banner accounting

Risk Management Experts

No business life lesson can be complete without a discussion on risks and risk management. Risks are inherent in everything we do - from crossing the road to running a business. Business risk management is the key to ensure risks are identified and a plan-B thought of. Some risks we can control while others we cannot. The mere mention of business risk evokes different feelings depending on our disposition towards risk. Some of us are risk acceptors (the entrepreneurs and innovators) while others are risk averse while still others are risk neutral.

A number of people mistakenly associate risk with just bad things. “Oh! Let’s not invest there, it’s risky. We could lose our money.” Or “It’s too risky to take on this project.” Risk management then asks, "'What shall we do about it?" But, risks can be good and bad. An effective business risk management strategy ensures you recognize the good and the bad.

Risk is the possibility that a company will have a lower than the expected profits or that it will experience a loss rather than a profit. It is influenced by numerous factors, including sales volume, per-unit price, input costs, competition, overall economic climate and government regulations.

Our objective is to provide you expertise on how you could improve your way of handling uncertainties.

Arab Accounting Services Center’s Approach

  • Comply with ISO 31000 – Risk Management

Risk Management Process:

(1) Communication and consultation;

Any risk management process relies heavily on effective communication and consultation. In emergency risk management it is likely to be the primary method for the identification and analysis of risks. It is appropriate to have a documented communication and consultation strategy in place.

Communication plans should be tested to ensure that accurate information is flowing to and from stakeholders and that information is being interpreted correctly.

Communication and consultation ensures that:

  • stakeholders responsible for implementing emergency risk management and those with a vested interest are consulted and engaged in the total process
  • stakeholders do not make judgments as to the acceptability of a risk based on their own perception of risk
  • stakeholders’ perceptions of risk and the emergency risk management process are improved and their perceptions of benefits and problems are captured
  • views of stakeholders are considered
  • stakeholders are aware of their roles and responsibilities
  • the likelihood that decisions will be made based on accurate and appropriate information is increased.

The process of communication should consider:

  • audience (primary, secondary and opportunistic)
  • content (simple, technical or non-technical, clear, unambiguous, etc)
  • assumptions (social, religious, cultural, technical, etc)
  • mode (radio, television, journals, person-to-person, consultative committee, etc)
  • accessibility (language, readability, vision impaired, etc)
  • sensitivities (political correctness, empathy, social, etc)
  • boundaries (legal, political, social, technical, etc).

(2) Establishing the context;

According to ISO 31000, to establish the context means: “to define the external and internal parameters that organisations must consider when they manage risk. "

ISO 31000 expects that you consider your organisation’s context when you:

  • define the scope of your risk management program,
  • formulate your risk management policy and
  • establish your risk criteria.

(3) Risk assessment, where risk is identified, analyzed, and evaluated;

  • 1. Identify hazards and initiating events
  • 2. Identify mitigating safety measures
  • 3. Trace possible chains of events
  • 4. Quantify all individual probabilities and severities
  • 5. Aggregate probabilities and severities, and calculate risks

(4) Risk treatment;

Risk Treatment is the selection and implementation of appropriate options for dealing with risk. Risk Treatment includes:

  • Risk Avoidance
  • Risk Reduction
  • Risk Transference
  • Risk Acceptance

Risk treatment can involve: (In accordance with ISO 31000 - Risk Management)

  • avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;
  • taking or increasing risk in order to pursue an opportunity;
  • removing the risk source (2.16);
  • changing the likelihood (2.19);
  • changing the consequences (2.18);
  • sharing the risk with another party or parties (including contracts and risk financing); and
  • retaining the risk by informed decision.

(5) Monitoring and review; and

The context establishment phase sets the direction for the whole Risk Management process, so several aspects need to be monitored and reviewed, including:

  • whether shared understandings are still relevant
  • how appropriate is the stakeholder group representation
  • any changes to political, economic, social and cultural factors.

If there are any significant changes in these aspects the risk management cycle should be repeated.

(6) Documenting this activity

This includes:

  • a listing of internal and external stakeholders
  • any scoping criteria reflecting which risks are to be treated
  • a brief description of the basic parameters within which risks are to be managed
  • a project plan including a training plan
  • the state/territory policy or arrangements relating to risk management
  • a list of risk evaluation criteria to guide future decisions on the risks to be treated
  • key decisions/outcomes of discussions at meetings.

Latest News

  • Risk management process can help address lawsuits
  • ERM ascension is complete
  • Total cost of risk up 5% in 2012: RIMS Benchmark Survey
  • The dos and don’ts of implementing an effective risk culture
  • IT risk management viewed as compliance burden
  • Outdated ERM approaches threatening businesses
  • Awards highlight commitment to risk management
  • Top concern for risk managers revealed
  • Greater action needed against risk
  • Risk management: priceless possessions
  • Both sides of supply chain risk mitigation
  • Critical need for risk management training
  • Commonwealth to focus on risk management
  • BYOD entrenchment brings risks
  • An unprecedented approach to disaster risk management
  • FERMA urges risk management inclusion on social transparency
  • A ‘new risk universe’



  • “I bow to all staff at AASC for their understanding, professionalism, competence, patience and tact. They are specialists of high grade with a personal touch and attention to detail.“

    Adnan, Development Institute Director

  • “Truly a great team. Highly motivated, experienced and focused on delivering a great service. No wonder they are one of the most respected providers in UAE.“

    Ghassan, Al Waseet

  • “When selecting our auditing company, we focused on the companys reputation, service quality and level of expertise. For us, AASC have proved to be the right choice”

    Hamdy, Printing Press