Risk Management

in a Global Context

7AG517
CWK2 Individual Report Assessment
Module Leader: David Orton
Word Count: 2099

Student Name:
ID:

1
Executive summary
The report is an analysis of the failure of the Samsung Galaxy Note7. In 2016 Samsung launched
the mobile phone but the US and other countries report about the exploition of the mobile. 31
customers alleged the same problem. Then the company call back this product and fixed the
issue (Nast, 2022). The whole scenario is concerned with global risk management. The report
describes the importance of enterprise risk management for the Samsung case stud. Finally,
recommendations and conclusions are given for better risk management for the company.

2
Contents
Executive summary.....................................................................................................................................2
Introduction.................................................................................................................................................5
Enterprise Risk Management......................................................................................................................5
Learning from the crisis...............................................................................................................................7
Lesson learning- Double Loop Learning for Samsung..............................................................................7
Response or Prevention – Learning from crisis........................................................................................8
Inter of Intra-crisis- learned from the lesson...........................................................................................8
Lesson implementation- lesson distilled or implemented.......................................................................9
Recommendations.......................................................................................................................................9
Risk control..............................................................................................................................................9
Risk resilience........................................................................................................................................10
Conclusion.................................................................................................................................................12

3
Introduction
Business encompasses risks and uncertainty. So, business needs to manage these risks to
become successful in the competitive world (Ennouri, 2013). Risk identification and
management have become important for every business because of business objectives and
market conditions (Ennouri, 2013). This report is prepared to address risks and uncertainty
inherent to Samsung and the way it can be more resilient through enterprise risk management,
risk control and implementation of the learning from the crisis and how to turn this crisis into
an opportunity for the future.

Enterprise Risk Management

When a company identify, assess, and take protective action to reduce the severity of the risk
to the entire organisation is called an Enterprise risk management system (Bromiley et al.,
2015). In history, the risk was not treated at the enterprise level rather than the individual level.
According to (Bromiley et al., 2015) Accepting or enduring, mitigating or controlling, rejecting or
discounting risk, and mitigating risk using a risk prevention system or internal control system is
the process of the internal risk control system in an organisation. Organisational culture,
aptitude, attitude, and perception of risk shape an organisational risk management system
(Bromiley et al., 2015). For example, Samsung company prefer to avoid risk from the case
study. That is why the company needs to take action according to its cultural dimension. When
a company tries to avoid risks as a risk management system it needs to develop its ability to
manage risks. Alter its mindset and acquire resources to manage risk appropriately before
changing its strategy to a risk management system (Hoyt and Liebenberg, 2011). The manager
also needs to ensure the risk tolerance of the common shareholders increases with the risk
tolerance of the company. If Samsung carves to manage its risk the company must adopt the
process and strategies of the Enterprise Risk Management System.

4
 Figure 1 Enterprise risk management system (COSO, 2017)

These concepts consider various techniques of monitoring and governance no matter the size,
or kind of industry the organisation belongs to. Following principles and guidelines help an
organisation increase its ability to manage risks more efficiently.

Governance and culture

Governance shape’s ability and willingness to take the risk and describes the importance of an
enterprise risk management system in the company. It also dictates the operating structure and
duties and responsibilities of the managers and supervisors (COSO, 2017). Culture defines the
perception and practices of people within the company (Chapman, 2011). Samsung should
focus on establishing good governance Along with awareness among individuals about

possible risks and threats

In this process goal achievement works along with ERM strategy in the company. The first step
in this process is to set a risk tolerance strategy and align it with the organisational goal
(Bromiley et al., 2015). The next step is to implement the strategy in the company through
analysing, recognising and reacting toward risk (Chapman, 2011).

Performance

It is important to identify and evaluate risks that might affect the strategy and goal
accomplishment of a company (Hoyt and Liebenberg, 2011). In the risk appetite framework,
risks are classified according to their sensitivity of risks (Chapman, 2011). So, Samsung needs to

5
identify and evaluate the potential risks that might affect the company. Then the company
needs to devise a risk mitigation strategy that needs to adopt, and the total amount of risk will
take.

Review and Revision

In this step, a company inquire about the effectiveness of ERM components over a certain
duration of time (Hoyt and Liebenberg, 2011). Here differences are examined and take
corrective actions for significant deviation.

Information, Communication and Reporting

It is a continuous process of ERM consisting of the collection and sharing of significant

information gathered from different sources is essential (Hoyt and Liebenberg, 2011). This
information needs to share all over the company.

Learning from the crisis

A crisis is a time of difficulty and a decision at that time is very important. It brings both
suffering and learning for the future. If one can take the lesson from the crisis period will not
face such types of situations c.

