Concept of Enterprise Risk Management P:1/70
������� ��� ��� �� �
��� �� ��� �� ���
Concept ofEnterprise Risk Management
Concept of Enterprise Risk Management P:2/70
������� ��� ��� �� �
��� �� ��� �� ���Topic
• What is Enterprise Risk Management�
• Conventional ERM-BIA/BCP
• Types and Status of Enterprise Risk
• Idea and Concept of IERM
• Case Study
• Conclusion
Concept of Enterprise Risk Management P:3/70
������� ��� ��� �� �
��� �� ��� �� ���What is Risk�
BS-2599-1:2006Risk:�something that might happen and its effect�s� on the achievement of objectives�
Risk is a concept that denotes the precise probability of specific eventualities. Technically, the notion of risk is independent from the notion of value and, as such, eventualities may have both beneficial and adverse consequences. However, in general usage the convention is to focus only on potential negative impact to some characteristic of value that may arise from a future event.RISK can be defined as “the threat or probability that an action or event will adversely or beneficially affect an organization's ability to achieve its objectives”[1]. In simple terms risk is ‘Uncertainty of Outcome’, either from pursuing a future positive opportunity, or an existing negative threat in trying to achieve a current. From Wikipedia
Concept of Enterprise Risk Management P:4/70
������� ��� ��� �� �
��� �� ��� �� ���What is Management�
http://en.wikipedia.org/wiki/Management
Management in all business and human organization activity is simply the act of getting people together to accomplish desired goals. Management comprises planning, organizing, staffing, leading or directing, and controlling an organization (a group of one or more people or entities) or effort for the purpose of accomplishing a goal. Resourcing encompasses the deployment and manipulation of human resources, financial resources, technological resources, and natural resources.
Management can also refer to the person or people who perform the act(s) of management.
Concept of Enterprise Risk Management P:5/70
������� ��� ��� �� �
��� �� ��� �� ���What is Risk Management�
ISO 31000 Risk management -- Principles and guidelines on implementation" [3], the process of risk management consists of several steps as follows:Establishing the contextEstablishing the context involvesIdentification of risk in a selected domain of interest Planning the remainder of the process.Mapping out the following:
the social scope of risk management the identity and objectives of stakeholders the basis upon which risks will be evaluated, constraints.
Defining a framework for the activity and an agenda for identification. Developing an analysis of risks involved in the process. Mitigation of risks using available technological, human and organizational resources.
OHSAS-18000�ISO-31000� � � � � � � �� � � � � �
Concept of Enterprise Risk Management P:6/70
������� ��� ��� �� �
��� �� ��� �� ���How to Do Risk Assessment�
From the Point of ISO-31000The chosen method of identifying risks may depend on culture, industry practice and compliance. The identification methods are formed by templates or the development of templates for identifying source, problem or event. Common risk identification methods are:Objectives-based risk identification Organizations and project teams have objectives. Any event that may endanger achieving an objective partly or completely is identified as risk.Scenario-based risk identification In scenario analysis different scenarios are created. The scenarios may be the alternative ways to achieve an objective, or an analysis of the interaction of forces in, for example, a market or battle. Any event that triggers an undesired scenario alternative is identified as risk - see Futures Studies for methodology used by Futurists.Taxonomy-based risk identification The taxonomy in taxonomy-based risk identification is a breakdown of possible risk sources. Based on the taxonomy and knowledge of best practices, a questionnaire is compiled. The answers to the questions reveal risks. Taxonomy-based risk identification in software industry can be found in CMU/SEI-93-TR-6. Common-risk checking In several industries lists with known risks are available. Each risk in the list can be checked for application to a particular situation. An example of known risks in the software industry is the Common Vulnerability and Exposures list found at http://cve.mitre.org. Risk charting (risk mapping) This method combines the above approaches by listing Resources at risk, Threats to those resources Modifying Factors which may increase or decrease the risk and Consequences it is wished to avoid. Creating a matrix under these headings enables a variety of approaches. One can begin with resources and consider the threats they are exposed to and the consequences of each. Alternatively one can start with the threats and examine which resources they would affect, or one can begin with the consequences and determine which combination of threats and resources would be involved to bring them about.
