Cedeno, Koerner, Melo, Vining- 5.3 Group Project- Swissgrid Deliverable 2
docx
keyboard_arrow_up
School
Embry-Riddle Aeronautical University *
*We aren’t endorsed by this school
Course
510
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
6
Uploaded by CaptainIce8722
Module5.3 Group Project – Swissgrid Deliverable 2 Daniela Cedeno, Greer Koerner, Marcel Melo, Thomas Vining
Embry-Riddle Aeronautical University Worldwide
November 20, 2022
Meyer's Risk Management Processes
Meyer's risk management processes at Swissgrid are vital because they are designed to identify and assess risks systematically and then create and implement mitigation plans. Meyer implemented six risk management processes at Swissgrid. The risk management processes were. I.
Establish and formalize the risk management network within the company by appointing risk officers within the business units (Kaplan & Mikes, 2018). They will be the ears, eyes and arms of Risk Management. This process aligned with the ERM process cycle outlined by Segal, where the first process is appointing risk offers for risk identification (Segal, 2011).
Strength: The process ensures proper risk identification, assessment, and reporting to Risk Management. Risk Officers attached to business units can collect accurate information to identify possible risks within the business.
Limitation: All risk officers have core responsibilities in their business units and will prioritize core responsibilities over risk management tasks.
II.
Raise risk culture awareness by introducing risk management goals and responsibilities (i.e., CEO-Level policy) to the supervisory board and company-wide communication on Enterprise Risk Management implementation (Kaplan & Mikes, 2018). According to Segal, creating awareness and communicating the ERM implementation to the entire company ensures easy identification of killer and newly emerging risks, hence easy management of risk (Segal, 2011).
Strength: The risk management goals and responsibilities are widely accepted by all staff. Communicating risk management goals and responsibilities to the supervisory board and the rest of the company staff promoted a sense of inclusion in the ERM.
Limitation: The fact that goals and responsibilities are widely acknowledged does not mean that all staff understand them. The introduction of risk management goals and responsibilities may bring more confusion to some staff.
III.
Rolled out business unit risk workshops and discussions. The workshops and discussions were organized by the respective risk officers and supported by the group risk function on new risk issues (Kaplan & Mikes, 2018).
Strength: Risk officers, leaders, and subject matter experts can refine risks identification and improve the assessment because of sufficient inputs while Group Risk function enhances risk identification. Segal states this is one of the five keys to successful risk identification (Segal, 2011).
Limitation: This process is time-consuming because leaders are allowed to provide their views and feedback on the discussed topic, which can also lead to information overload.
IV.
Organized extraordinary risk workshops to identify and assess new and emerging risks (Kaplan & Mikes, 2018). According to Segal, the primary goal of organizing extraordinary risk workshops is finding common ground on the issue and deciding whether to present it to the board of directors (Segal, 2011).
Strength: Proactive risk identification and assessment that enable the executive team to be prepared for new challenges to the company
Limitation: The continuity of Swissgrid operations is at stack, and risk mitigations are based on assumptions made by the leaders and approved by the Executive board.
V.
Escalation of risk findings and recommendations to the Executive board for decision-
making.
Strength: Escalating the risk findings and recommendations helps the Executive board make an informed decision and allocate sufficient resources for risk mitigation. According to Segal, integrating the ERM into decision-
making is critical to establishing a successful ERM framework (Segal, 2011).
Limitation: The executive board will be involved in the company's operational
issues, and it could be too granular for the board's attention.
VI.
Implemented an intelligent reporting risk control system – ASE (All-Seeing Eye) (Kaplan & Mikes, 2018).
Strength: Automating risk reporting, especially summary risk reports, promotes accountability among risk owners.
Limitation: ASE is a risk reporting platform only. The risk owner is responsible for inputting quality risk assessment and mitigations in the system.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
What risks does the company face?
