Skip to main content
Top

2024 | Book

Managing SMEs in Times of Rapid Change, Uncertainty, and Disruption

A Gentle Introduction to Qualitative and Quantitative Methods of Risk Management

insite
SEARCH

About this book

In an era of rapid technological change and growing uncertainties, this book equips managers and engineers with vital risk management tools. Addressing challenges such as pandemics, supply chain disruptions, and political tensions, it blends qualitative and quantitative approaches to modern risk management. The first half explores enterprise risk management, including business continuity, compliance, and crisis management. The second half focuses on quantitative methods, featuring a mathematical bootcamp on probability, statistics, and Monte Carlo simulations, with detailed case studies.

Designed for beginners and intermediate professionals, it also benefits students seeking a comprehensive overview of risk management. The book draws on the author's extensive experience as a manager, trainer, and auditor, offering practical, tested solutions. While tailored to the needs of SMEs, the concepts are applicable to all organizations. This book stands out for its balanced treatment of both qualitative and quantitative aspects, providing numerous examples and complete solutions for practice.

Table of Contents

Frontmatter

Risk Management: Concepts, Processes, Tools, and Enterprise Risk Management

Frontmatter
1. Risk Management: The Framework
Key Topics in This Chapter: Mainly Qualitative
In this introductory chapter, the main generic processes of risk management are discussed. Especially, we deal with the following:
  • Risks and why risk management is critical for any type of organization.
  • Important examples of risks.
  • Definition of risks.
  • The characteristics of risks (probability of occurrence, impact, time horizon, etc.).
  • Risk management and the standard risk management process.
  • Risk identification, risk assessment, risk mitigation, and risk treatment.
  • Risk registers, risk portfolios, risk matrices.
  • Implementing effective risk controls.
  • Quantification, rating, and ranking of risks.
  • Why and how to comply with the international standard ISO 31000 for risk management.
Herfried Kohl
2. Risk Management: ERM and Aspects of Its Implementation
Key Topics in This Chapter: Mainly Qualitative
In this chapter, we build on the concepts introduced in the previous one and deal with the following:
  • Enterprise Risk Management (ERM): What is it and why is it important?
  • ERM and the role of top management.
  • Necessary input to ERM.
  • How to organize ERM.
  • Risk managers: Prerequisites, necessary skills, and capabilities.
  • Implementing ERM: Project requirements and good practices.
  • How the structure of the organization and the organization’s economic situation impact the ERM.
  • Key risk indicators (KRIs) and risk appetite.
  • Risk reporting.
  • Documentation of the ERM.
  • How to keep the ERM alive.
  • Human factors and ERM.
Herfried Kohl
3. Risk Management: A Selected Toolbox
Key Topics in This Chapter: Mainly Qualitative
Risk management needs tools and techniques. In this section, we’ll describe some of the standard tools, especially the following:
  • Audits
  • Business Impact Analysis (BIA)
  • Bow Tie Analysis
  • Brainstorming
  • Delphi Technique
  • ETA (Event Tree Analysis)
  • HACCP (Hazard Analysis and Critical Control Points)
  • HAZOP (Hazard and Operability Studies)
  • HLM (Hazard Level Matrix)
  • HRA (Human Reliability Analysis)
  • Ishikawa diagrams for root-cause analysis
  • PESTLE
  • Root-cause analysis
  • SWIFT (Structured What-If technique)
  • SWOT analysis
Herfried Kohl
4. Quantifying, Aggregating, and Modelling Risks
Key Topics in This Chapter: Mainly Quantitative
In this chapter we start dealing with some selected aspects of the quantitative side of risk management, mainly including the following:
  • Balancing efforts and benefits of risk management.
  • The concept of risk aggregation.
  • Sketch of the top five entry-level probability distribution functions.
  • Principles of risk aggregation, modelling, and simulation.
  • Making risks measurable and comparable: Risk measures and their classification.
  • The value-at-risk and related measures.
  • Standard risk models: The individual and the collective risk model.
  • Risk portfolios.
  • The Monte Carlo simulation method.
  • Decisions under risk and uncertainty.
Herfried Kohl

Operational Risk Management: Applying Risk Management to the Operational Areas of the Organization