Lesson learning- Double Loop Learning for Samsung

In this learning, the company consider how behaviour is justified on the premises (Tagg, 2010).
It is an important point science an organisation needs to evaluate and reflect on the process.
What is going on here? And What are the basic shapes? Need to be posed to oneself (Houchens
et al., 2012). They need to have the learnings if they are able to capture the patterns (Tagg,
2010). Double-loop learning enables comprehension of presumptions and exalted decision-
making processes in any organisation (Houchens et al., 2012).

6
 Figure 2 Double-loop learning

Example: Double-loop learning occurs when core values and norms, rules and goals of an
organisation are changed due to a mistake (Houchens et al., 2012). For example, Samsung lost
its reputation for its defective products, But it recalls all the products of the same model and
looks into the problems and solves the problems twice. It shapes its norms, objectives,
regulations, etc.

Response or Prevention – Learning from crisis

Basic learning from crisis to take preventive measures and reaction to stop the repetition of the
problems. The first paces are to determine the root cause of the crisis and what preventive
measure will stop it to occur again (Labelle and Rouleau, 2017). Samsung immediately calls all
products of the defective model and find out the root cause of the fire. In this case, Samsung
needs to focus on prevention and response. But the company could not address this strategy as
a result of another accident had occurred after that crisis. If the company can take preventive
measures can bypass reputational, financial, and market risks.

Inter of Intra-crisis- learned from the lesson

Learning from one problem and implementing the lesson in the next is known as inter crisis.
When learning a batter reaction in a crisis is called intra crisis (Labelle and Rouleau, 2017).
Learning occurred during a crisis called intra crisis learning. It occurred despite the presence of
ambiguity, time constraints, tension etc. (Labelle and Rouleau, 2017). In intra crisis learning is

7
more challenging being an actual emergency feature and more time needs to reflect (Labelle
and Rouleau, 2017). Samsung’s initiative was learning from intra crisis. In the challenging
environment, problems and high tension situation, they implemented its strategy for gaining
trust again through finding the cause of the defect and correcting the defects. They offer a new
smartphone for Galaxy Note7, which indicates the company is trying to provide efforts and take
a lesson from the crisis.

Lesson implementation- lesson distilled or implemented

The main dissimilarities between behaviour and cognition are attached to the observation of
lessons and implementing these learnings into practice (Labelle and Rouleau, 2017). A small
difference exists between lessons and learning. When a lesson was only seen but not
implemented in changing organisational behaviour is called a lesson distilled (Maor, 2014). If
the lesson is put into practice and brings a change in behaviour in the organisation is termed a
lesson implemented. In this case, Samsung successfully implemented the lesson learned from
the crisis and become successfully managed the reputation risks of the company and ensure
customer satisfaction through facing huge financial losses. It provides a message to the
customers about their concern for their customers. They also ensure that customers will get the
best product of the Samsung Galaxy upcoming version which will be free from defects and
provide customer satisfaction.

Recommendations
Here are some recommendations to manage enterprise risk more efficiently based on risk
control and risk resilience for Samsung.

Risk control

Risk management not only protects but also produces value for an organization. Risk control is
a process of reducing the chance of loss or reducing the severity or impact of risk in the
organisation (Maor, 2014). Tolerate, Terminate, Treat, and Transfer are the 4 important and
mass operatable methods of risk control
8
Transferring risk: It means to transfer the risk through an agreement with the insurance
company by providing premiums. In this method, a third party is willing to take the risks of the
organisation and agree to compensate for the loss that occurred(Hsu, Chiang and Chen, 2013).
Samsung can follow this method to manage its risks which will save it from financial loss but will
not save it from reputation loss.

Tolerate: It means the organisation will not take any preventive measures to protect against
risks. It absorve risk because taking preventive measures is not cost-effective or the risk of loss
is low level and the firm considers that it needs no preventive measure (Hsu, Chiang and Chen,
2013). Samsung can take this type of risk control when it amount of loss or the chances of loss
is very low. It must ensure that if the loss occurred the firm will not face not much loss.

Treating risk: It involves reducing the severity of risks or minimizing the probability of risk
before the occurrence of risk (Dang, Jasovska and Rammal, 2020). It involves doing an action for
reducing the severity of risks. Samsung may recheck the quality of the battery from the
producer to avoid the risk of defective products.

Terminating Risks: It is the easy way to manage risk, which means stopping doing work that
involves or increases the chances of risks (Hsu, Chiang and Chen, 2013). Minimisation of risk
should preferable when needed. Samsung can take a strategy to avoid risks, it can terminate
defective product producers from the product line.

