Kit Sadgrove - The Complete Guide to Business Risk Management

The Complete Guide to Business Risk Management

To my partner Jayne, with love.

Third Edition

KIT SADGROVE

GOWER

Kit Sadgrove 2015

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise without the prior permission of the publisher.

Published by

Gower Publishing Limited

Wey Court East

Union Road

Farnham

Surrey

GU9 7PT

England

Gower Publishing Company

110 Cherry Street

Suite 3-1

Burlington

VT 05401-3818

USA

www.gowerpublishing.com

Kit Sadgrove has asserted his right under the Copyright, Designs and Patents Act, 1988, to be identified as the author of this work.

British Library Cataloguing in Publication Data

A catalogue record for this book is available from the British Library.

ISBN: 978-1-4724-4219-2 (hbk)

ISBN: 978-1-4724-4220-8 (ebk-ePDF)

ISBN: 978-1-4724-4221-5 (ebk-ePUB)

The Library of Congress has cataloged the printed edition as follows:

Sadgrove, Kit.

The complete guide to business risk management / by Kit Sadgrove. -- Third Edition.

pages cm

Includes bibliographical references and index.

ISBN 978-1-4724-4219-2 (hardback) -- ISBN 978-1-4724-4221-5 (ebook) -- ISBN (invalid) 978-1-4724-4220-8 (epub) 1. Risk management. I. Title.

HD61.S2 2014

658.155--dc23

2014029452

I have drawn on information from many sources. They include The Association for Financial Professionals, Conference Board of Canada, FERMA, Amcor, the Financial Times, Association of Assurance and Risk Managers, IDW.de, Ifac.org, Electrical Safety Council, Hackett Group, Fair Labor Association, Achilles, Aravo, Transport Asset Protection Association, International Energy Agency, The Fire Protection Association, CIO Journal, The Loss Prevention Council, Control Risks Group, the Institute of Risk Management, Science Insider magazine, MIT Center for Transportation Studies, Association of Certified Fraud Examiners, RiskWorld, RiskInfo, Risk Management magazine, Business Continuity Online, AIRMIC, NHS, Institute of Internal Auditors, HM Treasury, ALARM, Procurement Strategy Council, Purchasing magazine, Guardian newspaper, Observer newspaper, McKinsey, Kenexa, Wall Street Journal, ACAS, CCH, Unison, BP Law, Office of Fair Trading, Data Monitor, Arlington Institute, Carnegie Mellon University Robotics Institute, International Chamber of Commerce, IFPI, Just Food, Sunday Times, StoraEnso, Sustainability, Cow & Gate, UK Foreign Office, DEFRA, UK Home Office, Office of Government Commerce (Efficiency and Reform Group), Green Party, Business Report South Africa, Talk Left, Reebok, Rits, Dejan Kosutic, Bankruptcy Action, Dun and Bradstreet, CIMA, Foresight Institute, Mongabay.com, Ars Technica, Imperva, Internet Identity, Journal of Global Information Management, Information Commissioners Office, Staff Monitoring Solutions, The Scotsman, Sunday Business Post, Amnesty International, Institute for the Future, Human Capital Management Institute, Proudfoot Consulting, Burnt Oak Partners, Foresight Technology, Whitakers Almanac, Ash, Wikipedia, Arson Prevention Bureau, Coso, Inc magazine, Real Business magazine, Entrepreneur magazine, Institute for Crisis Management, ICAEW, Law Society, The Times, Standish, Credit Services Association, AT Kearney, Project Management Institute, Financial Executives International, HR magazine, The Economist, Clearly Business, Standards Australia, AON, Computer Weekly, Seth Godin, Chicago Tribune, Computer World, Ziff Davis, Eusprig, Lacie, Computer Business Review, Project on Government Oversight, Worker Rights Association, Commodity Futures and Trading Commission, Kable, Logitech, Breaking News, Financial Services/Conduct Authority, European Union, Council of European Municipalities and Regions, International Organization of Securities Commissions, Scottish Environment Protection Agency, Rolls Royce Motors, Agency for Toxic Substances and Disease Registry, Fairtrade Foundation, USDA, Natural Resources Defense Council, Said Business School, Hull University and the BBC.

Statistics and survey data was also provided by The National Fraud Authority, International Labor Organization, Industry Market Trends, Ernst and Young, The Audit Commission, FERMA, Cass Business School, Institute of Crisis Management, FM Global, Price Waterhouse Coopers, Business Software Alliance, IBM Business Recovery Services, Gartner, Packaged Facts, Millward Brown, PA Consulting, Carlsberg Group, Infoplan, Symantec, Health and Safety Executive, Pew Research Center, Chubb Fire, Transparency International, KPMG, International Monetary Fund, Sedgwick, AT Kearney, XpertHR, Aveco, PC Magazine, Powerchex, Society for Human Resource Management, Department for Transport, Kroll Ontrack, DataFort, Axa, UK Intellectual Property Office, US Bureau of Labor Statistics, Marsh Inc., International Coffee Organization, British Retail Consortium and the Royal Academy of Engineering.

I am grateful to people who have commented on selected chapters including Jan Cottrell, Erik Engstrand of Ikea, Ciaran Delaney, Harvey Betan and Betty Kildow. Im also grateful to my researchers Magdalena Kurkowska, Stephen Murage and Tom Gibbs, as well as all the individuals and organizations who have helped to create this book; but any errors are my responsibility alone.

Kit Sadgrove

Some of the vocabulary of risk management differs from other specialisms. For example, the word control is different from what scientists mean by it. Even the varying risk standards dont always agree on the definition of the words.

These definitions have been taken from various sources, including COSO and the Institute of Internal Auditors, and have in some cases been modified to provide more clarity. For more detail, the ISO/IEC Guide 73-2009 provides a standardized vocabulary.