Frontmatter
5. Management System Standards and Organizational Resilience
Key Topics in This Chapter: Mainly Qualitative
This chapter introduces to Part 2 of the book and describes, among other things, the relevance of generic, globally harmonized, and industry-specific management system standards. If implemented and applied correctly, they can make a significant contribution to preventing and limiting risks in the respective management areas. At the same time, these standards contribute to organizational resilience.
Herfried Kohl
6. Business Continuity Management
Key Topics in This Chapter: Mainly Qualitative
In this chapter we discuss a significant group of business risks that can lead to business interruptions and huge losses. The basic idea of business continuity management (BCM) is that the company prepares for disruptive events and similar occurrences. The corresponding measures are aimed at minimizing damage and losses and getting the company back on track more quickly.
In this context, we also discuss the importance of BIA (Business Impact Analysis), which finds applications also beyond BCM.
At the end of the chapter, we briefly address the topic of supply chain resilience, as it should form an important part of BCM.
Herfried Kohl
7. Compliance, Anti-bribery, and Corporate Social Responsibility
Key Topics in This Chapter: Mainly Qualitative
In this chapter we discuss compliance management and the related aspects of risk management. The topics include:
  • Global and national frameworks and requirements for compliance.
  • The architecture of a compliance management system (CMS).
  • Risk management applied to compliance: The identification, assessment, and treatment of compliance risks.
  • Standards for compliance management, especially the requirements of ISO 37301.
  • Anti-bribery management.
  • Anti-bribery management requirements according to ISO 37001.
  • CSR—Corporate Social Responsibility.
  • Corporate Sustainability.
Herfried Kohl
8. Occupational Health and Safety (OH&S)
Key Topics in This Chapter: Mainly Qualitative
Occupational health and safety are a significant risk category in all organizations, but the details depend on the industry and business. In this chapter, we consider the following:
  • Scope and relevance of OH&S.
  • Risk identification, risk assessment, and risk treatment in OH&S.
  • Requirements of ISO 45001 and related management standards for OH&S.
  • Core processes of OH&S.
Herfried Kohl
9. Quality Management and Product Safety
Key Topics in This Chapter: Mainly Qualitative
In this chapter, we consider the role of quality management and its significance for risk management in the company. The QMS standards for the following industrial sectors are briefly characterized:
  • Automotive industry
  • Aerospace and defense
  • Railway
  • ICT
  • Food and feed
  • Other industries
We also point out the relevance of safety directives for products and services, and their role in risk management.
Herfried Kohl
10. Managing the Impact of the Organization on the Environment
Key Topics in This Chapter: Mainly Qualitative
In this chapter, we outline the role of a company’s impact on the environment within its risk management. This includes primarily the following aspects:
  • The environmental management system.
  • The energy efficiency system.
  • The carbon (green gas) footprint.
  • It is also shown how international standards like the ISO 14000 series for environmental management systems, and standards for energy efficiency management like the ISO 50001 may support the risk identification and management process in the respective areas.
Herfried Kohl
11. Cyber and Information Security Risks
Key Topics in This Chapter: Mainly Qualitative
Cyber risks encompass different types of risks, the impact of which in many cases can only be estimated. As a result, they are often underestimated. Nevertheless, they are among the most feared types of risk in companies. In this chapter, we briefly discuss the following:
  • Categories and sources of cyber risks.
  • Estimating the financial relevance of cyber risks.
  • Understanding the organization’s IT landscape is a prerequisite for cyber risk management.
  • The cyber risk management process, including the BIA.
  • The importance of scenario analyses.
  • Management systems addressing cyber risks.
  • Types of controls for cyber risks.
Herfried Kohl
12. Business Partner Relationship Management
Key Topics in This Chapter: Mainly Qualitative
Organizations use to be involved in a wide range of different types of networks and business partnerships, which may be the source of a variety of risks. In the worst case, they can threaten the existence of a company. It is important to have this area appropriately on the radar and make it part of the enterprise risk management. In this chapter, we sketch the following:
  • Adequate precautionary measures should be taken when establishing and maintaining business partnerships.
  • Good practices for business partner management.
  • Continual surveillance of business partnerships is highly advisable.
Herfried Kohl
13. Crisis Management
Key Topics in This Chapter: Mainly Qualitative
A corporate crisis sends the company into an exceptional situation. Some crises come slowly and are foreseeable, others can come overnight. In any case, a crisis always comes with substantial risks. Preparing for potential crises and having a plan in place is strongly recommended. In this chapter we discuss:
  • Preparing for crises, what are the main aspects?
  • Who should be involved in crisis management and how should employees be prepared for their role?
  • Categorization of crises.
  • Standard processes for crisis management.
  • The requirements of ISO 22361.
Herfried Kohl

Modeling and Simulating Risks and Other Things

Frontmatter
14. Statistical Inference: General Concepts, Parameter Estimation, Confidence Intervals, and Testing of Hypotheses
Key Topics in This Chapter: Mainly Quantitative
This chapter contains important aspects of dealing with data. The topics include:
  • Characteristics and distributions of sample data.
  • Estimation of distribution parameters: Maximum likelihood, method of moments, Bayesian approach.
  • Determination of confidence intervals for distribution parameters.
  • Estimation of the CDF and of quantiles.
  • Formulation of statistical tests.
  • Graphical goodness of fit tests.
Herfried Kohl
15. Simulation: Principles, Practice, and Examples
Key Topics in This Chapter: Mainly Quantitative
At various points in the book, we have seen that in QRM there is no way around the simulation of risks and other stochastic quantities.
  • In this section, we will start by discussing the generation of random variables that satisfy specified distributions. Various methods are presented for this purpose.
  • Indications are given as to what should be considered when setting up simulation models.
  • Most of this chapter is devoted to the practical implementation of simulations. The examples cover a wide spectrum.
  • All calculations are described in detail so that they can be easily understood, modified, and implemented by the reader.
Herfried Kohl

