SlideShare uma empresa Scribd logo

Google–Risk Assessment Tools

Ali-Reza Khaleeli
Ali-Reza Khaleeli
1 de 12
Baixar para ler offline
Risk Assessment Tools April 1, 2015 Ali-Reza Khaleeli ERM 603 Honor Code • I will not lie or cheat in any way on any assignment for this course (including but not limited to the following examples). • My answers to homework, quizzes, and exams will be my own (except for assignments that explicitly permit collaboration). • I will not make solutions to homework, quizzes, or exams available to anyone else. This includes both solutions written by me and official or unofficial solutions. • I will not look up homework or exam answers on the internet. • I will not engage in any other activities that will dishonestly improve my results or dishonestly improve/hurt the results of others
1 Likelihood Scale: Descriptor Definition Descriptor Definition 5 Rating 2 Unlikely Once in 10 years up to once in 20 years 4 Likely Once in 6 months up to once in 5 years 3 <15% chance of occurrence over life of asset or projectRareOnce in 20 years or lessRare1 Unlikely 15% up to 40% chance of occurrence over life of asset or project Annual Frequence Probability 40% up to 70% chance of occurrence over life of asset or projectPossibleOnce in 5 years up to once in 10 yearsPossible 70% up to 90% chance of occurrence over life of asset or project 90% or greater chance of certain occurrence over life of asset or projectAlmost CertainUp to once in 6 months or moreFrequent Likely
2 Impact Scale: Rating Descriptor Definition 5 Extreme • Financial loss of $55 billion or more • Considerable damage to global environment • Unable to conduct daily operations • No security for all employees and third parties, including customers or vendors • Persistent negative international media coverage; enormous loss of market share • Substantial prosecution and fines, litigation including class actions, incarceration of leadership • Significant injuries or fatalities to employees or third parties • Mass exodus of senior leaders, culture forever altered 4 Major • Financial loss of $15 billion up to $55 billion • Considerable damage to local environment • Extremely limited daily operations functioning • Security of all employees and third parties threatened, including customers or vendors • Persistent negative national media coverage; significant loss of market share • Report to regulator requiring major project for corrective action • Hospital care required for employees or third parties • Some senior managers leave, high turnover of experienced staff, not perceived as employer of choice 3 Moderate • Financial loss of $2 billion up to $15 billion • Sufficient damage to local environment • Partial daily operations functioning • Security of all employees and third parties deteriorating, including customers or vendors • Temporary negative national media coverage • Report of breach to regulator with immediate correction to be implemented • Out-patient medical treatment required for employees or third parties • Widespread staff morale problems, high turnover, shift in culture 2 Minor • Financial loss of $600 million up to $2 billion • Slight damage to local environment • Majority of daily operations functioning • Security of all employees and third parties slightly weakened, including customers or vendors • Local reputational damage • Reportable incident to regulator, no follow up • Minor injuries to employees or third parties • General staff morale problems and increase in turnover, culture questioned 1 Incidental • Financial loss up to $600 million • Next to no damage to local environment • All, but 1 or 2, daily operations functioning • No breach of security of all employees and third parties, including customers or vendors • Local media attention quickly alleviated • Not reportable to regulator • No injuries to employees or third parties • Isolated staff dissatisfaction, culture intact
3 Vulnerability Scale: Speed of Onset Scale: Rating Descriptor Definition 5 Very High • Extreme rate of change in industry • No ability to anticipate events • No ability to withstand event • No scenario planning performed • No internal control capabilities to address risks • No responses implemented • No contingency or crisis management plans in place 4 High • High rate of change in industry • Little ability to anticipate events • Little ability to withstand event • Limited scenario planning for key strategic risks performed • Low internal control capabilities to address risks • Partial responses implemented or not achieving control objectives • Some contingency or crisis management plans in place 3 Medium • Modest rate of change in industry • Selected ability to anticipate events • Selected ability to withstand event • Stress testing and sensitivity analysis of scenarios performed • Medium internal control capabilities to address risks • Majority of responses implemented and achieving objectives most of the time • Certain contingency and crisis management plans in place, limited rehearsals 2 Low • Low rate of change in industry • Strong ability to anticipate events • Strong ability to withstand event • Strategic options defined • Medium to high internal control capabilities to address risks • All responses implemented and achieving objectives except under extreme conditions • All contingency and crisis management plans in place, some rehearsals 1 Very Low • Almost no rate of change in industry • Can anticipate events • Can fully withstand event • Real options deployed to maximize strategic flexibility • High internal control capabilities to address risks • Redundant response mechanisms in place and regularly tested for critical risks • All contingency and crisis management plans in place and rehearsed regularly Rating Descriptor Definition Very rapid onset, with little to no warning, instantaneousVery High5 Onset occurs between 1-6 monthsMedium3 Onset occurs within the first week to a monthHigh4 Very slow onset, occurs over a year or moreVery Low1 Onset occurs between 6-12 monthsLow2
4 Risk Ratings L = Likelihood I = Impact V = Vulnerability S = Speed of onset ID Risk L I V S 1 Competition 3.3 4.3 3.5 3 2 Investment 2.5 3.5 3.7 3 3 Adoption 4 4.5 4.3 5 4 Advertisement 3.5 4.8 4.5 5 5 Operating Margin 3.9 4.5 4.3 3 6 Regulatory 2.8 3.4 3.1 2 7 Proceedings 4.4 2 3.7 4 8 Acquisitions and Investments 4.5 4 3.5 2 9 Brand 1.2 4.8 4.5 5 10 U.S. and Foreign Laws 4.9 3.3 3.6 3 11 Intellectual Property Claims 4.3 3.2 4 3 12 Intellectual Property Rights 3.9 4.1 3.8 4 13 Online Services and Content 4.1 3.2 4.3 3 14 Technology Privacy 4 4.8 4.6 5 15 Manufacturing and Supply Chain 3.9 4 4.5 4 16 Security 4.8 4.8 4.6 5 17 Search Quality 3.4 3.4 2.2 3 18 Interruption or Failure of Systems 4.6 4.7 4.3 5 19 International Operations 4.1 4.1 4.1 4 20 Operating Results 4 3.8 4.7 2 21 Business Strategy Execution 2.5 4.5 2.9 2 22 Personnel 2.5 4.4 2.8 3 23 Internet Access Block 1.5 3.5 4.6 4 24 Ad Block 4.1 3.2 4.6 2 25 Investment Portfolio Value 4 4.8 3.3 4 26 Tax Liabilities 3.8 3.2 3.1 3 27 Stock Trading Price 4.2 3.8 4.1 4 28 Stock Ownership Concentration 2.8 3.3 4.3 4 29 Documents and Law Provisions 1.5 2.8 4.1 1
5 Risk Map
6 Risk Rating Risk Rating 4 Advertisement 4.8 3 Adoption 5 9 Brand 4.8 4 Advertisement 5 14 Technology Privacy 4.8 9 Brand 5 16 Security 4.8 14 Technology Privacy 5 25 Investment Portfolio Value 4.8 16 Security 5 18 Interruption or Failure of Systems 4.7 18 Interruption or Failure of Systems 5 3 Adoption 4.5 7 Proceedings 4 5 Operating Margin 4.5 12 Intellectual Property Rights 4 21 Business Strategy Execution 4.5 15 Manufacturing and Supply Chain 4 22 Personnel 4.4 19 International Operations 4 1 Competition 4.3 23 Internet Access Block 4 12 Intellectual Property Rights 4.1 25 Investment Portfolio Value 4 19 International Operations 4.1 27 Stock Trading Price 4 8 Acquisitions and Investments 4 28 Stock Ownership Concentration 4 15 Manufacturing and Supply Chain 4 1 Competition 3 20 Operating Results 3.8 2 Investment 3 27 Stock Trading Price 3.8 5 Operating Margin 3 2 Investment 3.5 10 U.S. and Foreign Laws 3 23 Internet Access Block 3.5 11 Intellectual Property Claims 3 6 Regulatory 3.4 13 Online Services and Content 3 17 Search Quality 3.4 17 Search Quality 3 10 U.S. and Foreign Laws 3.3 22 Personnel 3 28 Stock Ownership Concentration 3.3 26 Tax Liabilities 3 11 Intellectual Property Claims 3.2 6 Regulatory 2 13 Online Services and Content 3.2 8 Acquisitions and Investments 2 24 Ad Block 3.2 20 Operating Results 2 26 Tax Liabilities 3.2 21 Business Strategy Execution 2 29 Documents and Law Provisions 2.8 24 Ad Block 2 7 Proceedings 2 29 Documents and Law Provisions 1 Risk Impact Risk Speed of Onset Ranking Risks by Impact and Speed of Onset, individually:
