Control in a company

The company I have chosen to look at for the risk management report 2, on the risks to a company I am familiar with and how they identify analyze and control these risks, is Scottish Power. A large differentiated international energy group which breaks its self down to three groups: UK; US and Infrastructure allowing it to run its operations separately across both sides of the Atlantic as well as linking the UK and US through its infrastructure. “Scottish Power manages regulated and competitive businesses in the UK and US to serve electricity and gas customers.

” Ian Russell, Chief Executive. It is an energy company providing the UK and US with that heats our radiators, lights our rooms and powers our televisions and it also combines this service with Gas to try drive down prices by integrating both bills into one creating less hassle for customers therefore gaining customers and there loyalty. It is a PLC, which has sales of over i?? 6. 3million, employs over 22000 people and has some 7million customers. Obviously as a large international company they have many risks.

There are internal and external risks. To transfer there gas and electricity they need pipes and cables so there is always the risk of natural disasters such as hurricanes or earthquakes which cant be controlled so its just the aftermath that they would need a risk policy for. Also risks such as technological advances in power sources such as solar power wave power etc will need to be monitored because if they aren’t up to date there is a risk of competitors advancing beyond Scottish power and providing cheaper electricity.

But it is a single department of Scottish Power I am familiar with. In particular I chose to concentrate on its credit management department based in Cathcart, Glasgow. My mother works there and deals with risk identification, analysis and control everyday so I believe this would be the best-suited company for me to base my report on. They face could face many risks such as errors in bills, unpaid bills, IT advances, employee losses, Inefficiency in the workforce. To deal with them they need to have a team to identify, analyze and control them.

In business profits are calculated when the sale is made but the credit management department is concerned with cash flow which is measured when the debts are paid off. Therefore the timely collection of the businesses debts is vital to maintaining a healthy cash flow. Once the Scottish Power customer is billed, the debt is now the concern of the credit management department. They are to ensure the debt is paid on time and applied to the correct account. It would face many risks in its billing system.

Inaccurate billing, caller queues being to long, dialer failure, IT changes not meeting requirements. Of course with risks they will need a risk management system. They have a risk identification method with a structured risk plan for the billing system. In each project the project sponsors will go through the identification process using a series of checklists. These checklists. Each process, product and service is checked, from the bill issued to warrant visits and IT changes. The risks found are put through the next stages of risk management.

Analysis is the next process in the risk cycle. They do this by identifying the effects of each risk and then for each process, product or service they identify the possible failures/risks and the effects of these risks. They have three scales to use to priorities the risks, which need to be sorted first. They use a severity scale of one to ten to rate the severity of the consequences of the risk. An occurrence scale of one to ten, which is the chance of the risk actually happening. The detection rate, also one to ten, which rates how easily the risk in question is detected.

Ten meaning it is incredibly hard to detect the risk happening. These are multiplied by each other and a priority rating is given. Obviously one thousand being the highest priority. So the risk management team of four senior members use the standard procedure and work out the risk severity, likelihood and how detectable each risk is for each process, product and service. Analysis is to help effectively control these risks and make sense of the information gathered so it can be compared to past results. Comparing the information gathered and analyzed helps in the controlling of these risks.

Risk control, “Measures to avoid the occurrence of risk, to limit its severity and reduce its consequences. ” Bannister. The 4 managers responsible for this have to chose and implement the most suitable way to handle each risk. They have four main choices which are avoidance, reduction, transfer and retention. Reduction is the method that is mainly used in Scottish Power and they also action is taken before during and after the risk has happened once they know of these risks they begin monitoring them so they know exactly when it happens and they can take immediate action to control the severity.

I believe the Risk management methods of identification and analysis are very well implemented and maintained in the Credit Management department of Scottish Power, Cathcart. It is taken extremely seriously and is a very prominent part of working there. But I feel the control on these risks could be more effective as my studies seem to only have found out that they accept these risks and just try to cap the extent of the costs and damage of the risk. Where as they could possibly review the past failures and come up with idea’s such as extra breaks to make sure employees don’t loose concentration due to long periods of time at the computer.

Also to stop calls sitting in a queue then being moved on with out being dealt with they could develop a rotational system that brings the oldest calls to the front and maybe employ more people to take calls so the queue doesn’t build up to big to deal with. Often these failures are due to employee mistakes and lack of attention so most risks can be avoided and there is room for improvement. Health and safety is a large part of every firm’s risks. In Most cases a companies employees are vital to its success and Scottish Power is no exception.

So the health and safety of these employees is looked at in great detail and risk identification, analysis and control methods are used to help make the work place a safer place. There are many heath and safety methods in place that you would find in all work places such as fire alarms, smoke detectors then control methods such as clearly marked exits and a sprinkler systems etc but they have more individual methods for identification. The Credit Management department use physical inspection combined with an extensive checklist that is used every month by a designated inspector, a safety representative and a location manager.

They will go through the area and physically inspect all the hazards on the checklist. They then review the Workplace inspection form and rate each hazard A, B, C or D. A being potential harm to life or limb and needing corrective action within one working day and D being substandard or inadequate management which has to be corrected within a four month period. Recognizing that computers are the basis of most actions in the workplace and that this is an area of potential risk a questionnaire was created and each employee has to fill it out once every three months.