There are several risks described in the case study that Swissgrid faced, including a mix of operational, strategic, and financial. While some of the risks had put mitigations in place, others had no clear mitigation path identified. Swissgrid mentioned that they had experienced supply shortages due to suppliers not being able to transport supplies as the rivers (located in the Alps) utilized were at low levels. While they were able to pay other power plants to maintain their water reserves, this resulted in a cost increase and triggered another risk, a political one. To sustain the increased cost, they needed to be transferred over to customers, which caused backlash and political pressure. They could overcome and explain, ensuring they would not have a disruption in service which would be even more costly (Kaplan & Mikes, 2018). There is also a
concern with the inability to keep up with demand due to aging infrastructure. While they have a mitigation in place, paying the upstream provider to limit production, and downstream to increase production, their costs would increase and have operational impacts.
Switzerland is not part of the EU and is not legally required to follow the EU rules that required TSOs follow common rules, making more efficient markets in Europe. This was identified as a major risk and could have negative impacts from an influence and stability perspective of their grid (Kaplan & Mikes, 2018). Another significant threat, cyber hacking attacks, continues to evolve. An attack could take sensitive information or manipulate employees’ screens, causing a severe impact to Swissgrid from an operational and financial perspective. While the Swissgrid team was conducting one of their risk workshops they identified that if one of their partners filed for bankruptcy or experienced such a loss, they had to close this could be a risk for Swissgrid. Since if a partner that was running one of the power plants had to close (from bankruptcy) it could lead to Swissgrid not being able to find an immediate solution to get that power plant operating (Kaplan & Mikes, 2018). As the Swissgrid CEO said in the case study, “Safety comes first…” (Kaplan & Mikes, 2018). A risk that remains red (per Swissgrid) is a safety risk. They are currently utilizing outsourced individuals for the construction and maintenance they are working on. Outsourcing does allow Swissgrid to increase efficiency, but because of their decrease in the ability to have complete control over the situation, it drives up the costs, leading to operational and safety risks (Kaplan & Mikes, 2018). It is not limited to outsourcing regarding their safety concerns but also includes their employees, particularly line-repair and maintenance workers. They are always
Very High
XX
X
XXX
High
Medium
X
X
XX
Low
Very Low
Very Low
Low
Medium
High
Very High
Impact
Probability
facing safety and health concerns as they have zero tolerance for letting one of their employees be hospitalized longer than three days (Kaplan & Mikes, 2018). Applying the RCD Model
The below table identifies the risk, category, subcategory, probability, and impact based on the case study for Swissgrid. Utilizing the criteria for quantifying and qualitatively assessing the risks and reviewing the scoring criteria from Segal to assess the risks identified at Swissgrid. Not all details were known to make an accurate assessment; however, a “best guess” based on the known details to assess the probability and impact of each risk. The risk cube also is a great visualization to show where the risks lie from a categorical perspective of (low, medium, and high). You will see that most of them lie in the medium to the high area, which aligns with what was described in the case study, identifying major or high-impact risks.
RCD model application for Swissgrid’s risks
Risk Defined
Risk
Category
Risk Subcategory
Likelihood
Severity
Water level reductions – weather
risk
Operational
Disasters
High
Medium
Supply shortages
Strategic
Supplier
High
Medium
Safety risk – outsourcing
Strategic
Supplier
Low
Very High
Safety risk – employees
Operations
Low
Very High
Bankruptcy – failed partner
Financial
Liquidity
High
Very High
Bankruptcy – failed partner
Strategic
Strategic relationships
High
Very High
Hacking attacks externally
Operations
Technology
Medium
Very High
Regulatory risk – Switzerland not part of EU
Strategic
Legislative/Regulatory
High
Very High
Political Risk
Strategic
External Relations
Low
Medium
Not meeting demand due to aging infrastructure
Operational
Disaster
Medium
Medium
Risk Cube – Swissgrid’s Risks
6
References
Kaplan, R. S., & Mikes, A. (November 2018). Swissgrid: Enterprise Risk Management in a Digital Age. Harvard Business School Case
, 119-045.
Segal, S. (2011). Corporate value of enterprise risk management: The next step in business management.
John Wiley & Sons, Incorporated.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help