7 Risk Correlations By seeing these correlations, we are able to better understand the risks and risk portfolio. In addition, performing this interaction map allows us to move away from silos and begin to see and practice enterprise risk management as a collaboration of the company as a whole. This allows us to understand how the different risks relate and how some can be managed together. A next step that could be taken, but would need more information is using historical data to determine which other risks might correlate as well as whether or not the risks that correlate have been properly managed before or if these are new risks. Risks Competition Investment Adoption Advertisement OperatingMargin Regulatory Proceedings AcquisitionsandInvestments Brand U.S.andForeignLaws IntellectualPropertyClaims IntellectualPropertyRights OnlineServicesandContent TechnologyPrivacy ManufacturingandSupply Chains Security SearchQuality InterruptionorFailureof Systems InternationalOperations OperatingResults BusinessStrategyExecution Personnel InternetAccessBlock AdBlock InvestmentPortfolioValue TaxLiabilities StockTradingPrice StockOwnership Concentration DocumentsandLaw Provisions Competition x x x x x x x x x x Investment x x x x x x x x x x x x x x x Adoption x x x x x x x x x x x x x Advertisement x x x x x x x x Operating Margin x x x x x x x x x x x x Regulatory x x x x x x Proceedings x x x x x x x x Acquisitionsand Investments x x x x x x x x x x x x Brand x x x x x x x x x x x x x x x x x x U.S. and Foreign Law s x x x x x x x x Intellectual Property Claims x x x x x x x x x x x x x Intellectual Property Rights x x x x x x x x x x x x x x x x x Online Servicesand Content x x x x x x x x x x x x x x x x Technology Privacy x x x x x x x x x x x x x x Manufacturing and Supply Chains x x x x x x x x Security x x x x x x x x x x x x x x x x Search Quality x x x x x x x x x x x Interruption or Failure of Systems x x x x x x x x International Operations x x x x x x x x x x x x x x x x x x x Operating Results x x x x x x x x x x x x x x BusinessStrategy Execution x x Personnel x x x x x x x x x Internet AccessBlock x x x x x x x x x x x x Ad Block x x x x x x x Investment Portfolio Value x x x x x x Tax Liabilities Stock Trading Price x x x x x x x x x x x Stock Ow nership Concentration x x Documentsand Law Provisions
8 MARCI Chart T The MARCI chart allows us to prioritize risks based in risk response. In other words, the MARCI chart allows us to prioritize the risks based on what needs to be done in order to manage each risk. Velocity and “Clockspeed” Although speed and velocity are synonyms in general terms, when defining them in the context of risk management, they mean different things. Velocity is “the time it takes for a risk event to manifest itself, or in other words, the time that elapses between the occurrence of an event and the point at which the company feels its effects” (Curtis and Carey, 7). A risk with high velocity is one that manifests itself immediately, while a risk with slow velocity is a risk that manifests itself very slowly. On the contrary, clockspeed is defined by Marks as the information needed in order to manage risks. In this case, a slow clockspeed risk is one that “is managed over a lengthy period of maturation and is managed effectively through traditional control mechanisms” (Horwath, 26), while a fast clockspeed risk is one where unexpected events occurs that require a fast response and may require a different approach that it would if it was a slow clockspeed. Although similar, velocity is the speed of the event, while clockspeed incorporates both velocity as well as the type of response needed in order to manage the event.
9 Quantitative Approaches Google has proactively identified the potential risk that this particular trend is creating, and now faces the challenge of taking a deeper dive into the most effective way to assess this risk. The document, Risk Assessment in Practice, suggests a number of quantitative measures that companies should use in their risk assessments, to include: benchmarking, scenario analysis, deterministic models, and probabilistic models. Taking into consideration that Google is generally aware of the likelihood and impact of this risk, they must focus on assessing the velocity of the risk, in order to develop a decision and action plan in managing this trend. Using a risk interaction map to first link correlation, a bow tie diagram can then further be developed using quantifiable data to illustrate the end events or losses stemming from the consequences associated with the risk. Data used to assess the trend and velocity of this risk is an extremely important factor, and should be derived from both the internal and external environment. Competitor and industry trends data is crucial to assessing the real risk impact and the sensitivity of timing. Analysis of both past and current relationships and partnerships with manufacturers and distributors can provide good insight into the company’s current market share and future financial health. All of the pertinent data used needs to then be modeled to look at the consequential impact on a range of different factors, such as share price, research and development funding, marketing budgets, and others. Risk Tolerance and Appetite Statements 1 Risk Tolerance Statement: The Company is willing to assume no more than a 10% loss to profit margin, but will not accept more than a 5% loss to market share in conjunction with net sales. In developing this statement, we considered the overall mission and strategic objectives of the company, how it can be implemented throughout the whole organization, and the risk capacity concerning its financial health. In this example, because the risk appetite is moderately high, the risk tolerance had to reflect a compromise of boundaries concerning the company’s financial well-being. This is why the company is willing to assume a higher tolerance on loss of profit, so long as the company continues to deliver on its net sales and not significantly deviate from their current market share. Risk Appetite Statement: The Company operates within a moderately high-risk appetite in relation to the declining trend of personal computer usage amongst the general population. The company assumes this appetite with the intent to excel within the highly competitive environment, and strives to continue to be the “first in market” leader, holding majority market share of the industry’s technology, products, and systems. Operating a moderately high appetite will increase our competitiveness in research and development, and cultivation of business agreements with top manufacturers and distributors. In developing this statement, we considered the overall mission and strategic objectives of the company, the boundaries of acceptable risk tolerance, the effect on the company’s risk profile, its applicability to decision making and action implementation, the company’s risk attitudes, and its relevance towards this specific risk. The company has to assume a moderately high-risk attitude because of the fast paced nature of their industry, as well as the macro environment. For Google, high-risk endeavors, specifically in the field of research and development, have the ability to turn into highly profitable opportunities.
10 Risk Appetite and Tolerance Statements 2 Risk Tolerance Statement: The Company is not willing to assume any risk to its reputation, and will therefore enforce a zero tolerance policy to reputation risk. Risk Appetite Statement: The Company operates with a low risk appetite concerning any decisions and activities which may cause any and all damages to Google’s reputation. The company assumes this appetite with the intent to protect the reputation of the brand, its technology, products, and services, affiliates, employees, and value. Reputation is a concerning element that affects all of Google’s individual risks, and is mentioned in most of their listed risk factors under Item 1A. Unlike the previous statements, Google cannot afford to enforce a high-risk appetite, nor allow an exposed risk tolerance. Additionally, because reputation risk correlates to each function of the organization’s goals, it is a highly sensitive risk that can have high magnitude adverse effects. Google should balance risk taking and risk control in a holistic manner, as these two functions should be balanced. This balance will set clear concise objectives and parameters, without limiting the company from pursuing profitable opportunities. Both risk taking and risk controls should be set in accordance to the company’s goals, overall culture, and legal and regulatory mandates.
11 References Curtis, Patchin, and Mark Carey. “Risk Assessment in Practice.” Deloitte & Tuche LLP. Oct 2012. The Committee of Sponsoring Organizations of the Treadway Commission. Rittenberg, Larry, and Frank Martens. “Understanding and Communicating Risk Appetite.” The Committee of Sponsoring Organizations of the Treadway Commission. Jan 2012. Crowe Horwath. “Risk Appetite and Tolerance Guidance Paper.” Institute of Risk Management. United States Securities and Exchange Comission. From 10k. Google Inc. Marks, Norman. "Do You Realize How Fast You Need to Respond to Risk? What Does This Mean?" Sustainable Business Forum. N.p., 16 Mar. 2012.