Concept of Enterprise Risk Management P:7/70
������� ��� ��� �� �
��� �� ��� �� ���Topic
• What is Enterprise Risk Management�
• Conventional ERM : BIA/BCP– BIA/BCP point
– Financial point
• Types and Status of Enterprise Risk
• Idea and Concept of IERM
• Case Study
Concept of Enterprise Risk Management P:8/70
������� ��� ��� �� �
��� �� ��� �� ���Conventional Enterprise Risk Assessment
Button Up & Inside Out
������ � � � � � � � � �
� � � � � 2008/04/16� �
Concept of Enterprise Risk Management P:9/70
������� ��� ��� �� �
��� �� ��� �� ���Conventional Enterprise Risk Assessment
Drawback & Shortcoming of Bottom-Up Enterprise Risk Assessment
� � � � � Scenario � � � �
� �� � � � � ��
� � � � � � � / � � Business� ! "
#� $ % & � ' ( ) * + , �
=>- . / 0 1 2 3 4 5 6 7 8 3 9� � CEO: ; 6 < = > ? @ �
=> A � B C D � E FC G H I������ � � � � � � � � �
� � � � � 2008/04/16� �
Concept of Enterprise Risk Management P:10/70
������� ��� ��� �� �
��� �� ��� �� ���Conventional Enterprise Risk Assessment
Financial & Stakeholder Point of Enterprise Risk Assessment
� J � J K L
� � M � N O P �� Q R "
� K � L S � S R
� J � J T � � L
U � V W X � �Y
1. Z [ � � �Y#\ ] ^ Z [ _ ` a � � �bc d e fg h i j k l � EFkm n e f m E o p
2. q ; / r s � �Y\ ]^ t � _ � a � � �bc d u � ��kv w � �p
����� � � � �� � ! " � # $ % & '
Concept of Enterprise Risk Management P:11/70
������� ��� ��� �� �
��� �� ��� �� ���Conventional Enterprise Risk Assessment
� � � � �
���������� �� � ������ � � � � � � �� � � � ��
� � � � ! " # $ �% & ' ( ) *
� � � � �� � � � �
+ , - . /0 1 . � 2 �3 4 5 � 6 7 8 9 � � : ; <= > ? 7 /@ A B 0 C�
D E F G /H I , - J ��K( � L M N /O P Q R � 2 ��� � � ! " S T &
# U V W X = > �Y Z �[ & \F G \/\] I \*
����� � � � �� � ! " � # $ % & '
Drawback & Shortcoming of Financial Point Enterprise Risk Assessment
� �� �� �
Chapter 11
� � � �� � �
11-4
��������������������
���������� ���������� ���������� ���������� ����
����� � � ��� � � ������ � � ��� � � ������ � � ��� � � ������ � � ��� � � � ���������������� ����
����� � � ��� � � ������ � � ��� � � ������ � � ��� � � ������ � � ��� � � � ���������������� ����
� � � � � � � � ! " # $ � �%� � � � � � � � ! " # $ � �%� � � � � � � � ! " # $ � �%� � � � � � � � ! " # $ � �% &&&&
�� � ��
Chapter 11
�� � � � �� ��
11-8
��������������������������������
����������������������������������� � ���� � ���� � ���� � �
� ����� � ����� � ����� � ��������� � � � � � � � � � � � � � � � �
� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
� � � � ! " �# $ � � � � ! " �# $ � � � � ! " �# $ � � � � ! " �# $ %%%%
� � & ' � ( ) � � & ' � ( ) � � & ' � ( ) � � & ' � ( ) ****
Concept of Enterprise Risk Management P:12/70
������� ��� ��� �� �
��� �� ��� �� ���Conventional Enterprise Risk AssessmentTo Overcome the Drawback of Conventional Enterprise Risk Assessment
We Need a Point View of Top Down & Outside In�CEO� � �! " � � # $ % & ' ( ) * + , - � . / 0 1 �^ _ 0̀ 1 . �a b � 8 9 O �c d P e N � f
������ � � � � � � � � �
� � � � � 2008/04/16� �
Concept of Enterprise Risk Management P:13/70
������� ��� ��� �� �
��� �� ��� �� ���Topic
• What is Enterprise Risk Management�
• Conventional ERM-BIA/BCP
• Types and Status of Enterprise Risk• Idea and Concept of IERM
• Case Study
Concept of Enterprise Risk Management P:14/70
������� ��� ��� �� �
��� �� ��� �� ���
Financial Risks
Hazard Risks
Strategic Risks
Operational Risks
Enterprise RisksLiability torts, Property damage,
Natural catastrophe
Pricing risk, Asset risk, Currency risk, Liquidity risk
Customer satisfaction, Product failure, Integrity, Reputation risk
Competition, Social trend, Capital availability
Predictive �� � �Preventive �� � �
Types and Status of Enterprise Risk
( ) * +, - / . / 0 1
2 3
4 5 6 7 * +
�8 9 � : ; < = * +
�4 > ?
