Risk Management Exam Q2

2) (a)

Raz Dutta contends that the allocation of resources on risk assessment by thinking that risks are static majorly and are rarely realized. This kind of view is misleading because it belittles the dynamic nature of the business environment and overflows the amount of stability that is perceived to be present in the face of potential and actual changes. This stand can create major risks that can impact the organization. It is worth noting that risks are not static; they change with the internal and external factors manipulating the organizational sphere. Not considering the dynamic nature of risks can result in old and new threats having archaic and incompetent responses. Constant occurrence of risk assessments helps the entities stay ahead of possible threats and fight them better.

Risks are inherently dynamic due to several factors. First of all, technological innovation is so rapid that it can render existing products or services obsolete thus creating huge risks for organizations that are left behind. Kodak is an example of a company that did not embrace digital photography, to which its eventual demise can be attributed, demonstrating how technological risks can dramatically affect business models. Secondly, regulation changes can bring in new risks or alter the old ones. A case in point is the General Data Protection Regulation (GDPR) adopted in the European Union, which has greatly changed the way companies around the world deal with personal data and has introduced risks in terms of compliance and data management. Moreover, the 2008 financial crisis represented how just in a moment the economic conditions could change having an effect worldwide on industries. Companies that evaluated on a regular basis the risk associated with their financial market exposure could react faster than those that did not. Events such as Brexit or trade wars bring in uncertainties, which can influence market entry, taxes, and currencies, thus affecting international supply chains and the financial markets. Since political events are unpredictable risk assessments are required on a regular basis. On top of that, internal changes are usually experienced in the strategy, structure, processes, or technology of organizations. Every change will probably lead to new risks or modification of existing ones. For example, introducing a new IT system will result in enhanced operational effectiveness but will also establish a new set of cybersecurity threats. Regular risk assessments will aid in identifying and addressing such problems on time.

In addition, there are several academic theories supporting dynamic risk assessment. Firstly, complexity theory perceives organizations as being part of complex systems where the smallest changes can lead to a large effect. The use of a risk evaluation routine would help to understand such complexities and interrelations that do not necessarily appear to be obvious. Furthermore, the Management Theory by Cyert and March (1963) argues that organizations should continuously adapt to their environment which contains changing preferences, technologies, and competitors. The strategy that frequent risk analysis can play the tool of this theory, as it enables organizations to be ready to act in response to environmental changes before they turn into issues. Besides, the high-reliability theory is a concept that is used in industries like nuclear operations or air traffic control, which states that organizations should always be alert and ready to deal with unanticipated incidents. It puts an accent on risk assessment as a part of disaster prevention.

Raz Dutta's stand point concerning risk management, which sees strategic risk reviews as no longer a priority, clearly disregards the point that risk is by its very nature transitory and keeps changing at the pace of an ever-changing world. As explained, real-world examples and academic theories both demonstrated the importance of continuously monitoring and assessing risk. Companies that practice a regular risk assessment more often are able to better deal with unfolding risk and, at the same time, can take advantage of their competitors through their more expedient responses to newly created challenges. It is opined that this proactive approach is beneficial as it does not merely identify possible risks but also takes advantage of new opportunities should there be any changes in the business environment.