3. 1. Executive Summary
This report has designed a strategic risk management plan for Marriott Sprowston Manor Hotel
in Norwich. The objective of the strategic risk management plan is to manage the Hotel risk
swiftly and effectively to an interruption to normal business operations, protecting the associates
and assets of the hotel, and ensuring the continuity of critical business functions.
Enterprise risk management framework is used as a strategy to develop the plan for Hotel to deal
with risk and opportunities by enterprise risk management process. Enterprise risk management
process helps to ensure effective reporting and compliance with laws and regulations, and helps
avoid damage to the business reputation and associated consequences. This report shows how
enterprise risk management helps the Hotel to achieve its objectives and get to where it wants to
go and avoid pitfalls and surprises along the way.
2. Introduction to Risk Management
Risk can be defined as combination of the probability of an event and its consequences. In all
types of understanding, there is the potential for events and consequences that constitute
opportunities for benefit and threats to success.
Risk Management is increasingly recognized as being concerned with both positive and negative
aspects of risk. Therefore this standard considers risk from both perspectives.
Risk Management is a central part of any organizations strategic management. It is the process
whereby organizations methodically address the risks attaching to their activities with the goal of
achieving sustained benefit within each activity and across the portfolio of all activities.
The focus of good risk management is the identification and treatment of these risks. Its
objective is to add maximum sustainable value to all the activities of the organization. It
3
4. increases the probability of success, and reduces both the probability of failure and the
uncertainty of achieving the organizations overall objectives.
It must be integrated into the culture of the organization with an effective policy and a
programme led by the most senior management. It must translate the strategy into tactical and
operational objectives, assigning responsibility throughout the organization with each manager
and employee responsible for the management of risk as part of their job description. It supports
accountability, performance measurement and reward, thus promoting operational efficiency at
all levels.
2.1 Examples of the drivers of key Risks
Financial Risk Strategic RisksExternally Driven
Externally Driven Competition
Interest Rates Customer Changes
Foreign Exchange Industry Changes
Credit Customer Demand
Internally Driven Internally Driven
Liquidity & Cash Flow Research & Development
Accounting Controls
Operational Risk Hazard Risks
Externally Driven Externally Driven
Regulations Natural Events
Culture Environment
Internally Driven Suppliers
4
5. Information Systems / Supply Chain Internally Driven - - Products & Services
3. Types of Possible Risk @ Marriott Sprowston Manor Hotel
There are various ways to think about risk, and one of the more comprehensive approaches to
categorize risks into four quadrants
A. Financial Risk
Financial risk for the hotel concerns money, including capital availability, cash-flow
management, investment evaluation and credit default. Following types of financial risk;
Global Economic Crisis Risk
Economic conditions continue to challenge hotel to achieve business and profit margins. Due to
economic downturn it is becoming difficult for the hotel to maintain Marriott brand as a lesser
amount of capital given to run the operation. As lack of spending by customers has created a big
risk to the hotel to achieve targeted sales and revenue to run the hotel. Example - The new
government plans of budget cuts in public sector has affected hotel adversely, as public sector
such as Norfolk county council do not hold any events or conferences at the hotel. This has taken
off a huge profit making business of the hotel. While the global economy is not a free fall as it
was, it will be a challenge for the hotel to remain profitable and successful in next 5 years.
B. Strategic Risk
Strategic risk arises out of volatility in the hospitality industry, market changes and challenges to
brand and reputation; may include leadership, competition and owner. Following types of
strategic risk;
Competition Risk
Increasing number of competitors in Norfolk has created a significant risk to the hotel. It is
important for Marriott to perform well and to be competitive in fast growing market. Norfolk
5
6. have number of different branded hotels providing high quality of service to guest and offering
competitive rates to customers to achieve business. Due to increasing competition in Norfolk the
business at hotel is declining and it’s has created more complexity for Marriott to attract more
customers and gain business. Because of the recession corporate companies are spending less
and looking to move their business to different hotels for possible competitive rates. It will be a
challenge for Marriott to gain more business and remain competitive in increasing competition.