Risk resilience

Organisations' ability to endure a crisis and survive in an unpredictable environment is termed

risk resilience (Beermann, 2011). It is not merely surviving in a difficult time but also doing good
in that time. A genuine resilient organisation have two extra functions the circumstance and
insite consciousness to prevent crisis and the anticipated transform crisis into a source of
strategic possibility. Both of these two actions are essential for becoming a truly resilient
company (Beermann, 2011). Resilience has four cornerstones Learning, Responding,
Monitoring, and Anticipating.

9
Figure 3 fore key elements of resilience

Learning: It involves what an organisation will learn from a crisis and how the learning will
implement in the organisation (Fiksel, 2015). Samsung has learnt that lackings of continuous
quality checking, ignorance, and weak monitoring will create potential risks for the company. If
the company can efficiently use the learning in its future operation can overcome such kinds of
crises.

Responding: The ability of an organisation to react to potential hazards or crisis is the essential
element of a system. It needs to react when something unexpected happens, it has to perceive
the problem and identify the depth of the problem (Fiksel, 2015). Samsung has experienced the
crisis of defective products, it responds to the potential future threats to become a resilient
organisation.

Monitoring: It is known as the alarm system for the upcoming crisis so the organisation needs
to appropriate steps to prevent the deterioration of the situation (Beermann, 2011). It is an
important element for improving the distribution and utilisation of resources and the right
decision making which allows for the early reaction of the company (Fiksel, 2015). If Samsung
strongly implements a monitoring system could avoid the failure of its products.

Anticipating: It is the process of predicting situations of risks, keeping eye on the horizon of
setbacks creating coherent descriptions is the concept of anticipating mentality (Beermann,
2011). If Samsung could anticipate possible risks at the time of launching the products it can
deal efficiently with the crisis. It could create a plan to manage crisis moments.

10
Conclusion
Identifying external challenges and threats are very difficult tasks. So, businesses face danger as
they can not anticipate potential threats and risks. In a suggestive case, Samsung has learned
the lesson about dealing with the defective product and can implement it in a future crisis. It
will not face such types of a problem if it uses the lesson. It also creates an opportunity to
develop new and sustainable products for the consumers. Samsung has taken the opportunity
of the crisis and become a successful brand.

Reference
Beermann, M., 2011. Linking corporate climate adaptation strategies with resilience thinking. Journal of
Cleaner Production, 19(8), pp.836-842.

Bromiley, P., McShane, M., Nair, A. and Rustambekov, E., 2015. Enterprise risk management: Review,
critique, and research directions. Long range planning, 48(4), pp.265-276.

Chapman, R.J., 2011. Simple tools and techniques for enterprise risk management. John Wiley & Sons.

COSO (2017) Enterprise Risk Management Integrating with Strategy and Performance. Available at
https://www.coso.org/Shared%20Documents/2017-COSO-ERM-Integrating-with-Strategy-and-
Performance-Executive-Summary.pdf (accessed on May 24, 2022)

Dang, Q.T., Jasovska, P. and Rammal, H.G., 2020. International business-government relations: The risk
management strategies of MNEs in emerging economies. Journal of World Business, 55(1), p.101042.

Ennouri, W., 2013. Risks management: new literature review. Polish journal of management studies, 8,
pp.288-297.

Fiksel, J., 2015. From risk to resilience. In Resilient by design (pp. 19-34). Island Press, Washington, DC.

Houchens, G.W., Hurt, J., Stobaugh, R. and Keedy, J.L., 2012. Double-loop learning: a coaching protocol
for enhancing principal instructional leadership. Qualitative Research in Education, 1(2), pp.135-178.

Hoyt, R.E. and Liebenberg, A.P., 2011. The value of enterprise risk management. Journal of risk and
insurance, 78(4), pp.795-822.

Hsu, W.K., Chiang, W.L. and Chen, C.W., 2013. Earthquake risk assessment and optimal risk
management strategies for hi-tech fabs in Taiwan. Natural hazards, 65(3), pp.2063-2076.

Labelle, V. and Rouleau, L., 2017. The institutional work of hospital risk managers: democratizing and
professionalizing risk management. Journal of Risk Research, 20(8), pp.1053-1075.

Maor, M., 2014. Policy persistence, risk estimation and policy underreaction. Policy Sciences, 47(4),
pp.425-443.

11
Nast, C. (2022). We finally know why Samsung's Galaxy Note 7s 'exploded'. WIRED UK. Retrieved 24
May 2022, from https://www.wired.co.uk/article/galaxy-note-7-issues-what-happened.

Tagg, J., 2010. The learning‐paradigm campus: From single‐to double‐loop learning. New Directions for
Teaching and Learning, 2010(123), pp.51-61.

12