Risk analysis for a medium-sized company, case Oy Saimaa Terminals Ab
Vasenkari, Miikka (2018)
Vasenkari, Miikka
Saimaan ammattikorkeakoulu
2018
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2018111517253
https://urn.fi/URN:NBN:fi:amk-2018111517253
Tiivistelmä
This thesis attempts to explore how ready-made risk registers can be adapted and utilized in a different risk environment. The thesis was commissioned by Oy Saimaa Terminals Ab and its parent company Steveco Oy. The subject of the risk analysis are three ports located in Southern Finland in Kotka (Hietanen), Hamina and Imatra.
The researcher does not have extensive background in risk management. A literary review of the subject was conducted to provide enough background to conduct the risk analysis. The core concepts of risk management are introduced along with the ISO 31000:2009 risk management standard to provide a basis for theoretical framework for risk analysis.
The results of the analysis are shown in a table with average risk magnitude comparing the results from the three ports. The results indicate that all the locations have a unique risk profile with emphasis on different risk categories. The results from the risk analysis are not generalizable across different studies and are likely to be of use only to the case company. Any major outliers in the risk categories are discussed in the results.
Risks requiring special attention for the three ports include the age of the loading equipment at Hamina, IT-security and human resources at Hietanen and machine operating safety at Imatra. Recommendations for further development of the company’s risk management activities include the creation of a risk-aware culture in the organization and periodically reviewing and reassessing the risks at the ports.
The researcher does not have extensive background in risk management. A literary review of the subject was conducted to provide enough background to conduct the risk analysis. The core concepts of risk management are introduced along with the ISO 31000:2009 risk management standard to provide a basis for theoretical framework for risk analysis.
The results of the analysis are shown in a table with average risk magnitude comparing the results from the three ports. The results indicate that all the locations have a unique risk profile with emphasis on different risk categories. The results from the risk analysis are not generalizable across different studies and are likely to be of use only to the case company. Any major outliers in the risk categories are discussed in the results.
Risks requiring special attention for the three ports include the age of the loading equipment at Hamina, IT-security and human resources at Hietanen and machine operating safety at Imatra. Recommendations for further development of the company’s risk management activities include the creation of a risk-aware culture in the organization and periodically reviewing and reassessing the risks at the ports.