� � � � (� � � � � )� /� � � � � � �
� � � �
� �
� � Business � � � � � � �� � ! � " # $ % & ' ( ) * �
+ , - � . / � 0 1 � 0 2
3 4 � 5 6 � 7 8 � 9 :
Examples and Definitions
Concept of Enterprise Risk Management P:15/70
������� ��� ��� �� �
��� �� ��� �� ���
Financial Risks
Hazard Risks
Strategic Risks
Operational Risks
Enterprise Risks
������������� � �� � �� � �� � � ( � � �� � �� � �� � � )
� � � � � � � � �� � � � � � � � �� � � � � � � � �� � � � � � � � � � �� � � � � � � � � �� �� � � � � � � � � �� �� � � � � � � � � �� �� � � � � � � � � �
� �� � � � � � � � �� � � � � � � � �� � � � � � � � �� � � � � � �
Types and Status of Enterprise Risk
From the point of Financial Statement
Balance Sheet Income Statement
Shape long term income and cash flow
portfolio /profile
Shape long term cost structure
portfolio /profile
Impact Right hand side of B/S
Impact Left hand side of B/S
Concept of Enterprise Risk Management P:16/70
������� ��� ��� �� �
��� �� ��� �� ���
Financial Risks
Hazard Risks
Strategic Risks
Operational Risks
Enterprise Risks
������������� � �� � �� � �� � � ( � � �� � �� � �� � � )
� � � � � � � � �� � � � � � � � �� � � � � � � � �� � � � � � � � � � �� � � � � � � � � �� �� � � � � � � � � �� �� � � � � � � � � �� �� � � � � � � � � �
� �� � � � � � � � �� � � � � � � � �� � � � � � � � �� � � � � � �
Types and Status of Enterprise Risk
Risk Assessment and Measurement! " � # $! " � # $! " � # $! " � # $ (Type � / Type � Error); < = > < � (underinvestment)7 ? @ A B 8 (overinvestment)
VaR Bond /Credit RatingsFinancial Leverage
Capacity/FlexibilityQuality /Brand
Lead/Down timeOperating Leverage
% & � ' (% & � ' (% & � ' (% & � ' ( (Type � / Type � Error)C D � E (underinvestment)C E � D (overinvestment)
�� � ��� � ��� � ��� � �
��������������������
�� ��
�� ��
P1
P2
!" # !" # !" # !" #
P1.
$% & '$% & '$% & '$% & '
P2.
( )* +( )* +( )* +( )* +
P3.
,- . /,- . /,- . /,- . /
P4.
0 1 % 20 1 % 20 1 % 20 1 % 2
P5.
3 4 56 78 %3 4 56 78 %3 4 56 78 %3 4 56 78 %
P6.
9:9: 9:9:
P7.
;< = >;< = >;< = >;< = >
P8.
?@?@ ?@?@AB" #AB" #AB" #AB" #
L1.
CD E FCD E FCD E FCD E F
L2.
G H )I JKG H )I JKG H )I JKG H )I JK
L3.
G HL MG HL MG HL MG HL M
L4.
N OP Q R*N OP Q R*N OP Q R*N OP Q R*
L5.
ST G R *ST G R *ST G R *ST G R *
L6.
6 7 UV6 7 UV6 7 UV6 7 UV
P3
P4
P5P6
P7P8
L1
L2
L3
L4
L5
L6
Concept of Enterprise Risk Management P:17/70
������� ��� ��� �� �
��� �� ��� �� ���Tools for Strategic Risk Assessment
From the point of Strategy Management
Concept of Enterprise Risk Management P:18/70
������� ��� ��� �� �
��� �� ��� �� ���Tools for Operational Risk Assessment
From the point of enterprise/product life cycle
Concept of Enterprise Risk Management P:19/70
������� ��� ��� �� �
��� �� ��� �� ���Tools for Financial Risk Assessment
Basic Concept of Financial Risk Assessment
Concept of Enterprise Risk Management P:20/70
������� ��� ��� �� �
��� �� ��� �� ���Tools for Hazard Risk Assessment
From the point of Fall Tree Analysis
����������������
��
��
��
��
��
��
����
����
P1
P2
� � � �� � � �� � � �� � � �P1.
WX Y ZWX Y ZWX Y ZWX Y Z
P2.
[ \] ^[ \] ^[ \] ^[ \] ^
P3.
_ `a b_ `a b_ `a b_ `a b
P4.
c d X ec d X ec d X ec d X e
P5.
f g hi jk Xf g hi jk Xf g hi jk Xf g hi jk XP6.
lmlm lmlm
P7.
no p qno p qno p qno p qP8.
rsrs rsrs� � � �� � � �� � � �� � � �
L1.tu v wtu v wtu v wtu v w
L2.x y \z {|x y \z {|x y \z {|x y \z {|
L3.x y} ~x y} ~x y} ~x y} ~
L4.
