Essay Question:

Discuss how the ‘Establish the Context’ item of the ISO Risk Management Model
(i.e. external context and internal context) can be used to prevent risk.

Your answer should include possible recommendations for risk prevention.

Word count: 1400 words (Not including references)



Exposure to danger is inevitable in everyday activities. Hazards are present in all contexts and the likelihood of danger occurring is not predictable. This therefore calls for a way in which there can be control of the occurrence of a risk prior to it taking place. It is on this basis that different organizations and the government have put in place risk management policies for security measures (Zayed, S., 2014). Within the risk management, policy is a plan on the specific approaches to deal with a risk. Whether in an organization or a country, strategic management of the risks is an essential part in countering the hazards before they result to serious losses and damages Riscol Consulting Ltd, (2007). In an organization, there are specific procedures to follow for countering the risks as they happen and to prevent them from occurring. The risk management process includes establishing the context, risk assessment, risk identification, risk analysis, risk evaluation, and risk treatment. The success of the risk management process lies largely on how the organization in question implements the process (Barnthouse, L., Munns, W. & Sorensen, M. ,2008) .Before the organization resolves to carry out a risk management procedur; it should consult with the stakeholders so that they can give their views and their feeling about the whole process. Below is detailed information on how the organization should establish the context as a step in the risk management process. (Lazarte,M., & Tranchard,S., 2010)

Establishing the context is the step where the organization clearly sets the outer limits of the coverage of the risk in the organization. The organization therefore has to set limits that the risk management procedure should cover. There are internal and external perimeters of an organization and they are both prime when establishing the context. Internal environment of an organization means the factors that deal with the organization directly especially in management  while the external environment refers to the factors that affect external teams and stakeholders of the organization. The internal and external environment requires that the organization establish the context of the risk each at a time.

Establishing the Internal Context

The internal environment of the organization includes all the factors that directly affect the running of an organization. These factors include the production resources and knowhow within the organization as well as the culture within which the organization operations take place. The organization therefore decides what part of the internal environment should be in direct contact with the risk management procedure (Nieuwenhuizen, C., Rossouw, D. & Badenhorst, J., 2008). In establishing the internal context, the organization should seek to see that the measures put across as strategic plans in risk management do not violate the organization`s goals. According to Power, M. (2004), the chosen strategic plan should also be in line with the internal stakeholders will. The plan must also meet the set standards of operation within the organization. It must also not violate the governing body principles. In observing these standards, the organization comes up with a strategic risk management plan that is most likely to succeed if correctly implemented (Oxelheim, L. & Wihlborg, C., 2008).

Establishing the External Context

Just like the in the establishment of the internal context, the external context requires keen attention to establish. The strategic risk management strategy is put in place in order to decide which part of the external environment will be affected by the measure put in place (Iverson, D.,2013).

The external environment includes the external stakeholders and their view on the selected strategy. According to Cooper, D. (2005), the views of the external stakeholders are important because they are the supporting body second to the managing body of the organization. The   external environment also includes the legal requirements and the trends in the organization management. The organization should therefore decide on which part of the external environment would yield maximum effect on the risk at hand (Bersani, C. 2008).

Establishing the Context In The Process Of Managing Risks

The risk management process involves a procedure too. There should be a well defined scope that the intended undertaking as well as the part that are not within the plan. This defines what areas the process will cover and the organization must strictly adhere to the defined limits. It also clearly states how the process will be conducted and the period of time that it could maximally take as well as the possible risks that may come along with the process. The assessment and evaluation methods for the intended strategy are clearly stipulated. Decisions made after the accomplishment of the risk management process should also appear. In addition to these specifications in the risk management process, there should also be a list of the relevant materials for the process.

Developing the Risk Management Criteria

The organization should develop criteria to determine whether the risk management procedure was put in place in the correct way. This is a way of telling whether the outlined procedure was followed to the latter and in full. The criteria should be the prime considerations before beginning the risk management process so that there can be close monitoring of the process at every step. The criteria must come from an independent body to ensure that it is effective and not biased. Some organizations opt to use legal platforms to get criteria for accessing the strategy. Other organizations choose the regulatory bodies present. Whichever the criteria used they should be standard and yield the same results. The criteria provisions body should be able to tell the results of using the body as well as the approximate time within which the yields are due (Damodaran, A., 2008). It must also outline which risks are major and need quicker response and which ones are minor and can wait. other thing that the criteria show is the mode of response to the risk at hand for instance if the risk can be solved through several activities at once or only one activity at a time. However the organization is only limited to using the criteria that is in line with its provision in the governing rules. There should therefore be keen considerations in choosing the criteria provisions body by considering its credibility (Creelman, J. & Smart, A., 2013).

Possible Recommendations for Risk Prevention

For organizations to prevent the occurrence of risks effectively there are certain measures that the organization should undertake. To begin with, the company should compare their risk management strategies with those of other organizations and in this way, they can easily recognize the reasons for the faulty risk management procedures. Another way in which an organization can reduce the possibility of risks occurring is by hiring the right team of employees for the job (Chapman, R., 2013). Professionals in every field are an assurance of quality job and minimal chances of risks. Hiring under professionals is one of the reasons why risks occur (Venable LLP., 2013).

In conclusion, it is important that organizations develop risk management strategies that will yield maximum outcome. The organizations should follow all the procedures included in the strategic risk management outline for affectivity. Since there are risks that are visible before their actual effects and others that are only noted after they have caused losses, the management of any organization should watch out and curb them. According to Damodaran, A. (2008), organizations and the government should be ready to risk especially in financial matters for high profit realization there should be an observance of the risk management procedures for the smooth running of the business (Iverson, D. 2013).

Did you know that effective analysis of concepts requires professionalism in handling academic research Papers? Do no compromise on your grade choose professional Research writers at