Recomendados

Caterpillar.Inc case study analysis
Caterpillar.Inc case study analysisCaterpillar.Inc case study analysis
Caterpillar.Inc case study analysisBahria University, Islamabad, Pakistan
 
PwC Presentation
PwC PresentationPwC Presentation
PwC PresentationTonyTNguyen
 
Google Human Resource Management
Google Human Resource Management Google Human Resource Management
Google Human Resource Management DavidMoses2
 
EY Price Point Q3 2022
EY Price Point Q3 2022EY Price Point Q3 2022
EY Price Point Q3 2022EY
 
Value proposition of analytics in P&C insurance
Value proposition of analytics in P&C insuranceValue proposition of analytics in P&C insurance
Value proposition of analytics in P&C insuranceGregg Barrett
 
Swot analysis of google
Swot analysis of googleSwot analysis of google
Swot analysis of googleSanu Satyam
 
Bcg assessment of pathways
Bcg assessment of pathwaysBcg assessment of pathways
Bcg assessment of pathwaysFelipe Sotelo A.
 
Future-proofing SMEs TA vFF.pdf
Future-proofing SMEs TA vFF.pdfFuture-proofing SMEs TA vFF.pdf
Future-proofing SMEs TA vFF.pdfenterpriseresearchcentre
 

Recomendados

Caterpillar.Inc case study analysis
Caterpillar.Inc case study analysisCaterpillar.Inc case study analysis
Caterpillar.Inc case study analysisBahria University, Islamabad, Pakistan
 
PwC Presentation
PwC PresentationPwC Presentation
PwC PresentationTonyTNguyen
 
Google Human Resource Management
Google Human Resource Management Google Human Resource Management
Google Human Resource Management DavidMoses2
 
EY Price Point Q3 2022
EY Price Point Q3 2022EY Price Point Q3 2022
EY Price Point Q3 2022EY
 
Value proposition of analytics in P&C insurance
Value proposition of analytics in P&C insuranceValue proposition of analytics in P&C insurance
Value proposition of analytics in P&C insuranceGregg Barrett
 
Swot analysis of google
Swot analysis of googleSwot analysis of google
Swot analysis of googleSanu Satyam
 
Bcg assessment of pathways
Bcg assessment of pathwaysBcg assessment of pathways
Bcg assessment of pathwaysFelipe Sotelo A.
 
Future-proofing SMEs TA vFF.pdf
Future-proofing SMEs TA vFF.pdfFuture-proofing SMEs TA vFF.pdf
Future-proofing SMEs TA vFF.pdfenterpriseresearchcentre
 
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...Slideworks
 
Consumer privacy in retail
Consumer privacy in retailConsumer privacy in retail
Consumer privacy in retailDeloitte United States
 
Strategic Management Google Case
Strategic Management Google CaseStrategic Management Google Case
Strategic Management Google Casesupreet jossan
 
A.T. Kearney Consolidation of the US Banking Industry
A.T. Kearney Consolidation of the US Banking IndustryA.T. Kearney Consolidation of the US Banking Industry
A.T. Kearney Consolidation of the US Banking IndustryKearney
 
Strategic management at APPLE Inc.
Strategic management at APPLE Inc.Strategic management at APPLE Inc.
Strategic management at APPLE Inc.raboz
 
Globallogic Ppt
Globallogic PptGloballogic Ppt
Globallogic Pptamanbisht_globallogic
 
