current competitive market conditions, the maximum use of organizational
resources in line with goals is important to the extent that it can be noted
that all organizational improvement models have been developed and focused on
this issue. In this regard, one of the proposed strategies and methodologies is
risk management, the main focus of which is the uncertain conditions and
Risk management involves planning, identifying, analyzing, designing, reacting
and controlling the risk of a project/organization.
Risk management objectives include increasing the likelihood and impact of
desirable events and reducing the likelihood and impact of adverse events of project/organization.
Risk management planning: The process of defining how to manage a project /
organization's risk management activities
Risk identification: The process of identifying risks that may affect the
project / organization and documenting their features.
Implementing a qualitative risk analysis: The process of prioritizing risks for
more analysis or action by measuring and integrating their likelihood and
of quantitative risk analysis: Numerical analysis process of the effect of
identified risks on the overall objectives of the project/organization.
Risk response planning: the process of adopting options and measures to
increase opportunities and reduce threats to goals of project / organization.
Risk monitoring and control: The process of implementing programs of risk
response, tracking identified risks, monitoring the remaining risks, identifying
new risks, and evaluating the effectiveness of the risk process throughout the
life cycle of the project/organization.
In this regard,
AKPC acted according to ISO 31000 model to implement risk management and, using
the consulting company, took the following steps:
Organizing ISO 31000 training courses
Understanding concepts, model and process of risk management
Holding workshops for implementation of risk management process with presence
of different organizational units
Organizing internal meetings for finalizing internal risk management procedures
Holding meetings of risk management committee with the participation of senior
executives of the organization
It should be noted that all actions were carried out according to three main
parts of the model:
The principles of the ISO 31000 model
The framework ISO 31000 model
The process of ISO 31000 model
Regarding clause 1, all cases emphasized by the model were addressed in the
policy and regulations and were explained in the training sessions.
In the framework of ISO 31000 model, using the procedures and guidelines
presented, a mechanism was developed for risk management adapted to the terms
and conditions of the organization, including 3 internal instructions.
Risk Identification Instructions
Risk Analysis Instructions
Risk Response and Control Instructions
And all inter-organizational requirements and practices were considered in the
risk management mechanisms by receiving views of senior executives of the
organization. It should be noted that the documentation prepared on the basis
of comparative studies is a unique model in the petrochemical industry of the
country. This issue can be verified on the basis of information from companies
active in the field of petrochemicals (for example, a risk analysis table).
Eventually, the implementation of risk management was performed based on the
proposed model, which was executed by organizational units and according to the
instructions provided by this section of the model while considering the
executive workshops and training sessions and completing the step-by-step risk
register. The steps are indicated in the attachments.
To accomplish all of the above steps, the following actions are briefly done:
1. Designing the risk management deployment committee
2. Introducing the executive representatives of the project
3. Holding several workshop-training sessions
4. Definition and identification of organizational risks in the form of RISK
5. Holding training sessions on risk management including risk identification,
qualitative and quantitative risk analysis, how to respond and controlling the
risks of the organization.
6. Completing the RISK REGISTER form
Finally it should be noted that what successful organizations benefit from is
undoubtedly a planned development based on the organization's lifespan and
maturity. Therefore, the risk management plan should be designed according to
existing conditions of the organization and infrastructure so that it can be
considered as a competitive advantage by institutionalizing the system. Then, risk
management is essential in order to observe maximum achievement of goals,
survive in the competitive world, create competitive advantage for sustainable
development, raise the margin of profit and take the advantage of short and
long term material benefits. It is hoped that we can take advantage of its
sustainable results by the continuous implementation of risk management in the