The business risk of an enterprise is contained in the daily operation process of the enterprise, involving all aspects of the daily operation of the enterprise, and the most important thing is to focus on the business links that can create benefits for the enterprise. Driven by interests, managers need to make decisions in business management to ensure the maximization of enterprise interests. These decisions or strategies are often made under the condition of asymmetric market information, so the risk brought by demand, that is, the loss that decision failure will bring to enterprises, is the cost brought by asymmetric information and the price that enterprises pay for wrong decisions. The basis of enterprise risk management is to understand all levels of enterprise risk, reduce the possibility of failure, and reduce the uncertain business results to an acceptable range.
Generally, enterprise risk management should have the following characteristics:
1. Risk management process
Enterprise risk management consists of a series of procedures to reduce and control risks, including: risk identification and decomposition, determination of risk management objectives, selection of risk management methods, implementation and revision of risk management, and evaluation of risk management results. In the book COSO Enterprise Risk Management Integration Framework published by COSO, it is mentioned that the enterprise risk management framework includes eight elements: internal environment, goal setting, event identification, risk assessment, risk response, control activities, information and communication and monitoring; The eight components are also effective standards for enterprise risk management. If these components exist and operate normally, there may be no major defects, and the risk may have been controlled within the risk ability of the subjects. On February 20 1 1, the Enron incident broke out, and for a time, enterprise risk management became the focus of attention. Since then, more and more enterprises and institutions in the United States have adopted risk management mechanism, which has reduced the difficulty of risk management and achieved management results, especially in the aspect of risk early warning, adopting measures such as auditing and commercial investigation, and increasing the prevention of risks.
2. Sources of risk management
As for the scope of risk management, on the one hand, we should manage risks by business, department and level; On the other hand, it is also necessary to summarize the risks at all levels, define and manage them from a global perspective, and control the risks from the source of strategic decision. Taking Japanese enterprises as an example, several large government-controlled enterprises in Japan have set up "information counselor's offices" to collect information on the external environment and its changes, including macroeconomics, regional politics, natural environment, humanities and society, and many other aspects. On the basis of summarizing the information, this paper comprehensively analyzes the relationship between the four factors and the influence of the combination on the implementation of the strategy, and puts forward some reference opinions for the formulation of the enterprise strategy to ensure the correct strategic direction and the greatest risk.
3. Comprehensive risk management
Enterprise risk management is not only the responsibility of senior leaders and managers, but also involves all personnel within the enterprise, from CEO to every ordinary employee. Only when all staff establish risk management awareness and participate in risk management can the final effect be achieved. For example, Toyota's "Total Quality Management" decomposes quality indicators and corresponding failure risks according to each employee's work content and becomes the daily management content of each employee. Everyone knows his job content and all kinds of quality risks caused by not following the required methods. The quality of total management can be improved through the self-management of employees, the centralized management of quality personnel and the supervision and implementation of management. Panasonic, on the other hand, has established a complete product file, numbered each product and parts on it, and entered relevant production information and operator information into the OEM system for filing. In Panasonic, a screw or a welding head can find the production time, operator's name and quality inspection results in the OEM system according to the number. In this way, the quality of the enterprise is linked to everyone, and the quality risk has also been well controlled.
4. Risk management costs
Risk management is not to eliminate all risks or reduce risks at all costs, but to try to reduce risks to an acceptable range. In the process of risk management, it is necessary to allocate the input resources and output results reasonably. In the process of implementing Six Sigma management, engineers of General Electric in the United States found that there is also a law of diminishing marginal returns in risk management: when the investment in risk management reaches a certain critical point, the management effect produced by additional investment will gradually shrink, eventually leading to the waste of resources. Therefore, in the process of risk management, it is still necessary to follow economic laws, rather than blindly increasing investment. When talking about general risk management, the former CEO of GE said: "We all know that it is impossible to manage all risks. I only ask my managers to do their best within their control. "
Analysis on Risk Management of State-owned Enterprises in China
At present, the risk management of state-owned enterprises in China is still in its infancy. In 2006, the State-owned Assets Supervision and Administration Commission issued the Guidelines for Comprehensive Risk Management of Central Enterprises, which marked that the risk management of state-owned enterprises was formally incorporated into the daily operation and management. After several years of development, most enterprises have established their own risk management system and corresponding systems and processes; Summed up valuable experience and accumulated lessons of failure. Based on the survey results of 43 large and medium-sized state-owned enterprises in Beijing, Shanghai, Guangzhou and Chongqing, all the enterprises surveyed are engaged in risk management. Among them, 98% enterprises have carried out financial risk management, 90% enterprises have carried out legal risk management, 85% enterprises have the function of operational risk management, 80% enterprises have carried out strategic risk management, and 60% enterprises also have market risk management. Through this survey, problems and shortcomings are also exposed, mainly in the following aspects: 1. The risk management mechanism of enterprise operation is not unified, and there is no unified evaluation standard and evaluation means. This has brought obstacles to the cooperation between enterprises. 20 10 an electric power and energy company in Shanghai applied for a project loan of 70 million yuan from a state-owned bank. However, in the process of risk assessment of this project, due to the different risk assessment methods, weights and reference coefficients, the two sides have different opinions. The negotiation process, which took nearly two years, not only caused a waste of manpower and material resources, but also missed market opportunities, making the original return on investment discounted due to the price increase of raw materials and environmental changes. Second, the internal risk management of enterprises has not established an organic connection, and in most cases different risk management is independent of each other. However, in the actual operation process, there are always mutual constraints and contradictions, which make enterprises have to spend considerable costs to coordinate and deal with, thus reducing the operational efficiency of enterprises.