Oliver Wyman
Oliver Wyman Oliver Wyman
Oliver Wyman Hospitality Sales and Marketing Association International
 
Netflix competitive landscape
Netflix competitive landscapeNetflix competitive landscape
Netflix competitive landscapedribayles
 
Netflix Valuation
Netflix ValuationNetflix Valuation
Netflix ValuationTricia Kubair
 
PwC’s new Golden Age Index – how well are countries harnessing the power of o...
PwC’s new Golden Age Index – how well are countries harnessing the power of o...PwC’s new Golden Age Index – how well are countries harnessing the power of o...
PwC’s new Golden Age Index – how well are countries harnessing the power of o...PwC
 
EY Price Point: global oil and gas market outlook, Q2 | April 2022
EY Price Point: global oil and gas market outlook, Q2 | April 2022EY Price Point: global oil and gas market outlook, Q2 | April 2022
EY Price Point: global oil and gas market outlook, Q2 | April 2022EY
 
Google android case study
Google android case studyGoogle android case study
Google android case studyToko Bunga Surabaya
 
Fundraising for startups
Fundraising for startupsFundraising for startups
Fundraising for startupsMarcin Zabielski
 
Global Financial Crisis (2007 - 2009)
Global Financial Crisis (2007 - 2009)Global Financial Crisis (2007 - 2009)
Global Financial Crisis (2007 - 2009)Angelica Joyce Zamora
 
Corporate ventures in sweden
Corporate ventures in swedenCorporate ventures in sweden
Corporate ventures in swedenFelipe Sotelo A.
 
Pwc fintech-global-report
Pwc fintech-global-reportPwc fintech-global-report
Pwc fintech-global-reportJose Pereira Cabezuelo
 
M&A Nexus Investor Pitch Deck
M&A Nexus Investor Pitch DeckM&A Nexus Investor Pitch Deck
M&A Nexus Investor Pitch DeckMichael Herlache
 
Building a deeptech thesis
Building a deeptech thesisBuilding a deeptech thesis
Building a deeptech thesisManish Singhal
 
Google Corporate Strategy
Google Corporate StrategyGoogle Corporate Strategy
Google Corporate StrategyVIKAS KUMAR SINHA
 
UBS Green Funding Framework.pdf
UBS Green Funding Framework.pdfUBS Green Funding Framework.pdf
UBS Green Funding Framework.pdfssuser91c953
 
Google Risks Explained
Google Risks ExplainedGoogle Risks Explained
Google Risks ExplainedTai Tran
 
Google Case Study
Google Case StudyGoogle Case Study
Google Case Studyashwin_sharma
 

Mais conteúdo relacionado

Mais procurados

Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...Slideworks
 
Strategic Management Google Case
Strategic Management Google CaseStrategic Management Google Case
Strategic Management Google Casesupreet jossan
 
A.T. Kearney Consolidation of the US Banking Industry
A.T. Kearney Consolidation of the US Banking IndustryA.T. Kearney Consolidation of the US Banking Industry
A.T. Kearney Consolidation of the US Banking IndustryKearney
 
Strategic management at APPLE Inc.
Strategic management at APPLE Inc.Strategic management at APPLE Inc.
Strategic management at APPLE Inc.raboz
 
Netflix competitive landscape
Netflix competitive landscapeNetflix competitive landscape
Netflix competitive landscapedribayles
 
PwC’s new Golden Age Index – how well are countries harnessing the power of o...
PwC’s new Golden Age Index – how well are countries harnessing the power of o...PwC’s new Golden Age Index – how well are countries harnessing the power of o...
PwC’s new Golden Age Index – how well are countries harnessing the power of o...PwC
 
EY Price Point: global oil and gas market outlook, Q2 | April 2022
EY Price Point: global oil and gas market outlook, Q2 | April 2022EY Price Point: global oil and gas market outlook, Q2 | April 2022
EY Price Point: global oil and gas market outlook, Q2 | April 2022EY
 
Global Financial Crisis (2007 - 2009)
Global Financial Crisis (2007 - 2009)Global Financial Crisis (2007 - 2009)
Global Financial Crisis (2007 - 2009)Angelica Joyce Zamora
 
Corporate ventures in sweden
Corporate ventures in swedenCorporate ventures in sweden
Corporate ventures in swedenFelipe Sotelo A.
 
M&A Nexus Investor Pitch Deck
M&A Nexus Investor Pitch DeckM&A Nexus Investor Pitch Deck
M&A Nexus Investor Pitch DeckMichael Herlache
 
Building a deeptech thesis
Building a deeptech thesisBuilding a deeptech thesis
Building a deeptech thesisManish Singhal
 
UBS Green Funding Framework.pdf
UBS Green Funding Framework.pdfUBS Green Funding Framework.pdf
UBS Green Funding Framework.pdfssuser91c953
 

Mais procurados (20)

Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
Business Strategy Presentation Template 2023 - By ex-Mckinsey and BCG consult...
 
Consumer privacy in retail
Consumer privacy in retailConsumer privacy in retail
Consumer privacy in retail
 
Strategic Management Google Case
Strategic Management Google CaseStrategic Management Google Case
Strategic Management Google Case
 
A.T. Kearney Consolidation of the US Banking Industry
A.T. Kearney Consolidation of the US Banking IndustryA.T. Kearney Consolidation of the US Banking Industry
A.T. Kearney Consolidation of the US Banking Industry
 
Strategic management at APPLE Inc.
Strategic management at APPLE Inc.Strategic management at APPLE Inc.
Strategic management at APPLE Inc.
 
Globallogic Ppt
Globallogic PptGloballogic Ppt
Globallogic Ppt
 
Oliver Wyman
Oliver Wyman Oliver Wyman
Oliver Wyman
 
Netflix competitive landscape
Netflix competitive landscapeNetflix competitive landscape
Netflix competitive landscape
 
Netflix Valuation
Netflix ValuationNetflix Valuation
Netflix Valuation
 
PwC’s new Golden Age Index – how well are countries harnessing the power of o...
PwC’s new Golden Age Index – how well are countries harnessing the power of o...PwC’s new Golden Age Index – how well are countries harnessing the power of o...
PwC’s new Golden Age Index – how well are countries harnessing the power of o...
 
