Process risk

Last updated June 26, 2023

Process Risk is considered to be a sub-component of operational risk. It exists when the process that supports a business activity lacks both efficiency and effectiveness, which may then lead to financial, customer, and reputational loss. This form of risk may be present within any stage of a business transaction. For instance, an error in pricing may be seen as loss in sales revenue, while a disruption in the fulfillment process may cause financial losses in terms of production quality and customer relationships.^[1] The majority of operational risk events occur due to losses from ineffective processing of business transactions or process management, and from inadequate relations with trade counter parties and vendors.^[2]

Definition

Process risk is a loss in revenue as a result of ineffective and/or inefficient processes. Ineffective processes hamper the achievement of the organization's objectives, whereas the processes that are inefficient, may be successful in achieving objectives, yet fail to consider high costs incurred.^[1]

Forms

In fulfillment

The process risk in fulfillment is negatively related to the supply chain performance.^[3] That means a fulfillment problem may cause a loss of customers to the company. For example, a company that lacks sound manufacturing processes may not efficiently fulfill customer orders which may undermine the performance of the business. Any disruptions in the production process should be treated as a threat to the company's relationship with current and potential customers. Thus, an increase in process risk is associated with a decrease in the supply chain performance.

In documentations

The risk of loss due to erroneous documentation processes is especially common within the banking industry. For instance, banks generate a mass amount of documentations. Any informational error or inaccurate input of data within the documents may overall weaken the effectiveness of financial contracts, and this form of risk may also overlap other risk, such as legal risk.^[4]

Mitigation

It is difficult to eliminate all process risk due to the high dependency on complex environments and the high input of human resources. Certain business practices applied to its processes, such as standardization, is an example of how to minimize operational risk. Furthermore, information systems aid in gathering information about process risk events.

Event logs is one approach to mitigate process risk. The use of events logs can help risk managers oversee and evaluate a consolidated database with all associated process risk. This approach does not completely eliminate process risk, yet it is a tool for the evaluation of the overall risk exposure so that the company may be able track and manage the risk linked to the overall business processes.^[5]

Another possible approach would be to implement a collaborative approach within the operational processes of a business. In other words, the process risk in the supply chain may be mitigated through collaboration. For example, the use of this approach is said to help establish a strong communication channel throughout the supply chain. The objective is to reduce process risk by directly working with suppliers. The desired outcome would be to improve quality and communication between all parties involved in the supply chain, which then reduces the risk of losing customers.^[3]

In addition, the establishment of a measurement framework may be used to improve the management of process risk. The framework should function as the means to identify and control process risk. These measures include, and are not limited to, adding internal processing controls on all business transactions, and increasing training and development to improve quality control.^[1]

Related Research Articles

Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.

In commerce, supply chain management (SCM) deals with a system of procurement, operations management, logistics and marketing channels so that the raw materials can be converted into a finished product and delivered to the end customer. A more narrow definition of the supply chain management is the "design, planning, execution, control, and monitoring of supply chain activities with the objective of creating net value, building a competitive infrastructure, leveraging worldwide logistics, synchronising supply with demand and measuring performance globally".This can include the movement and storage of raw materials, work-in-process inventory, finished goods, and end to end order fulfilment from the point of origin to the point of consumption. Interconnected, interrelated or interlinked networks, channels and node businesses combine in the provision of products and services required by end customers in a supply chain.

The ISO 9000 family is a set of five quality management systems (QMS) standards that help organizations ensure they meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9000 deals with the fundamentals of QMS, including the seven quality management principles that underlie the family of standards. ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfill. ISO 9002 is a model for quality assurance in production and installation. ISO 9003 for quality assurance in final inspection and test. ISO 9004 gives guidance on achieving sustained organizational success.

ISO 14000 is a family of ‘standards’ - the standard (14001) + guidelines - related to environmental management that exists to help organizations (a) minimize how their operations negatively affect the environment ; (b) comply with applicable laws, regulations, and other environmentally oriented requirements; and (c) continually improve in the above.

Business performance management (BPM), also known as corporate performance management (CPM) enterprise performance management (EPM), organizational performance management, or simply performance management are a set of management and analytic processes that ensure activities and outputs meet an organization's goals in an effective and efficient manner. Business performance management is contained within approaches to business process management.

A performance indicator or key performance indicator (KPI) is a type of performance measurement. KPIs evaluate the success of an organization or of a particular activity in which it engages. KPIs provide a focus for strategic and operational improvement, create an analytical basis for decision making and help focus attention on what matters most.

Strategic sourcing is the process of developing channels of supply at the lowest total cost, not just the lowest purchase price. It expands upon traditional organisational purchasing activities to embrace all activities within the procurement cycle, from specification to receipt, payment for goods and services to sourcing production lines where the labor market would increase firms' ROI. Strategic sourcing processes aim for continuous improvement and re-evaluation of the purchasing activities of an organisation.

<span class="mw-page-title-main">Financial risk</span> Any of various types of risk associated with financing

Financial risk is any of various types of risk associated with financing, including financial transactions that include company loans in risk of default. Often it is understood to include only downside risk, meaning the potential for financial loss and uncertainty about its extent.

Supplier relationship management (SRM) is the systematic, enterprise-wide assessment of suppliers’ strengths, performance and capabilities with respect to overall business strategy, determination of what activities to engage in with different suppliers, and planning and execution of all interactions with suppliers, in a coordinated fashion across the relationship life cycle, to maximize the value realized through those interactions. The focus of SRM is to develop two-way, mutually beneficial relationships with strategic supply partners to deliver greater levels of innovation and competitive advantage than could be achieved by operating independently or through a traditional, transaction purchasing arrangement. Underpinning disciplines which support effective SRM includes supplier information management, compliance, risk management and performance management.

