written by Deicy Pareja, On November 22, 2022
When we want to achieve an objective, our main lever to achieve it will be to have an action plan, where we set out everything we need to do to achieve it, such as activities, tools, resources, etc. The same happens when we work in risk management, where our purpose will be to prevent, correct or detect events that generate a risk for the organization.
Every risk within the company is a threat of loss, either due to a situation generated internally (by processes, technology, financial factors, among others) or by external causes. Therefore, when these events are detected, controls must be implemented to help mitigate them, this is where the action plan comes in.
What is a risk management action plan?
We could define it as a strategy composed of different activities with the purpose of mitigating the association to controls and events in the risk life cycle. This plan defines what the objective will be, how long it will take, what resources will need to be implemented and the people responsible for executing it in order to manage the risks in a timely and effective manner.
They can originate in two ways
- As a preventive action: when a process or element is identified that does not have a control to avoid the materialization of a specific risk, the analysis and mitigation of the risk will be carried out through the creation of a control.
Let's take an example:
A construction company decides to buy a large warehouse to store all the heavy machinery it has. Our preventive action will focus on the security of the warehouse where these assets will be, so the activities within the action plan could consist of implementing a camera surveillance system, hiring a security company, etc. - As corrective action: when a risk has already materialized, an action plan focused on correcting this event will be implemented.
Let's take an example:
The construction company has reported a delay in one of its works due to a default in the delivery of materials by the supplier. We could correct this event by focusing our action plan on having a stock of materials for two or three months, increasing the number of suppliers, etc.
The stages of an action plan
The objectives
What do you want to achieve? At this stage, the action plan must state what it is intended to achieve, what events or controls it will help to achieve. This is the starting point for defining the activities that will help to achieve it.
Actions within the plan
These are all the activities that make up the action plan, they work as a process where they start with the creation of the plan and then execute them and finally go through a verification to validate if the plan fulfilled its purpose or if new activities should be implemented.
A good way to organize the activities is to put them in chronological order, so you will have a clearer vision of the steps to be followed.
Roles to be assigned
Different actors may be involved in an action plan:
The objectives
What is to be achieved? In this phase the objectives of the action plan and the events or controls that will help to achieve them are defined. This is the starting point for defining the activities that will help to achieve them.
Plan actions
They are all the activities that make up the action plan, they work as a process that starts with the creation of the plan and then they are executed and finally go through a verification to validate if the plan fulfilled its purpose or if new activities should be implemented.
A good way to organize the activities is to put them in chronological order, so you will have a clearer vision of the steps to follow.
Roles to assign
Different actors can be involved in an action plan, for example
- The manager: his role will be to set out the action plan route, delegate the person responsible for implementing the activities, monitor progress and, once completed, verify whether the purpose of the plan has been fulfilled or, if not, define what further actions should be taken.
- The person responsible for the action plan: has the mission of following up the plan and making sure that each activity is implemented correctly.
- The person in charge of execution: each activity can be carried out by a different person in charge, who will be responsible for implementing the action.
Plan deadlines
No plan can work without knowing when to start and when the deadline for completing all actions will be. Knowing the time frame in which the objective must be achieved will focus the responsible parties on accomplishing the activities.
The perfect action plan
Such a plan does not exist, there is no formula or steps to follow to achieve a perfect plan, but the more trial and error we have in creating action plans the better, why? because then we will know which actions work and which do not. Ideally, each plan should have multiple activities to better control events or risks.
How to execute a risk action plan
Within the Pirani risk management software you will find action plan modules, where you can create plans that have tasks assigned to specific people, define a start or end date, view a progress status that will help you review the stage of the plan and you can also associate it to a process, risk, control and/or event. Discover everything you can do with the tool that makes risk management simple!
In conclusion
Action plans help us to make tangible the measures to be implemented to mitigate a possible risk or correct an event, thus optimizing the company's management and performance. They help us to set the context of what needs to be done and the specific activities that will help make it happen.
Did you find this content on action plans to consider in risk management within an organization useful? Leave us your comments.
About Us → 
Leave us your comments