This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Gambling with Risk

15 August 2006

The management of risk is a central component of any organisation’s core strategy. Martin Pickard examines the FM’s contribution to risk management citing examples in the support services sector of strategies that mitigate risk issues - and those that do not

Flip a coin. In all kinds of organisation events and their consequences offer opportunities for benefit (heads) or threats to success (tails). The risk of failure or the chance to succeed must be recognised and managed. FM has a key role to play in that process. Half of new businesses close in their first three years of operation and business failure rates are rising faster than they have for many years with issues like energy prices, costs of compliance and property issues all cited in the top 10 reasons for failure.

Risk management is defined by the Institute of Risk Management as “The process whereby organisations methodically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities”.

True risk management is a holistic business process not confined to issues like cash flow and liquidity but encompassing all corners of the business and aimed at the generation of value rather than the avoidance of failure. This fully conforms with the FMs aim to demonstrate their contribution towards organisational success rather than focus on the cost incurred.

Risk management is about identifying and handling both the upside and downside of all the risks faced by an organisation. The idea is to increase the probability of success and to reduce the chance of failure thus improving the odds of achieving the organisation’s goals, making it less of a gamble. There should be a centrally led risk management strategy which integrates with the planning, culture and operation of the organisation. However, in many organisations risk management has been an occasional exercise which fades into the background in times of success and only gets re-ignited when problems arise. Whatever the organisation does, the smart FM can and should adopt risk management techniques and demonstrate accountability for the risks within their sphere of influence.

In a typical risk management process the key steps are:

1. Consider the organisations objectives and strategy and establish a clear understanding of the environment and other risk drivers involved.

2. Identify the risks and hazards involved considering the nature of the risk and the stakeholders concerned.

3. Analyse and prioritise the risks to establish an understanding of both significance and probability. How likely is it to happen and what impact would it have?

4. Decide on control options. The common handling options to choose from are:

.....Accept minor risks that you are just going to live with.

.....Watch lesser risks with low probability that you will monitor.

.....Avoid serious risks that you can evade or prevent by a different course of action

.....Transfer risks that you can insure against or pass on to another party in some contractual way.

.....Mitigate risks whose impact or probability can be reduced through management action.

5. Create your management plans taking into account the control options identified and obtain the necessary approvals for your actions.

6. Put the plans into action, building them into operational processes and procedures with the necessary training and budget to ensure success.

7. Monitor the operation of the plans through regular management reporting, operational reviews and audit processes.

8. It is critical that a regular review process is implemented to maintain the efficacy of the plan in the light of business or environmental change so that appropriate action can be taken which may include a revisiting of the whole process.

Strategic risks relate to the long term strategic objectives of the organisation and can be driven by issues such as capital availability, regulatory changes, reputation and the physical environment. A sound real estate strategy with due account taken of balance sheet issues and the important topic of location are among the most important facilities issues to be considered here. These are exactly the issues that companies like Land Securities Trillium (LST) are seeking to address with their total property outsourcing offering. Norwich Union entered into a 25 year deal with LST in 2004 for 19 operational properties comprising 111,500sq m. They released £145m of capital finance as well as transferring property risk, achieving cost certainty and development gain opportunities as LST take on the responsibility for the portfolio.

Operational risks are the day to day issues faced by the organisation that include supply chain engagement, workplace productivity, business interruption and the attraction and retention of staff. A well managed business continuity programme will address all of these issues and the FM must play a leading role in its development and implementation.

Following the explosion at Buncefield fuel depot in Hemel Hempstead in December 2005, firefighters were trying to extinguish the fire, local people and businesses had been evacuated and an exclusion zone was imposed. This was theUK’s biggest ever peacetime fire. Epson’s sales and marketing operation was in a nearby building which was partially damaged by the explosion. Continued operation at the site was prohibited and Epson put their Business Continuity Plan into action which included use of a commercial disaster recovery centre in Uxbridge.

Their detailed plan enabled them to assess the situation, contact all staff with details of their working arrangements for the next day and to reassure customers that it would be 'business as usual'. This allowed Epson to offer continuity of service to their customers and to maintain business activities and reputation in the face of an incident that could have been a serious business threat at such a peak sales time.

Compliance risks to be considered include environmental, health, safety, data protection, industry regulation and legislation on things like employment, access and discrimination. Robust management systems that address these matters must be put in place to avoid the penalties that can be incurred through noncompliance and the management time that can be wasted as a result.

In June 2006 OCS Ltd pleaded guilty to five charges of breaching health & safety law, arising from a near-fatal fall from height accident in August 2003. Lloyds TSB, were their clients at time of the accident and had already pleaded guilty to breaching health & safety law for failing to manage them as contractors. OCS were fined £40,000 with £54,190 costs with one count of failing to provide suitable and sufficient training to their employees attracting a fine of £35,000 on its own. Lloyds TSB were fined £8,000 with £12,000 costs after pleading guilty to three charges of breaching health & safety law.

This case is typical in that the damage to reputation and the amount of management time involved over three years vastly exceeds the size of the fine. It also highlights the need to ensure that contractors engaged by any organisation are performing safely and that their performance is being actively monitored.

Knowledge risk is a topic not frequently spoken of in relation to FM. However security of the premises and the data within them, access control, the vetting of staff and the continuity of power are all critical to the protection of an organisations intellectual capital.

In 1994 Slough Estates, together with majoroccupiers including Cellnet and Mars formed an independent Business Watch company to combat crime on the Slough Trading Estate. With the support of the local police and Reliance Security Services Ltd this collaboration has had a dramatic impact since its creation. By sharing information, linking security systems and joint investment in CCTV, patrols and monitoring capabilities the number of burglaries has dropped by over 85 per cent and vehicle breakins have dropped by a staggering 93 per cent.

Financial risks concern the effective management and control of the finances of the organisation and the effects of external economic influences like inflation and interest rates. The eradication of cost uncertainty, the smoothing out of spend profiles and a positive impact on cash flow are all serious contributions to the reduction of risk.

Retail clothing specialist Zara has a fixed price energy contract with utilities provider EdF, linked to guaranteed reductions in energy consumption and emissions delivered by Dalkia. This covers 19 major UK stores and gives Zara predictability and flat-line forecasting by capping utility costs for an initial fixed period of three years. Under the five year energy management contract, Dalkia deliver a guaranteed 5 per cent reduction in energy consumption by eliminating waste and introducing energy efficient devices and technology.

In these and a thousand other ways, smart FMs are addressing the risk equation to the benefit of the organisations they serve. It is important that business leaders are aware of the risks faced by their organisation but also that they should have confidence that the risks are being properly managed. FMs must therefore be aware of all risks which fall into their sphere of responsibility and the impact that might have upon the organisation as a whole. They should put in place appropriate performance indicators to monitor the effectiveness of their risk management plans and control systems enabling appropriate intervention when required. However it is equally important to be reporting regularly to senior management on all risk related activities if we wish to be recognised for our contribution to the organisations we serve.

Print this page | E-mail this page