipalities satisfy the requirements for risk management in the economic policy, and to which degree they integrate risk management in their comprehensive management. In chapter 4 the requirements in the economic policy are presented. The requirements mainly says that the municipalities should ensure that established objectives and performance requirements are monitored, that resources are used efficient and that the municipality is run in compliance with applicable laws and regulations. The governance and monitoring shall, however, be adapted to the municipalities’ distinctive characteristics as well as to its risk profile and its significance. In chapter 5, SSØ’s method of risk management is presented and their contribution is eight steps that mainly are about identifying objectives, identifying critical success factors, identifying risks, prioritize risks and finally implement risk treatment activities and monitor the risks. The empirical research in chapter 6 focus on risk management in seven Norwegian municipalities, the findings from DSB’s risk and vulnerability analysis as well as how risk management is integrated in the municipalities’ comprehensive management. In chapter 8 the conclusion is drawn based on the analysis from the previous chapters. The main findings show that risk management are mainly integrated in the comprehensive management by identifying risks, conducting risk and vulnerability analysis for the essential risks, implementing actions to reduce the risk and revising their analysis. This indicates similarities with the method suggested by SSØ. The findings also indicate that the bigger the municipality the more actions to reduce risks are being integrated in the municipality management. The bigger municipalities (more than 100.000 inhabitants) have integrated the requirements on office or department levels while the smaller municipalities (less than 100.000) make the most amendments in the areas representing high potential risk. The approach of the risk management method differs slightly from municipality to municipality. The two municipalities researched with more than 100.000 inhabitants opt to integrate risk management in the comprehensive management through the objective and performance requirements set, by identifying critical success-factors for achieving the objectives. This means that the risks are tried identified based on the objectives they might jeopardize. The smaller municipalities (less than 100.000), on the other hand, identify areas at risk not necessarily directly linked with the objectives, but mainly based on the threat they Hilde M. Haukø: S0181692 3 represent either to the municipality assets, the people in the society and the like. However, in both cases risks are being prioritized based on probability and consequence and reduced by risk control and financing activities. The main conclusion that can be drawn is that the municipalities satisfy the requirements set in the economic policy and that risk management is integrated in their comprehensive management. A thought for reflection is that the requirements are meant to be adapted to the municipalities’ distinctive characteristics as well as to its risk profile and its significance. Risk management should therefore, according to SSØ, be developed in such a way that it can identify, evaluate, manage and follow-up risk so that the risk is within an accepted level. Acceptable level of risk is, however, subjective.
Item Type:Essay (Master)
Faculty:BMS: Behavioural, Management and Social Sciences
Subject:85 business administration, organizational science
Programme:Business Administration MSc (60644)
Link to this item:http://purl.utwente.nl/essays/60263
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page