EY Price Point: global oil and gas market outlook, Q2 | April 2022
EY Price Point: global oil and gas market outlook, Q2 | April 2022EY Price Point: global oil and gas market outlook, Q2 | April 2022
EY Price Point: global oil and gas market outlook, Q2 | April 2022
 
Google android case study
Google android case studyGoogle android case study
Google android case study
 
Fundraising for startups
Fundraising for startupsFundraising for startups
Fundraising for startups
 
Global Financial Crisis (2007 - 2009)
Global Financial Crisis (2007 - 2009)Global Financial Crisis (2007 - 2009)
Global Financial Crisis (2007 - 2009)
 
Corporate ventures in sweden
Corporate ventures in swedenCorporate ventures in sweden
Corporate ventures in sweden
 
Pwc fintech-global-report
Pwc fintech-global-reportPwc fintech-global-report
Pwc fintech-global-report
 
M&A Nexus Investor Pitch Deck
M&A Nexus Investor Pitch DeckM&A Nexus Investor Pitch Deck
M&A Nexus Investor Pitch Deck
 
Building a deeptech thesis
Building a deeptech thesisBuilding a deeptech thesis
Building a deeptech thesis
 
Google Corporate Strategy
Google Corporate StrategyGoogle Corporate Strategy
Google Corporate Strategy
 
UBS Green Funding Framework.pdf
UBS Green Funding Framework.pdfUBS Green Funding Framework.pdf
UBS Green Funding Framework.pdf
 

Destaque

Google Risks Explained
Google Risks ExplainedGoogle Risks Explained
Google Risks ExplainedTai Tran
 
Case Study Analysis Of Google
Case Study Analysis Of GoogleCase Study Analysis Of Google
Case Study Analysis Of Googleabnguyen28
 
Ed 271 technology assessment 2
Ed 271 technology assessment 2Ed 271 technology assessment 2
Ed 271 technology assessment 2merwinmartin21
 
Session layer ppt
Session layer pptSession layer ppt
Session layer pptmatangi jha
 
Case Analysis - Google
Case Analysis - GoogleCase Analysis - Google
Case Analysis - GoogleLance Shields
 
Corporate Strategy - Case Study - Google
Corporate Strategy - Case Study - GoogleCorporate Strategy - Case Study - Google
Corporate Strategy - Case Study - GoogleV. Castel
 
Google Presentation
Google PresentationGoogle Presentation
Google Presentationguesta599e2
 
Google Strategic Mktg Presentation (2010-2012)
Google Strategic Mktg Presentation (2010-2012)Google Strategic Mktg Presentation (2010-2012)
Google Strategic Mktg Presentation (2010-2012)Mudbrick McFinnigan
 
Presentation on-google
Presentation on-googlePresentation on-google
Presentation on-googleGurjit
 

Destaque (11)

Google Risks Explained
Google Risks ExplainedGoogle Risks Explained
Google Risks Explained
 
Google Case Study
Google Case StudyGoogle Case Study
Google Case Study
 
Case Study Analysis Of Google
Case Study Analysis Of GoogleCase Study Analysis Of Google
Case Study Analysis Of Google
 
Ed 271 technology assessment 2
Ed 271 technology assessment 2Ed 271 technology assessment 2
Ed 271 technology assessment 2
 
Session layer ppt
Session layer pptSession layer ppt
Session layer ppt
 
Case Analysis - Google
Case Analysis - GoogleCase Analysis - Google
Case Analysis - Google
 
Corporate Strategy - Case Study - Google
Corporate Strategy - Case Study - GoogleCorporate Strategy - Case Study - Google
Corporate Strategy - Case Study - Google
 
Google Presentation
Google PresentationGoogle Presentation
Google Presentation
 
Google Strategic Mktg Presentation (2010-2012)
Google Strategic Mktg Presentation (2010-2012)Google Strategic Mktg Presentation (2010-2012)
Google Strategic Mktg Presentation (2010-2012)
 
Presentation on-google
Presentation on-googlePresentation on-google
Presentation on-google
 
Google Ppt
Google PptGoogle Ppt
Google Ppt
 

Semelhante a Google–Risk Assessment Tools

IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop Ersoy AKSOY
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Risk &amp; opportunity analysis
Risk &amp; opportunity analysisRisk &amp; opportunity analysis
Risk &amp; opportunity analysisGhiru Kanesvaran
 
RUNNING HEADER Potential Risk FactorsPotential Risk Factors.docx
RUNNING HEADER Potential Risk FactorsPotential Risk Factors.docxRUNNING HEADER Potential Risk FactorsPotential Risk Factors.docx
RUNNING HEADER Potential Risk FactorsPotential Risk Factors.docxrtodd599
 
world_vision-cva_-_risk_presentation.pptx
world_vision-cva_-_risk_presentation.pptxworld_vision-cva_-_risk_presentation.pptx
world_vision-cva_-_risk_presentation.pptxZainUlAbidinRana1
 
Risk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation SlidesRisk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation SlidesSlideTeam
 
Risk Management Lifecycle Process Powerpoint Presentation Slides
Risk Management Lifecycle Process Powerpoint Presentation SlidesRisk Management Lifecycle Process Powerpoint Presentation Slides
Risk Management Lifecycle Process Powerpoint Presentation SlidesSlideTeam
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption RiskDr Darren O'Connell AGIA
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceSami Benafia
 
Operation management final
Operation management finalOperation management final
Operation management finalGoshi Fujimoto
 
2019 Compliance Testing Plan for RBs (2).pptx
2019 Compliance Testing Plan for RBs (2).pptx2019 Compliance Testing Plan for RBs (2).pptx
2019 Compliance Testing Plan for RBs (2).pptxjosephjohnronquillo
 
Maintaining Credit Quality in Banks and Credit Unions
Maintaining Credit Quality in Banks and Credit UnionsMaintaining Credit Quality in Banks and Credit Unions
Maintaining Credit Quality in Banks and Credit UnionsLibby Bierman
 
Traffic Lights & Threat Levels
Traffic Lights & Threat LevelsTraffic Lights & Threat Levels
Traffic Lights & Threat LevelsMatt Eckman
 
Risk Identification Process Powerpoint Presentation Slides
Risk Identification Process Powerpoint Presentation SlidesRisk Identification Process Powerpoint Presentation Slides
Risk Identification Process Powerpoint Presentation SlidesSlideTeam
 
Risk Management Template.pptx
Risk Management Template.pptxRisk Management Template.pptx
Risk Management Template.pptxBiswaPrateemDas
 
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAIBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAibankuk
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & GovernanceEDR
 
Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09Gaiani (CarnCorpAudit)
 

Semelhante a Google–Risk Assessment Tools (20)

IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
 
Risk &amp; opportunity analysis
Risk &amp; opportunity analysisRisk &amp; opportunity analysis
Risk &amp; opportunity analysis
 