<span class="mw-page-title-main">Internal audit</span> Independent, objective assurance and consulting activity

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal auditing might achieve this goal by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity.

IATF 16949:2016 is a technical specification aimed at the development of a quality management system which provides for continual improvement, emphasizing defect prevention and the reduction of variation and waste in the automotive industry supply chain and assembly process. It is based on the ISO 9001 standard and the first edition was published in June 1999 as ISO/TS 16949:1999. IATF 16949:2016 replaced ISO/TS 16949 in October 2016.

Supplier evaluation and supplier appraisal are terms used in business and refer to the process of evaluating and approving potential suppliers by quantitative assessment. The aim of the process is to ensure a portfolio of best-in-class suppliers is available for use, thus, it can be an effective tool to select suppliers in the awarding stage of an auction. Supplier evaluation can also be applied to current suppliers in order to measure and monitor their performance for the purposes of ensuring contract compliance, reducing costs, mitigating risk and driving continuous improvement.

Supply chain risk management (SCRM) is "the implementation of strategies to manage both everyday and exceptional risks along the supply chain based on continuous risk assessment with the objective of reducing vulnerability and ensuring continuity".

Supplier risk management (SRM) is an evolving discipline in operations management for manufacturers, retailers, financial services companies and government agencies where an organization is dependent on suppliers to achieve business objectives.

Operational responsiveness is a quality of a business process or supporting IT solution, which indicates its ability to respond to changing conditions and customer interactions as they occur.

Total Security Management (TSM) is the business practice of developing and implementing comprehensive risk management and security practices for a firm’s entire value chain. This business process improvement strategy seeks to create added value for companies by managing security and resilience requirements as core business functions rather than as reactionary expenditures. TSM implementation involves a thorough evaluation of key internal and external stakeholders, distribution channels, and policies and procedures in terms of a firm’s level of preparedness for a variety of disruptive events.

Risk IT Framework, published in 2009 by ISACA, provides an end-to-end, comprehensive view of all risks related to the use of information technology (IT) and a similarly thorough treatment of risk management, from the tone and culture at the top to operational issues. It is the result of a work group composed of industry experts and academics from different nations, from organizations such as Ernst & Young, IBM, PricewaterhouseCoopers, Risk Management Insight, Swiss Life, and KPMG.

IT risk management is the application of risk management methods to information technology in order to manage IT risk, i.e.:

In supply chain management, supply chain collaboration is defined as two or more autonomous firms working jointly to plan and execute supply chain operations. It can deliver substantial benefits and advantages to collaborators. It is known as a cooperative strategy when one or more companies or business units work together to create mutual benefits. There are two main types of supply chain collaboration: vertical collaboration and horizontal collaboration. Vertical collaboration is the collaboration when two or more organizations from different levels or stages in supply chain share their responsibilities, resources, and performance information to serve relatively similar end customers; while horizontal collaboration is an inter-organizational systemrelationship between two or more companies at the same level or stage in the supply chain in order to allow greater ease of work and cooperation towards achieving a common objective.

ISO 22300:2021, Security and resilience – Vocabulary, is an international standard developed by ISO/TC 292 Security and resilience. This document defines terms used in security and resilience standards and includes 360 terms and definitions. This edition was published in the beginning of 2021 and replaces the second edition from 2018.

References

1 2 3 Lam, James (2014-02-10). Enterprise Risk Management. CiteSeerX 10.1.1.137.3001 . doi:10.1002/9781118836477. ISBN 978-1-118-83647-7.
↑ Girling, Philippa (2013-10-02). Operational Risk Management. doi:10.1002/9781118755754. ISBN 978-1-118-75575-4.
1 2 Chen, Jie; Sohal, Amrik S.; Prajogo, Daniel I. (April 2013). "Supply chain operational risk mitigation: a collaborative approach" (PDF). International Journal of Production Research. 51 (7): 2186–2199. doi:10.1080/00207543.2012.727490. ISSN 0020-7543. S2CID 110019482.
↑ The Hong Kong Institute of Bankers (2018-01-16). Bank Asset and Liability Management. doi:10.1002/9781119444497. ISBN 978-1-119-44449-7.
↑ Pika, A.; van der Aalst, W.M.P.; Wynn, M.T.; Fidge, C.J.; ter Hofstede, A.H.M. (July 2016). "Evaluating and predicting overall process risk using event logs" (PDF). Information Sciences. 352–353: 98–120. doi:10.1016/j.ins.2016.03.003. ISSN 0020-0255.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[:1-1] 1 2 3 Lam, James (2014-02-10). Enterprise Risk Management. CiteSeerX 10.1.1.137.3001 . doi:10.1002/9781118836477. ISBN 978-1-118-83647-7.

[2] Girling, Philippa (2013-10-02). Operational Risk Management. doi:10.1002/9781118755754. ISBN 978-1-118-75575-4.

[:0-3] 1 2 Chen, Jie; Sohal, Amrik S.; Prajogo, Daniel I. (April 2013). "Supply chain operational risk mitigation: a collaborative approach" (PDF). International Journal of Production Research. 51 (7): 2186–2199. doi:10.1080/00207543.2012.727490. ISSN 0020-7543. S2CID 110019482.

[4] The Hong Kong Institute of Bankers (2018-01-16). Bank Asset and Liability Management. doi:10.1002/9781119444497. ISBN 978-1-119-44449-7.

[5] Pika, A.; van der Aalst, W.M.P.; Wynn, M.T.; Fidge, C.J.; ter Hofstede, A.H.M. (July 2016). "Evaluating and predicting overall process risk using event logs" (PDF). Information Sciences. 352–353: 98–120. doi:10.1016/j.ins.2016.03.003. ISSN 0020-0255.

[1]

[2]

[3]

[4]

[5]