� �� � �]� �� � �]� �� � �]� �� � �]
L5.
�� x � ]�� x � ]�� x � ]�� x � ]
L6.
i j ��i j ��i j ��i j ��P3
P4
P5P6
P7P8
L1
L2
L3
L4
L5
L6
Concept of Enterprise Risk Management P:21/70
������� ��� ��� �� �
��� �� ��� �� ���Challenges for IERMLack of Integrated Methodology � Each of the four type enterprise risk has own methodology and mutually
exclusive theory back ground, or origin.� ���������Tool, � � � �� � � �
How to prioritize the four heterogeneous enterprise risk�� How to compare different types of risk ? Use which or what kind of
standard or criteria?� � � ���� � � � �� � � � $ �� Different Industry and strategy orientation cause different risk calculation,
comparison, and benchmark base line�� Art for boardroom, ! " # $ % & ' ( ) * + �
Interaction between the four enterprise risk!� , - � � ��* . �/ 0 1 2 34 0 5 6 78 9 : ;
� : < = 8 > ? mutually exclusive !
Concept of Enterprise Risk Management P:22/70
������� ��� ��� �� �
��� �� ��� �� ���Topic
• What is Enterprise Risk Management�
• Conventional ERM-BIA/BCP
• Types and Status of Enterprise Risk
• Idea and Concept of IERM– Lesson Learned from DRAM History
– Concept of Enterprise Risk Management
– IERM Ideas
• Case Study
Concept of Enterprise Risk Management P:23/70
������� ��� ��� �� �
��� �� ��� �� ���
�DRAM � � @��A � �B 8 �C D 4 E �F G
DRAM in standpoint of IERM
Most USDRAMmakersexit
Manymergers
1980 1985 1990 1995 2000
10-7
10-6
10-5
-26% per year
ProfitsLoss
Cost
per
bit
($)
Year
Concept of Enterprise Risk Management P:24/70
������� ��� ��� �� �
��� �� ��� �� ���
������������� �� �� �� � ����� � � � � � � �� � � � � � � �� � � � � � � �� � � � � � � �
��������VS � �� �� �� �•�����5 � � 0.18 � � � � � � � 10 � � �• � � � � � � � 0.15 � � � � � 15 � � � � � � � � !• � ! � 0.11 � � � � " # $ � ! % & 20 � � � � �
��������VS � �� �� �� �• � � � 0.15 � � ' ( ) � �* + 0.18 � � , * - . / 01 . /•0.11 � � � � � ' ( ) � �* + 0.15 � � , * - . / 01 . /• � � � 2 3 4 5 6 7 ' ( 8 ) ) � �* 4 , 6 7 ' ( 9 : 4 ;
� �� �� �� � VS � �� �� �� �• � <= > ? @ AB C A7 D �• ? @ <�E FG H I J 0' ( K 9 : L
���������� �� � � �
� � � ��� � �� � � � � � � �� � � �
�� � � � � � � � � ���� ����
� ! � " �� � � # $ % & ' ( )
������������������??
DRAM in standpoint of IERM
What is the “real” risk of a DRAM companyM� � �� � � � ��� ��� �
�� � � � ���� � � � � � �
Concept of Enterprise Risk Management P:25/70
������� ��� ��� �� �
��� �� ��� �� ���
Lesson Learned From DRAM
Fundamental Concept of IERM
������ � � � � � � �
Concept of Enterprise Risk Management P:26/70
������� ��� ��� �� �
��� �� ��� �� ���Meaning of IERMIERM=Enterprise Management!