RUNNING HEADER Potential Risk FactorsPotential Risk Factors.docx
RUNNING HEADER Potential Risk FactorsPotential Risk Factors.docxRUNNING HEADER Potential Risk FactorsPotential Risk Factors.docx
RUNNING HEADER Potential Risk FactorsPotential Risk Factors.docx
 
world_vision-cva_-_risk_presentation.pptx
world_vision-cva_-_risk_presentation.pptxworld_vision-cva_-_risk_presentation.pptx
world_vision-cva_-_risk_presentation.pptx
 
Risk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation SlidesRisk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation Slides
 
Risk Management Lifecycle Process Powerpoint Presentation Slides
Risk Management Lifecycle Process Powerpoint Presentation SlidesRisk Management Lifecycle Process Powerpoint Presentation Slides
Risk Management Lifecycle Process Powerpoint Presentation Slides
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk
 
FENG CCAR DFAST BASELIII_real(2)
FENG CCAR DFAST BASELIII_real(2)FENG CCAR DFAST BASELIII_real(2)
FENG CCAR DFAST BASELIII_real(2)
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
 
Operation management final
Operation management finalOperation management final
Operation management final
 
2019 Compliance Testing Plan for RBs (2).pptx
2019 Compliance Testing Plan for RBs (2).pptx2019 Compliance Testing Plan for RBs (2).pptx
2019 Compliance Testing Plan for RBs (2).pptx
 
Maintaining Credit Quality in Banks and Credit Unions
Maintaining Credit Quality in Banks and Credit UnionsMaintaining Credit Quality in Banks and Credit Unions
Maintaining Credit Quality in Banks and Credit Unions
 
It62015 slides
It62015 slidesIt62015 slides
It62015 slides
 
Traffic Lights & Threat Levels
Traffic Lights & Threat LevelsTraffic Lights & Threat Levels
Traffic Lights & Threat Levels
 
Risk Identification Process Powerpoint Presentation Slides
Risk Identification Process Powerpoint Presentation SlidesRisk Identification Process Powerpoint Presentation Slides
Risk Identification Process Powerpoint Presentation Slides
 
Risk Management Template.pptx
Risk Management Template.pptxRisk Management Template.pptx
Risk Management Template.pptx
 
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAIBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
 
Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09
 

Mais de Ali-Reza Khaleeli

Burger King-Marketing Strategy Report
Burger King-Marketing Strategy ReportBurger King-Marketing Strategy Report
Burger King-Marketing Strategy ReportAli-Reza Khaleeli
 
Whirlpool-2014 Annual Report Analysis
Whirlpool-2014 Annual Report AnalysisWhirlpool-2014 Annual Report Analysis
Whirlpool-2014 Annual Report AnalysisAli-Reza Khaleeli
 

Mais de Ali-Reza Khaleeli (6)

Burger King-Marketing Strategy Report
Burger King-Marketing Strategy ReportBurger King-Marketing Strategy Report
Burger King-Marketing Strategy Report
 
Whirlpool-2014 Annual Report Analysis
Whirlpool-2014 Annual Report AnalysisWhirlpool-2014 Annual Report Analysis
Whirlpool-2014 Annual Report Analysis
 