The Mathematics of Risk Management: A Compact Introduction

Frontmatter
16. Probability: From Sample Spaces to Conditioning
Key Topics in This Chapter: Mainly Quantitative
In this chapter, we present the basic concepts of probability theory which are indispensable for quantitative risk management. A straightforward approach is chosen, avoiding more advanced concepts like measure theory. Primarily we consider the following:
  • Randomness, experiments, sample spaces, random events, and their role in risk modelling.
  • Sets and their algebra.
  • The concept of probability, including the Kolmogorov axioms.
  • The concept of random variables.
  • Discrete and continuous random variables and their probability mass function, probability density function, and cumulative distribution function.
  • Characteristics of random variables (expectation, variance, covariance, correlation, skewness, kurtosis).
  • Marginal distribution functions.
  • The concept of conditional probability, conditioning, and the laws of total expectation and variance.
Herfried Kohl
17. Probability: Auxiliary Concepts, Tools, and Results
Key Topics in This Chapter: Mainly Quantitative
In this chapter, we present several helpful and indispensable tools for dealing with random variables and their distributions. Especially, we discuss the following:
  • Generating functions.
  • The concept of entropy and the maximum entropy principle (MEP).
  • Inequalities for random variables (Markov, Chebyshev, Cantelli, Jensen, Cauchy-Schwartz) and some of their applications.
  • Limit theorems (central limit theorem, and others).
  • Some results from combinatorics are needed for counting things.
Herfried Kohl
18. Frequently Met Probability Models and Distribution Functions
Key Topics in This Chapter: Mainly Quantitative
In this chapter, we present some of the most important distribution functions applied in quantitative risk management. We also discuss various related concepts, including the following:
  • Special functions needed when dealing with distribution functions.
  • Discrete distribution functions.
  • Continuous distribution functions.
  • Distribution functions needed for statistical inference.
  • Creation of distribution functions by mixing others.
  • Creation of distribution functions by transforming variables (univariate and multivariate).
  • Distribution of extreme values.
Herfried Kohl
19. Sums of Random Variables and Application to Risk Aggregation
Key Topics in This Chapter: Mainly Quantitative
Evaluating sums of random variables is a key topic in QRM. Since random variables are characterized by their probability distributions, their addition is not trivial and requires special techniques. Some of them we will present in this chapter. The main topics we deal with include:
  • The method of convolution.
  • The application of generating functions.
  • Calculating sums by employing simulation.
  • Exactly summable sums of random variables.
  • Evaluation of random sums.
Herfried Kohl
20. Understanding and Modeling Dependent Risks
Key Topics in This Chapter: Mainly Quantitative
The quantification and modelling of dependent risks is more challenging than that of independent risks and their portfolios. Our aim is to understand, describe, and model multivariate CDFs because they contain all we can know about dependent risks. This chapter deals with various aspects and techniques related to this topic:
  • A short collection of facts about matrices and determinants.
  • Concepts for describing dependence: Pearson’s, Spearman’s, and Kendall’s correlation measures.
  • Bivariate and multivariate normal distributions: Characteristics and modelling.
  • Multivariate binomial distribution.
  • Characteristics of multivariate PDFs and CDFs.
  • Fréchet–Hoeffding bounds for multivariate CDFs.
  • Copulas: The idea behind and Sklar’s theorem.
  • Examples of copulas.
  • Regression analysis.
Herfried Kohl
21. Time-Dependent Random Variables and QRM
Key Topics in This Chapter: Mainly Quantitative
Large parts of risk modelling are concerned with time-independent aspects of risks, or rather, with aspects related to a fixed period. If we want to go beyond that, we must look at random variables that explicitly depend on time. In this chapter, we look at different approaches on how this can be done. Topics include:
  • Straightforward implementation of time dependence.
  • Time-dependent random variables in reliability theory: Time to failure, reliability function, mean time to failure, max time to failure, mean residual lifetime.
  • Control charts.
  • Characteristics of stochastic processes.
  • Poisson processes.
  • Markov processes.
  • Time series.
Herfried Kohl
Backmatter
Metadata
Title
Managing SMEs in Times of Rapid Change, Uncertainty, and Disruption
Author
Herfried Kohl
Copyright Year
2024
Electronic ISBN
978-3-031-71272-2
Print ISBN
978-3-031-71271-5
DOI
https://doi.org/10.1007/978-3-031-71272-2

Premium Partner