�HI J K �L �MN O P Q 3R S P T U V W X Y �Z [ \ ]
�̂ _ ` �a b �c d Me f g e ��7h i � - ���j k �4 l m �n �
f g
�HI ��A � �L ��o p Mq HI K h i n � ���r s _ 79 t u �\
] v w N O t - �P Q
� � = � � C D 4 x �F G�y \ =y �+\ ]�y ��z {
� � * + , - . / 0 1 ( 2 3 ) 4 � 5 6 7 ) 8� + , / 1 0 9 6 7 ) 8 4 : ; < = > ? @ 2 3 4 A �
�\ ] �z { M
� - & B 4 6 C D EF & B 4 G H EI & B 4 � J / K L M & B 4 N O� P Q & R ES T U V W X Y
���A � = min the Risk= f ( Type� Error , Type � Error)Type� Error � Z [ 4 \ � 2 4 ] ^ _ ` a 9 a 4 b c_ � d e V f gType � Error� Z 2 4 \ � [ 4 ] ^ ` a h / 9 a 4 b i cj � 2 3
Concept of Enterprise Risk Management P:27/70
������� ��� ��� �� �
��� �� ��� �� ���Directions for IERM� � � � �
�] �% HI �| } 7HI �~ w � � � � � O � � �� z � � �v � 72 �
� f � z � � ”HI ��”�\ ] v w �IRR�F G z @�� � ~ �� � ����2 � � �� � � � � q “��” visualize�L �M
/ k lm n o p Eq � r s t u
����lv o p w x y zx � o p f g C 4 trade-off I { b g | } z~ 6 �� � � �! � � (for i 8 � � � � � � )
� � � � � � � � � � �� � ! " # � $ % & '( ) * % + , - (. / 0 ( 1 2 3 �4 5 6 7 8 9 : ; )� < = ! " >; � ? @ A B @ C � D E F 'G H F (BCG I J )� K L ! " >; 6 ? @ A � M N F 'O H F 'P Q D R 'K L S T
� U V ! " >U V S T
�Hazard RiskN W �� X YZ �[ \ ] W ^ _ �`depend on a C b c d ! " � e f g
EA
AS
SNI
EA
ROAEA
ANI
ENI
ROE ××=×=×==
Concept of Enterprise Risk Management P:28/70
������� ��� ��� �� �
��� �� ��� �� ���Idea for Implement IERM� � �� � � � �� & @� � � � 3� I � � �HI � � � � � W ¡ ¢ £ (¤ � Strategy Risk)� ¥ ¦ @§ ¨ © � � O � �Operational & Hazard Risk. �/ 0 U V� 9 � z � � �ª � q 9 « � � Risk ¬ @� ® O I j ¯ ° ± Financial Risk(² ³ ´ I /µ ¶ I · ¸ j k ¹ º )»� t ¼ ± � � º ½ HI �~ w � � � � 7� O � � � z �� � 3���v �
Outside-In VS Inside-Out¾ P =¿ À -v w
=Á  à *̄ Ä (M h D E F * M N F ) - (Å Æ v w +Ç Æ v w )=f(È É �Ê Ë Ì Í , � I v " Î , � I Å Ï Ð ¹ Ñ , � Ò /§ ¿ Ó n )-f(Ô Õ Ö × Ø , Ù Ú � � , Û © � � , Ü Ý � � Þ � )
Implement and IntegrateCo-ordinate Top-Down Target & Bottom-Up Operational ProcedureCollaborate Outside-In situation and Inside-Out Goal
Concept of Enterprise Risk Management P:29/70
������� ��� ��� �� �
��� �� ��� �� ���Agenda
• What is Enterprise Risk Management�
• Conventional ERM-BIA/BCP
• Types and Status of Enterprise Risk
• Idea and Concept of IERM
• Case Study– Company Profile and Product
– MEP Industry Retrospect and Prospect
– Solar Cell Industry Retrospect and Prospect
– Strategic Risk Analysis
– Operational Risk Analysis
– Hazard Risk Analysis
Concept of Enterprise Risk Management P:30/70
������� ��� ��� �� �
��� �� ��� �� ���
Standpoint of Strategy Management Outside-In and Inside-Out
Case Study of Strategy Risk Assessment
Outside-InStructure-Conduct-PerformancePorter Competitive Strategy
Inside-OutResource-Based View
������ � � � � � � � �
� � � � � � � � � �
Concept of Enterprise Risk Management P:31/70
������� ��� ��� �� �
��� �� ��� �� ���
Integrate Strategy Risk Assessment���� Outside-In and Inside-Out
Case Study of Strategy Risk Assessment
ß à �á " â ã ä J # .å � �P �ä J # .� � % æ æ
ç è v w é ê �Ó ë �ì �
í� � î ïð ñ ~ { �~ ò ó
ô A �
õ ö ÷ ø ùv w ú�û ñ
È É ü ý
� I : <
� � þ ��� v
� � � � Ò �È É �N �
� u � � �
��� �
� � � � � � � � ÷ ª
Ö × ñ �ð � � � �� � � �
v w ª e �/ � ª " � � Î � u
È É v " Î � u � � � ª �
� � � � ! W � È " Î � u