Sales Floor 1954
Sales Floor 1954Sales Floor 1954
Sales Floor 1954
 
Replen 1954
Replen 1954Replen 1954
Replen 1954
 
Opps 1887
Opps 1887Opps 1887
Opps 1887
 
Log 1887
Log 1887Log 1887
Log 1887
 

Google–Risk Assessment Tools

  • 1. Risk Assessment Tools April 1, 2015 Ali-Reza Khaleeli ERM 603 Honor Code • I will not lie or cheat in any way on any assignment for this course (including but not limited to the following examples). • My answers to homework, quizzes, and exams will be my own (except for assignments that explicitly permit collaboration). • I will not make solutions to homework, quizzes, or exams available to anyone else. This includes both solutions written by me and official or unofficial solutions. • I will not look up homework or exam answers on the internet. • I will not engage in any other activities that will dishonestly improve my results or dishonestly improve/hurt the results of others
  • 2. 1 Likelihood Scale: Descriptor Definition Descriptor Definition 5 Rating 2 Unlikely Once in 10 years up to once in 20 years 4 Likely Once in 6 months up to once in 5 years 3 <15% chance of occurrence over life of asset or projectRareOnce in 20 years or lessRare1 Unlikely 15% up to 40% chance of occurrence over life of asset or project Annual Frequence Probability 40% up to 70% chance of occurrence over life of asset or projectPossibleOnce in 5 years up to once in 10 yearsPossible 70% up to 90% chance of occurrence over life of asset or project 90% or greater chance of certain occurrence over life of asset or projectAlmost CertainUp to once in 6 months or moreFrequent Likely
  • 3. 2 Impact Scale: Rating Descriptor Definition 5 Extreme • Financial loss of $55 billion or more • Considerable damage to global environment • Unable to conduct daily operations • No security for all employees and third parties, including customers or vendors • Persistent negative international media coverage; enormous loss of market share • Substantial prosecution and fines, litigation including class actions, incarceration of leadership • Significant injuries or fatalities to employees or third parties • Mass exodus of senior leaders, culture forever altered 4 Major • Financial loss of $15 billion up to $55 billion • Considerable damage to local environment • Extremely limited daily operations functioning • Security of all employees and third parties threatened, including customers or vendors • Persistent negative national media coverage; significant loss of market share • Report to regulator requiring major project for corrective action • Hospital care required for employees or third parties • Some senior managers leave, high turnover of experienced staff, not perceived as employer of choice 3 Moderate • Financial loss of $2 billion up to $15 billion • Sufficient damage to local environment • Partial daily operations functioning • Security of all employees and third parties deteriorating, including customers or vendors • Temporary negative national media coverage • Report of breach to regulator with immediate correction to be implemented • Out-patient medical treatment required for employees or third parties • Widespread staff morale problems, high turnover, shift in culture 2 Minor • Financial loss of $600 million up to $2 billion • Slight damage to local environment • Majority of daily operations functioning • Security of all employees and third parties slightly weakened, including customers or vendors • Local reputational damage • Reportable incident to regulator, no follow up • Minor injuries to employees or third parties • General staff morale problems and increase in turnover, culture questioned 1 Incidental • Financial loss up to $600 million • Next to no damage to local environment • All, but 1 or 2, daily operations functioning • No breach of security of all employees and third parties, including customers or vendors • Local media attention quickly alleviated • Not reportable to regulator • No injuries to employees or third parties • Isolated staff dissatisfaction, culture intact
  • 4. 3 Vulnerability Scale: Speed of Onset Scale: Rating Descriptor Definition 5 Very High • Extreme rate of change in industry • No ability to anticipate events • No ability to withstand event • No scenario planning performed • No internal control capabilities to address risks • No responses implemented • No contingency or crisis management plans in place 4 High • High rate of change in industry • Little ability to anticipate events • Little ability to withstand event • Limited scenario planning for key strategic risks performed • Low internal control capabilities to address risks • Partial responses implemented or not achieving control objectives • Some contingency or crisis management plans in place 3 Medium • Modest rate of change in industry • Selected ability to anticipate events • Selected ability to withstand event • Stress testing and sensitivity analysis of scenarios performed • Medium internal control capabilities to address risks • Majority of responses implemented and achieving objectives most of the time • Certain contingency and crisis management plans in place, limited rehearsals 2 Low • Low rate of change in industry • Strong ability to anticipate events • Strong ability to withstand event • Strategic options defined • Medium to high internal control capabilities to address risks • All responses implemented and achieving objectives except under extreme conditions • All contingency and crisis management plans in place, some rehearsals 1 Very Low • Almost no rate of change in industry • Can anticipate events • Can fully withstand event • Real options deployed to maximize strategic flexibility • High internal control capabilities to address risks • Redundant response mechanisms in place and regularly tested for critical risks • All contingency and crisis management plans in place and rehearsed regularly Rating Descriptor Definition Very rapid onset, with little to no warning, instantaneousVery High5 Onset occurs between 1-6 monthsMedium3 Onset occurs within the first week to a monthHigh4 Very slow onset, occurs over a year or moreVery Low1 Onset occurs between 6-12 monthsLow2
  • 5. 4 Risk Ratings L = Likelihood I = Impact V = Vulnerability S = Speed of onset ID Risk L I V S 1 Competition 3.3 4.3 3.5 3 2 Investment 2.5 3.5 3.7 3 3 Adoption 4 4.5 4.3 5 4 Advertisement 3.5 4.8 4.5 5 5 Operating Margin 3.9 4.5 4.3 3 6 Regulatory 2.8 3.4 3.1 2 7 Proceedings 4.4 2 3.7 4 8 Acquisitions and Investments 4.5 4 3.5 2 9 Brand 1.2 4.8 4.5 5 10 U.S. and Foreign Laws 4.9 3.3 3.6 3 11 Intellectual Property Claims 4.3 3.2 4 3 12 Intellectual Property Rights 3.9 4.1 3.8 4 13 Online Services and Content 4.1 3.2 4.3 3 14 Technology Privacy 4 4.8 4.6 5 15 Manufacturing and Supply Chain 3.9 4 4.5 4 16 Security 4.8 4.8 4.6 5 17 Search Quality 3.4 3.4 2.2 3 18 Interruption or Failure of Systems 4.6 4.7 4.3 5 19 International Operations 4.1 4.1 4.1 4 20 Operating Results 4 3.8 4.7 2 21 Business Strategy Execution 2.5 4.5 2.9 2 22 Personnel 2.5 4.4 2.8 3 23 Internet Access Block 1.5 3.5 4.6 4 24 Ad Block 4.1 3.2 4.6 2 25 Investment Portfolio Value 4 4.8 3.3 4 26 Tax Liabilities 3.8 3.2 3.1 3 27 Stock Trading Price 4.2 3.8 4.1 4 28 Stock Ownership Concentration 2.8 3.3 4.3 4 29 Documents and Law Provisions 1.5 2.8 4.1 1
  • 7. 6 Risk Rating Risk Rating 4 Advertisement 4.8 3 Adoption 5 9 Brand 4.8 4 Advertisement 5 14 Technology Privacy 4.8 9 Brand 5 16 Security 4.8 14 Technology Privacy 5 25 Investment Portfolio Value 4.8 16 Security 5 18 Interruption or Failure of Systems 4.7 18 Interruption or Failure of Systems 5 3 Adoption 4.5 7 Proceedings 4 5 Operating Margin 4.5 12 Intellectual Property Rights 4 21 Business Strategy Execution 4.5 15 Manufacturing and Supply Chain 4 22 Personnel 4.4 19 International Operations 4 1 Competition 4.3 23 Internet Access Block 4 12 Intellectual Property Rights 4.1 25 Investment Portfolio Value 4 19 International Operations 4.1 27 Stock Trading Price 4 8 Acquisitions and Investments 4 28 Stock Ownership Concentration 4 15 Manufacturing and Supply Chain 4 1 Competition 3 20 Operating Results 3.8 2 Investment 3 27 Stock Trading Price 3.8 5 Operating Margin 3 2 Investment 3.5 10 U.S. and Foreign Laws 3 23 Internet Access Block 3.5 11 Intellectual Property Claims 3 6 Regulatory 3.4 13 Online Services and Content 3 17 Search Quality 3.4 17 Search Quality 3 10 U.S. and Foreign Laws 3.3 22 Personnel 3 28 Stock Ownership Concentration 3.3 26 Tax Liabilities 3 11 Intellectual Property Claims 3.2 6 Regulatory 2 13 Online Services and Content 3.2 8 Acquisitions and Investments 2 24 Ad Block 3.2 20 Operating Results 2 26 Tax Liabilities 3.2 21 Business Strategy Execution 2 29 Documents and Law Provisions 2.8 24 Ad Block 2 7 Proceedings 2 29 Documents and Law Provisions 1 Risk Impact Risk Speed of Onset Ranking Risks by Impact and Speed of Onset, individually:
  • 8. 7 Risk Correlations By seeing these correlations, we are able to better understand the risks and risk portfolio. In addition, performing this interaction map allows us to move away from silos and begin to see and practice enterprise risk management as a collaboration of the company as a whole. This allows us to understand how the different risks relate and how some can be managed together. A next step that could be taken, but would need more information is using historical data to determine which other risks might correlate as well as whether or not the risks that correlate have been properly managed before or if these are new risks. Risks Competition Investment Adoption Advertisement OperatingMargin Regulatory Proceedings AcquisitionsandInvestments Brand U.S.andForeignLaws IntellectualPropertyClaims IntellectualPropertyRights OnlineServicesandContent TechnologyPrivacy ManufacturingandSupply Chains Security SearchQuality InterruptionorFailureof Systems InternationalOperations OperatingResults BusinessStrategyExecution Personnel InternetAccessBlock AdBlock InvestmentPortfolioValue TaxLiabilities StockTradingPrice StockOwnership Concentration DocumentsandLaw Provisions Competition x x x x x x x x x x Investment x x x x x x x x x x x x x x x Adoption x x x x x x x x x x x x x Advertisement x x x x x x x x Operating Margin x x x x x x x x x x x x Regulatory x x x x x x Proceedings x x x x x x x x Acquisitionsand Investments x x x x x x x x x x x x Brand x x x x x x x x x x x x x x x x x x U.S. and Foreign Law s x x x x x x x x Intellectual Property Claims x x x x x x x x x x x x x Intellectual Property Rights x x x x x x x x x x x x x x x x x Online Servicesand Content x x x x x x x x x x x x x x x x Technology Privacy x x x x x x x x x x x x x x Manufacturing and Supply Chains x x x x x x x x Security x x x x x x x x x x x x x x x x Search Quality x x x x x x x x x x x Interruption or Failure of Systems x x x x x x x x International Operations x x x x x x x x x x x x x x x x x x x Operating Results x x x x x x x x x x x x x x BusinessStrategy Execution x x Personnel x x x x x x x x x Internet AccessBlock x x x x x x x x x x x x Ad Block x x x x x x x Investment Portfolio Value x x x x x x Tax Liabilities Stock Trading Price x x x x x x x x x x x Stock Ow nership Concentration x x Documentsand Law Provisions
  • 9. 8 MARCI Chart T The MARCI chart allows us to prioritize risks based in risk response. In other words, the MARCI chart allows us to prioritize the risks based on what needs to be done in order to manage each risk. Velocity and “Clockspeed” Although speed and velocity are synonyms in general terms, when defining them in the context of risk management, they mean different things. Velocity is “the time it takes for a risk event to manifest itself, or in other words, the time that elapses between the occurrence of an event and the point at which the company feels its effects” (Curtis and Carey, 7). A risk with high velocity is one that manifests itself immediately, while a risk with slow velocity is a risk that manifests itself very slowly. On the contrary, clockspeed is defined by Marks as the information needed in order to manage risks. In this case, a slow clockspeed risk is one that “is managed over a lengthy period of maturation and is managed effectively through traditional control mechanisms” (Horwath, 26), while a fast clockspeed risk is one where unexpected events occurs that require a fast response and may require a different approach that it would if it was a slow clockspeed. Although similar, velocity is the speed of the event, while clockspeed incorporates both velocity as well as the type of response needed in order to manage the event.
  • 10. 9 Quantitative Approaches Google has proactively identified the potential risk that this particular trend is creating, and now faces the challenge of taking a deeper dive into the most effective way to assess this risk. The document, Risk Assessment in Practice, suggests a number of quantitative measures that companies should use in their risk assessments, to include: benchmarking, scenario analysis, deterministic models, and probabilistic models. Taking into consideration that Google is generally aware of the likelihood and impact of this risk, they must focus on assessing the velocity of the risk, in order to develop a decision and action plan in managing this trend. Using a risk interaction map to first link correlation, a bow tie diagram can then further be developed using quantifiable data to illustrate the end events or losses stemming from the consequences associated with the risk. Data used to assess the trend and velocity of this risk is an extremely important factor, and should be derived from both the internal and external environment. Competitor and industry trends data is crucial to assessing the real risk impact and the sensitivity of timing. Analysis of both past and current relationships and partnerships with manufacturers and distributors can provide good insight into the company’s current market share and future financial health. All of the pertinent data used needs to then be modeled to look at the consequential impact on a range of different factors, such as share price, research and development funding, marketing budgets, and others. Risk Tolerance and Appetite Statements 1 Risk Tolerance Statement: The Company is willing to assume no more than a 10% loss to profit margin, but will not accept more than a 5% loss to market share in conjunction with net sales. In developing this statement, we considered the overall mission and strategic objectives of the company, how it can be implemented throughout the whole organization, and the risk capacity concerning its financial health. In this example, because the risk appetite is moderately high, the risk tolerance had to reflect a compromise of boundaries concerning the company’s financial well-being. This is why the company is willing to assume a higher tolerance on loss of profit, so long as the company continues to deliver on its net sales and not significantly deviate from their current market share. Risk Appetite Statement: The Company operates within a moderately high-risk appetite in relation to the declining trend of personal computer usage amongst the general population. The company assumes this appetite with the intent to excel within the highly competitive environment, and strives to continue to be the “first in market” leader, holding majority market share of the industry’s technology, products, and systems. Operating a moderately high appetite will increase our competitiveness in research and development, and cultivation of business agreements with top manufacturers and distributors. In developing this statement, we considered the overall mission and strategic objectives of the company, the boundaries of acceptable risk tolerance, the effect on the company’s risk profile, its applicability to decision making and action implementation, the company’s risk attitudes, and its relevance towards this specific risk. The company has to assume a moderately high-risk attitude because of the fast paced nature of their industry, as well as the macro environment. For Google, high-risk endeavors, specifically in the field of research and development, have the ability to turn into highly profitable opportunities.
  • 11. 10 Risk Appetite and Tolerance Statements 2 Risk Tolerance Statement: The Company is not willing to assume any risk to its reputation, and will therefore enforce a zero tolerance policy to reputation risk. Risk Appetite Statement: The Company operates with a low risk appetite concerning any decisions and activities which may cause any and all damages to Google’s reputation. The company assumes this appetite with the intent to protect the reputation of the brand, its technology, products, and services, affiliates, employees, and value. Reputation is a concerning element that affects all of Google’s individual risks, and is mentioned in most of their listed risk factors under Item 1A. Unlike the previous statements, Google cannot afford to enforce a high-risk appetite, nor allow an exposed risk tolerance. Additionally, because reputation risk correlates to each function of the organization’s goals, it is a highly sensitive risk that can have high magnitude adverse effects. Google should balance risk taking and risk control in a holistic manner, as these two functions should be balanced. This balance will set clear concise objectives and parameters, without limiting the company from pursuing profitable opportunities. Both risk taking and risk controls should be set in accordance to the company’s goals, overall culture, and legal and regulatory mandates.
  • 12. 11 References Curtis, Patchin, and Mark Carey. “Risk Assessment in Practice.” Deloitte & Tuche LLP. Oct 2012. The Committee of Sponsoring Organizations of the Treadway Commission. Rittenberg, Larry, and Frank Martens. “Understanding and Communicating Risk Appetite.” The Committee of Sponsoring Organizations of the Treadway Commission. Jan 2012. Crowe Horwath. “Risk Appetite and Tolerance Guidance Paper.” Institute of Risk Management. United States Securities and Exchange Comission. From 10k. Google Inc. Marks, Norman. "Do You Realize How Fast You Need to Respond to Risk? What Does This Mean?" Sustainable Business Forum. N.p., 16 Mar. 2012.