Modelo para Identificação e Gerenciamento do Grau de Risco de Empresas - MIGGRI

Joana Siqueira de Souza

Recently, Risk Management issues have been widely discussed. There is an increasing need to identify, measure and control the levels of risk within enterprises as the levels of uncertainty that surround them also rise. Risk management, however, is commonly discussed at the level of projects, when the aim is to assess the risks associated with an investment project. Notwithstanding the importance and necessity of such information, nowadays it is necessary to expand the information on risks, attempting to identify the risks that affect the enterprise as a whole, focusing on its different types of business. In this context there arises the concept of Enterprise Risk Management ¿ ERM, methodology whose objective is to identify, measure and control business risks and which is the central theme of the present research. Models such as COSO (2007) and regulations such as AS/NZS 4360 (1999) and ISO 31000 (2009) have already been developed for Enterprise Risk Management; however, in these models much attention has been given to the steps that must be developed for a complete management without clearly associating the tools and concepts that must be used in each step, and there is also a focus restricted to the quantitative aspects, while there is difficulty in the assessment of risks classified as qualitative. Therefore, this research aims at presenting the construction of a Conceptual Model for Enterprise Risk Management, validated by means of a Field Study in two companies that employ the ERM process in a relatively structured form. This resulted in a Preliminary Model, whose main objective is to create a set of partial and global indicators that aid managers in controlling risks to which their businesses are exposed, allowing for a comparison between different Business Units (BU) in a same organization. The Preliminary Model is supported by a control matrix structure and is composed of six stages: (i) Structuring and Planning ¿ focused on organizing the Risk Management process in the company, (ii) Risk Context ¿ whose objective is to identify and rank the risks to which the BUs are exposed; (iii) Risk Exposure Level ¿ aims to assess quantitatively and qualitatively the risks prioritized at the previous stage, attempting to calculate the proposed risk indicators, generating the risk level (RL) of each BU; (iv) Intended risk level ¿ this stage aims to identify the level of tolerance to risk intended by the company, having the intention of aligning the calculated RL to what the organization tolerates; (v) Treat the risks ¿ stage in which the critical risks are identified and contingency measures are proposed for the reduction of the RL of each BU assessed; and (vi) Risk monitoring ¿ stage of constant risk management, in which control responsibilities are defined in regards to a horizontal risk monitoring, comparing the different BUs of the organization. This Preliminary Model was applied in a large-sized company in the construction industry, and its two BUs were assessed. During the application, the six stages were carried out, and it was possible to calculate the risk level of each BU, to define the contingency measures for the most critical risks, and to structure a formal control process aligned with the expectations of the organization. Finally, a final model was generated, called MIGGRI ¿ Modelo para Identificação e Gerenciamento do Grau de Risco de Empresas (Model for the Management and Identification of Risk Level in Enterprises), with some alterations due to the practical application, concluding that the model developed fills the gaps identified in the literature on Risk Management, thus contributing to this arising field of research.

Modelo para Identificação e Gerenciamento do Grau de Risco de Empresas - MIGGRI

AUTOR(ES)

FONTE

DATA DE PUBLICAÇÃO

RESUMO

ASSUNTO(S)

ACESSO AO ARTIGO

Documentos Relacionados