1. Future risk management approaches of state-owned enterprises
In view of the above problems, the author puts forward the following measures to improve the risk management of state-owned enterprises through the analysis and summary of actual cases and drawing lessons from successful experience.
I. Incorporate risk management into the strategic development plan of the enterprise.
In the enterprises we investigated, the vast majority of enterprises have clear enterprise development orientation and clear development direction. When making enterprise development strategy, we should fully consider the risks brought by future uncertainties and related management methods. Start with organizational structure and management methods to manage risks. For example, the R&D planning of enterprises requires a lot of capital investment in the early stage of R&D, the R&D cycle is generally long, and the R&D results are uncertain. We suggest that enterprises set up R&D department for special management and adopt operation control mode for vertical management. R&D planning is divided into phased plans, phased objectives are set, and management and effect evaluation are carried out in stages. This is not only conducive to resolving risks, even if deviations are found and corrected, but also conducive to efficient management and unified mobilization of enterprise resources, ensuring the smooth development process and achieving the expected results.
Second, pay attention to the improvement of risk management organization system and related systems.
Implement effective risk management in accordance with relevant systems within a certain organizational framework. This requires state-owned enterprises to have a sound corporate governance structure and strengthen the construction of the board of directors and risk management functional departments. Corporate governance structure is the core of modern enterprise system, and the construction of board of directors is the most important. Perfecting corporate governance structure is the most effective way to strengthen risk management. First of all, the complete corporate governance structure itself reduces the blindness and speculation caused by the imperfect system in the process of business decision-making. Furthermore, the risk management function is added at the board level, and various functional offices are set up in the administration department to carry out special management of enterprise risks, generally including: planning and development department, audit department, finance department, legal department and other major functional departments. This organizational structure strengthens the implementation of risk management from the board level, and the division of responsibilities between functional departments and offices is conducive to the specialization of enterprise risk management. Moreover, the clear responsibility also avoids the conflict between the management of various functional departments of the enterprise to the greatest extent and reduces the cost of communication and coordination.
Third, conduct risk management demonstrations on a regular basis.
Under the leadership of the board of directors, set up a risk management demonstration team, which is responsible for defining the specific responsibilities of various departments in risk management and coordinating the problems arising in the work; Evaluate and demonstrate emerging risks, formulate special management plans, and supervise the specific implementation of responsible departments. In the process of risk management, an iron and steel company affiliated to Hebei Iron and Steel Group adopts the following supervision methods: the risk management demonstration group clarifies the risk management responsibility, and the major risk management issues a risk management supervision card in writing, instructing the responsible department to conduct special supervision and regularly report the supervision results; At the same time, the data in the supervision process will be collected and sorted out, and a set of relatively complete management methods will be summarized and popularized.
Four, formulate relevant management systems, the implementation of hierarchical management.
Enterprise risk management system makes enterprise risk management work have rules to follow. The enterprise formulates the overall plan of risk management measures through high-level meetings, and then each functional office formulates the relevant systems and regulations of its own department and office under the guidance of the overall plan. According to this method, its subordinate units will formulate relevant measures for their own units. As a result, a vertical risk management system has been formed: top-down management and supervision, and bottom-up reporting. Each level exercises different management authority and decomposes enterprise risk into various parts, which provides the necessary guarantee for the institutionalization, process and standardization of risk management.
Five, the establishment of enterprise internal control system
Enterprise internal control system is the core part of risk management, which is related to the concrete implementation and landing of risk management measures. An effective internal control system is a necessary condition to ensure the steady operation of enterprises and prevent operational risks. Enterprise internal control system is generally managed from internal environment, risk assessment, control activities, information communication and internal supervision. In terms of internal environment, it is mainly to improve the corporate governance structure, be responsible for internal audit and supervision, and clarify the rights and responsibilities and business processes; Risk assessment, mainly through the establishment of risk assessment mechanism to identify and deal with business risks encountered by enterprises; Control activities: control risks within an acceptable range through enterprise control measures, and organize effective implementation and management; Information communication: through a good internal communication platform, strengthen the horizontal and vertical communication effect of enterprises, find and solve existing contradictions in time, effectively feedback the results, and ensure the unity of opinions and implementation in the management process; Internal supervision: establish an independent supervision department to carry out daily internal supervision, auditing and supervision according to internal supervision procedures and requirements, so as to ensure that leading cadres of enterprises are honest and self-disciplined and have a scientific and effective operation mechanism.
Through the discussion of the above aspects, this paper puts forward clear methods and objectives for the risk management of state-owned enterprises. In the future risk process, enterprise leaders and employees need to devote themselves to management practice, constantly accumulate experience, improve risk management systems and methods, and push the risk management level of state-owned enterprises to a new level.