# � �ª � $ % �& ' ¬ ( )
� � ���
� � �* +
, - 3. õ � � �Ö × Ø
/ 0 1 �� 2
� I 3�Ç Æ � � �ª �
\ ] �4 5
¤ � � � �
��� 6 �
7 8
9 Å ¸ Ç9 Ç ¸ Å: Ñ �ü 8
Concept of Enterprise Risk Management P:32/70
������� ��� ��� �� �
��� �� ��� �� ���Case Study of Strategy Risk Assessment
The Way to Reduce Strategy Risk of this CaseM1.���������� ��( � � =>� � � � )
i j k H l m
+ c n o p q < = r s / t ui j v w x y z {
2. � � �� � � � ��� � ( � � => � � )| � @ A
6 ? @ A | � } ~
6 ? @ A + } ~ �| � � �
Z �@ A � � D R � �N �� f M N F �� � ��
��D R � � � � � D � � � � �! " � �
� � � ! " �� � b 8 9 � � � @ C � i j + � �
n � $ D E H � �� ¡ ¢ �£ ¤ � ¥ ¦ �
§ ¨ + © ª b � >« ¬ E + « E ¬ � � ® ¯
Conversion and Articulation of Different Product��� � ! " # $ �% &
Integrate Strategy Risk Assessment����;< = ª � �> . ? ª : Ñ z @
Concept of Enterprise Risk Management P:33/70
������� ��� ��� �� �
��� �� ��� �� ���
� � � ! " � � # $ Operational Risk1. « @ A B2. Cost Leadership u v w
Case Study of Operational Risk
Concept of Enterprise Risk Management P:34/70
������� ��� ��� �� �
��� �� ��� �� ���
��������
��
��
��
��
��
��
��
��
�����
� � ���
����������������
� �
�� ��
:
�� � � �� ��
---IT�� �� �� �� �� � � � ¡¢ � �£ � � ¤ ¥¦ §
; � � � �� � � �� � � �� � � � ����� �� �� �� � ����@ Operational Risk
Case Study of Operational Risk
� � � � � � � � � � � � � � � � � � � � � � � �
• � � � � ���� � � � � � � �� � � � � � � �
• � � � � � ( � � / � � � � )• �� � � ( � ! " � # � )$% & ' ��( ( ) * + , - # . / ' 0 1 )
Concept of Enterprise Risk Management P:35/70
������� ��� ��� �� �
��� �� ��� �� ���
ProcessInput Output
� �
ProcessInput Output
� �
ProcessInput Output
� �
�� ��
:
�� � � �� ��
---IT
�� �� �� �� �� � � � ¡¢ � �£ � � ¤ ¥¦ §Case Study of Operational Risk
� � � � � � � � �� � � � � � � � �� � � � � � � � �� � � � � � � � �
C « _ @ D E . � ä F G �H (
C I J F G M� � K H LM J N
C t O �J P A � MQ M J
C / � � R ? S' ��( ) * �+ ,
- . / �0 1 2 3 ��45 �� + ,
- 6 7 ��2 3 8 9 : ;
' < * =
- � � �> ? @ A B C D E F G
Concept of Enterprise Risk Management P:36/70
������� ��� ��� �� �
��� �� ��� �� ���
Operational Risk %& '9 § ¨ T U �: Ñ @ Operational Risk
H I J K L M N O H I P Q R S T � U V W Q X YZ S T � U [ \ � U ] ^ _ ` Y
H I J K _ ab
c S T � U [ \ � U ] ^ _ ` : Yd e f g h i @ j Y k ) � EBITal @ j bH I J K maY" n M N o p q r s t u E e f g m` Yq r s t H v g m` wx
H I y z m` {
Case Study of Operational Risk
( ) ��E �| } / . / ~ � wS T F �S T F �� � ) � S T � U
S T � U ` =>H I y z `( ) v � � H I y z � ` {
i � / � ( ) v �� � � � � � � Y�� � � � � � � �
����� � � !" # $ % & ' ( ) * + ,
Concept of Enterprise Risk Management P:37/70
������� ��� ��� �� �
��� �� ��� �� ���
Operational Risk %& 'What is Operational Risk����
A B ® O § ¨ ��M@� P 2 ª �
Type� Error� � � � 4� � � � �� @ � ���� � ¡ ¢P £ ¤ ¥ ¦§ ¨ © ª ��
Type � Error� � � � � � � �� �« ¬ p . � ¡ � �� ¢P £ � � ¦��® Q � �+ , / . / ~ � ¯ ° 2 3
Case Study of Operational Risk
Infrastructure � � � � � � �� � � � � � �� � � � � � �� � � � � � � {
- ERP/MM/MRP- � ± 5 ² �³ ´ µ ¥ ¶
(��9000/16949!)- · B C ¸ ¹ º | » º F G ¼ ½
� � � � � � � � � � � � � �� � � � � � � � � � � � � �� � � � � � � � � � � � � �� � � � � � � � � � � � � � ����
Concept of Enterprise Risk Management P:38/70
������� ��� ��� �� �
��� �� ��� �� ���
Operational Risk Part �Cost Leadership u v w
