b'THE ART OF RISKCan risk be controlled? The stakes were high in 1986 whenrelationships with clients, and allows companies to expand. NASA launched its Challenger Shuttleonly to watch it explodeIt appears to have worked for Chipotle. In 2018 they ranked 73 seconds into flight. An investigation uncovered seriousthirteenth out of the top 250 chain restaurants with 4.9 billion in shortcomings in NASAs decision-making processes, which leadrevenueup 8.7% from the year prior.to warning signs being overlooked and the shuttles demise.The takeaway from these stories is that wise organizations Chipotle watched its stock drop 20% from the year prior inprepare for the worst. In the construction and utilities industries 2017. It struggled to overcome serious E-coli and Salmonellathe safety of employees takes center focus. Risk management outbreaks that drove away customers from 2015 through 2017.frameworks embody many forms. At the end of the day, any What NASA and Chipotle share are failures in the understandingplan should support regulatory compliance, achieve business and managing of risk. However, if we can forecast the who,objectives, and keep constituents safe. One approach is a what, when, where, and why of risk, then we can establish a planfive-step virtuous cycle designed to merge the science of to lessen the chances of risk getting out of control.risk management (quantitative measures) with the art of it Although often related to an unwanted consequence, risk should(employee situational knowledge).not always be perceived as negative. Being able to effectively manage risks leads to increased profit, establishes good 5 STEPS OF RISK MANAGEMENTCarrying out risk management by way of a stepped process allows us the flexibility to understand changing conditions and manage new uncertainties as they emerge. Managers need a risk road map. There are many actions to accomplish in order to get from A to B to C. If you have 20+ items you need to analyze and account for, the stepped approach focuses attention so that all items are complete at each stage before moving on. The five steps are: Identify, Assess, Evaluate, Manage, and Monitor.1. IDENTIFY POTENTIAL RISKS 2. ASSESS RISK EXPOSUREKnowing where and how to look for exposure is the first step inAssigning value to risks in the form of severity and frequency risk management. Mapping risks means navigating the wholeis the second step of risk management. Consider the electric business system to understand the liabilities. This includesutilities. While the chance of a lineman being severely injured accounting for the competing goals of departments, individuals,on the job is low, the severity of that occurrence is high. On the and external factors, like market conditions, agreements withcontrary, a line technician can expect to encounter unknown job contractors, and reputation among the public, etc. It can feelsite conditions, such as downed tree limbs. A more frequent, overwhelming. To avoid this, we recommend using categoriesbut low severity impact.to narrow the scope. Within the construction industry, Construction Risk Logs or the Human risk: safety hazards leading to worker accidents andRisk Assessment Code (RAC) matrix, are commonly used to injuries, labor shortages, availability of building materials, poorassess risk. The RAC Chart (on page three) ranks hazards from project management low to extremely high. Complete the matrix with the hazard Financial risk: occurs when there is loss in any asset or anlabels to quantify risks. From there, managers will be better increase in material costs equipped to prioritize risk preventative maintenance.Legal risk: poorly written contracts, issues with subcontractors3. EVALUATE RISK TOLERANCEand suppliers Tolerance for risk is influenced by multiple factorsmarket Environmental risk: natural disasters, unknown job conditions, competitors, brand reputation, financial health, and site conditions confidence in employees, to name a few. If a mistake is made, Just recognizing the companys internal and external hazards what is the degree of loss an organization faces? The ratio is not sufficient. Next, the organization needs a reliable risk of performance to loss in terms of what is acceptable to a rating mechanism. company defines their risk tolerance. Some companies transfer'