;� � � V À z : < v w � W �z {
¾ x ¯ ° > ? ¿ À F G Y � �� �� �� �� �� �� �� � Á @  à ¢
1. Ä Å /MO sourcewÆ & Ç È � U �É Ê Ë 52.�É Ê V W 5 Ì . / YÍÎ Ï �; & Ç È � U Ë 5
� U �� Ð Ñ ¢
* Ò . / Ó Ô Õ F Õ F Ö × Ø Ù � �Ú Û Ë Ü x Ý Þ YÜ ß à º á F Î â
Ú Û Ü ß ´ µ ã W
Ú Û Ü ß overhead( ) ã W
Case Study of Operational Risk
� � � � � � / � � � � �
� � � � / � � �� � � � � � �
Concept of Enterprise Risk Management P:39/70
������� ��� ��� �� �
��� �� ��� �� ���
Operational Risk Cost Leadership u v wv w � W �z { M
µ \ � �X Y � ~ � ~ Z [ \ ] ̂ �
4 � _ I X u �̀ B a ~ b c
� u �A � d 2
� u �overhead® O d 2
Case Study of Operational Risk
� ä ( ) v å æ Cost Down ç ° e� � � � � ! " Second Source # $ % & ' ( ) * + , - . / 0 1 2
3 4 5 6 , 78 9 : ; <�= >
3 4 5 ? " �@ A 7B C D E F G H I <
J K L M N O
P Q R S T U V W X
Costmß YM N ��m�� è Yé ê � �ë ì í î �ß � U ï ð � j ß Operational RiskYé ñ ` Hazard Risk�
� � � � �� � � � �� � � � �� � � � � Hazard Risk..
Concept of Enterprise Risk Management P:40/70
������� ��� ��� �� �
��� �� ��� �� ���Case Study of Operation & Hazard Risk
Relationship Between Operational Risk and Hazard Risk Scenario : Safety PK Cost DownIn this case, cost did not buy safety successfully. Y Z [ \ ] ^ : ; + _ ` a b c d e "
� � � � �
• � � � � � � � � � �• � � � � � � (� � � � � � ! " )# � � � �
• $ % & ' ( ) * + , - � . /• 0 1 2 3 � 4 5 6 � � 7 8 9: ; � � �
• < = > ? @ A � B C D � E F• G H I J � K L$ % � M ' ( �
Concept of Enterprise Risk Management P:41/70
������� ��� ��� �� �
��� �� ��� �� ���
Integration and Co-ordinationFrom Outside-In Strategy Risk to Bottom-Up Hazard Risk
ò ó �v ô õ ö T ÷ ø ù h y z aú
'��û W �ü ± ý þ � �Ø Ù Ë É u �� � è ú
' ü ± � �é ü � � � �� �� � Ø Ù Ä � �� è 4 � � � IDMa| �
" º �� U � � ù h T ö T � ÷ ø M N H I y z
' � D û � � y z �� � � û �
' � ( ) � H I y z � S T � U �q r s t � ` �
� � �� ��% & Y � ) � � � � ÷ ø M N � � � � � !
' " �� # $ �Yu Á % �� & : ; ' q Yé ( ) � ë þ * + , - .
' 2 *
' / Ð H 0 � � � è > ö
1 2 P Q � ' q Y � ) 3 � 4 5 õ �Ä �
'i 6 � 7 8 9 ¯ ° < �Y : ; 7 � < ®
' = ; ¯ ) F �Y4 : ; > ¯ ° ? �infrastructure : @ , Y¯ ° A B > C D 0 E' " ' q �cost i � F W 0 G ù @ Y0 E � � H � �� 4 / Ð I J K ¶ �� è b
Conclusion
Concept of Enterprise Risk Management P:42/70
������� ��� ��� �� �
��� �� ��� �� ���
Integration and Co-ordinationFrom Outside-In Strategy Risk to Bottom-Up Hazard Risk
1 2 P Q ' q � � � Y � ) 3 � 4 5 õ �Ä �
' L M H � �� 4 / Ð I J H N K ¶ �ç F Y§ ¨ * O cost downY P ú Q Ra Q YinfrastructureS T U V ¦¡ W X Y Z [ \ ] ^ ab
'm : ; j ß � U Ymcost downY _ 6 7 q r ` a b < Y7 c� d ) � e, f g
M N 0 1 h ³ �� 4 Ä � U i Y � ) Hazard Risk• ÷ ø M N ( Q ç Z � � y z j ` Y¾ Ë k ¼ ½ ~ l m Y n I � M N Ë c: ; o � ç Z y z Y p q µ ¶ r £ : ; s � ¦~ l s � t ` Ë c `
• ¾ u v I w Z Ð < Y I � ¾ x 0 1 I w x y / z { � è 4 | Y } ~ ¼ ½ � / I� û �Î â Y� � 3 � � ï " i buffera/redundantcYË k Õ F � � / �� � trade-off � � y z b
• M õ � ó � 4 0 F � i ¢ � � � ´ w � � � � º w ¦º Q � Á operator � � � ! � � �� � H � �� 4 / Ð I J K ¶ �� è �
M N ê � y z ï ¢ � � 2 �� �
• 4ï � v " µ ¦ � � back up��Ä ] > IT F G ¼ ½ redundant(Bottom-Up f E g h � i j / k l �k m � R n )
Conclusion
Concept of Enterprise Risk Management P:43/70
������� ��� ��� �� �
��� �� ��� �� ���
Integration and Co-ordination of Risk Assessment
� !
�o p � q r
s t u v + � w x y o
z � { | } ~ � �� � v � + � d j
��� � e � � � � � � � [ � � �
� : � / � w � � � � � � � K � �
� � y z
� �� c � � � � ¡
� R n � ¢ £ R n
� � ¤ ¥ � ¦ § � p ¨
© ª « ¬ � ® [ \ ¯ o �° ± ² ³
´ µ
¶ � · �̧ �¹ ¶ } ~ º » ¼ ½
� v y z
� c A � � D E � � �
� �
� � � ¾¿ À } ~ ¡ Á
Â Ã Ä Å e "
� c * 2 � D E � � K
Æ � h Ç � · } ~ { | È �
� É � � � t u �¸ Ê M Ë z � Ì Í
� r µ �` Î Ï Ð Ñ z �
à h Ò Ó � � � Ô Ê Õ � � Ö × � � ¾
Ø Ù J � P Q Ú Û � ¿ À } ~ � a Ë
H I y z
� � CEO� Ü Ý � � o � � z % Ë ¥ 1
2 � � � � ® Þ ß
� c � � � à á � � �
â ã
� � z % o � = ä niche å æ �fit © ª� � � ç � è é
© ª z % å æ ê Õ Ã * ë ì
� í å æ î ï è é �ð ñ î ò � � ó
½ ô ¾õ ö ÷ a �ø Â Ã à á
Ë ù ú Á X 5 W z % û ü 2 * � Â Ã
� ý þ ��3 h Ç d � � ��� �
ù h y z
� �� � � � �y z �
Conclusion
Concept of Enterprise Risk Management P:44/70
������� ��� ��� �� �
��� �� ��� �� ���END Learn Learned
��������������������������������M�������� �� � � � � � � � �� � � � � � �������� �� � � � � � � � �� � � � � � ......
' � � � � ? � � � � µ Y � � � ï � û 3 � � v � � �4 � �� z { � � Á
m £ ¡ Y I � ¢ £ �¤ ë ¥ ¦ ï ¢
' ¢ § M N ï ú ¨ Y � � © O ú ª « c R Y n Á c the biggest fish in the small pond!(� 4 ¬ ¦�� � b u Á ® ¯ H 0 ° 4� )
' Small fish ± ² ³ ´ ¦ ( � � 7 © O niche ú ª « c R ( � µ 4 ¶ · � ¸ ¹ �...)Y º 4P � � * � » aM N Y` � ö ¼ ½ � À b( > ¾ ( � � ¿ À Ä �� Á 3 " ¯ � µ â � Y ½ c 5 ² � � ´ � � © O ¢ Ì Â ú M N )b
� �� �� �� �
' � µ à @ � v Y� � � ( @ ´ niche market & spaceY E � j ß y z ¦� 3 Ä . b' � Å 0 5 ³ , ` ¦ w 5 Ì ��/ Æ � Ì Ç � ï y z b' � ð " û g È ô õ / � ô É � � Ê Ë û g È Yï Z É Ì g È ô õ /� � 7  à b' � � � � � � � � � � � � � � � � � � � � 4P ï ¢
1. �� �= æ ¢ Í Î Ï 4 Ï a¦ Ð Ñ Ï 4 Ï =
2. �� � Ò Ó Ô Õ ¢Á ú � aÁ Ö ¦Á a� ú Á ² Y ½ c M N ` � × � Ø Ù Ú Ò
Û aú ¦T �ç F b
3. �� �â � ¢ ¶ · Á 3 " ¯ ¦ Ü ý É ç F ¦4§ Ý ¦ý þ Þ è �� b â � Y
w ß : . � » �Ð à b