Reputational Risk
Managing reputational risk is a paramount concern for any organization that has valuable brands;
and brand value is the one of the most important asset. Reputation is very significant for the hotel
to be competitive in fast growing market. Reputation risk is becoming a key source of
competitive advantage as products / services become less differentiated. Failure to provide high
quality of service according to set Marriott brand standards and dissatisfying customer needs
could impair bad hotel reputation. It’s very important for the hotel to focus on how to enhance
and protect that asset
C. Operational Risk
Operational risk arises out of the daily operations at the hotel and, ultimately, affects bottom line;
includes the traditionally insurable risks, such as fire, natural disasters, guest and associate
injuries and theft at the hotel; also include many uninsurable risks, such as guest and employee
satisfaction, information security and efficiency in operating the hotel. Following types of
operational risk;
Technology Risk
A failure to keep pace with developments in technology could damage operation or competitive
position. Hospitality industry continue to demand the use of sophisticated technology and
systems, including those used for reservation, revenue management and property management
systems and technologies that are available for guest during their stay. These technologies and
systems must be refined, updated or replaced with more advanced systems on a regular basis. If
6
7. hotel is unable to do so as quickly as competitors or within budgeted costs then business could
suffer.
Increasing Cost Risk
High inflation rate and changes in tax and other laws and regulations could reduce profit
margins, and increase the hotel running cost. Example - Food prices are increasing dramatically
which has become difficult for the hotel to achieve food cost of sales. According to Marriott
standards it is very important for the hotel to deliver high quality of food to guest and meet
expectations. It has become inflexible for hotel to control the cost of sales and achieve targeted
profit margins. Due to increasing cost and limited budget to spend, it will be a challenge for the
hotel to sustain profit margins.
Associates (Employees) Risk
If Marriott cannot attract and retain talented associates then business could suffer. Marriott
compete with other companies both within and outside of industry for talented personnel. If
unable to recruit, train, develop, and retain sufficient numbers of talented associates, hotel could
experience increased associate turnover, decreased guest satisfaction, low morale, inefficiency,
or internal control failures, Insufficient numbers of talented associate could also limit the ability
to grow and expand business.
Hazards Risk
Hotels. Large or small, rural or city based, can be hazardous places. The following details
highlight some of the hazards and risks that might exist in hotel. They are by no means
exhaustive and will vary depending on the particular business.
7
8. Main Types of Hazards
1. Natural Hazards 2. Technical Hazards
Flooding Power failure/fluctuation
Fire HVAC failure
Earthquakes Computer hardware failure
Tornadoes Computer software failure
Hurricanes Gas leaks
Winter storms Transportation accidents (chemical/bio-
hazard spills)
D. Compliance Risk
Compliance risk such as traditional contract and regulatory compliance; also focuses on accurate
and timely financial reporting, adherence to company policies, and workplace health and safety.
It’s Important for a risk manager to manage the hotel’s risk productively. In doing so, it
can make difference in hotel’s bottom line, while at the same time protecting the reputation
of Marriott brand.
8
9. 3.1 Risk Chart
C. A.
D. B.
Figure 1
3.2 Risk Table
Numbers Types of Risk Impact / Likelihood
A Financial Crisis
Global Economic Crisis Very High / Almost Certain
Risk
9
10. B Strategic Risk
Competition Risk High / Likely
Reputational Risk
C Operational Risk
Technology Risk
Increasing Cost Risk Very High / likely
Associate (Employee) Risk
Hazards Risk
D Compliance Risk High / Moderate
A. Examples of range of operating risk common to the Hotel.
The profitability of the hotels that may be adversely affected by a number of factors that includes
Pricing strategies of competitors
The availability of and demand for hotel rooms
International, national and regional economic and geopolitical conditions
The impact of war, actual or threatened terrorist activity and heightened travel security
measures instituted in response to war, terrorist activity or threats
The desirability of particular locations and changes in travel patterns
The occurrence of natural disasters, such as earthquakes, tsunamis, and hurricanes
Taxes and government regulations that influence or determine wages, prices, interest
rates, construction procedures and costs
10
11. The availability and cost of capital to allow hotel and potential hotel owners and joint
venture partners to fund investments
Regional and national development of competing properties
Foreign currency exchange fluctuations
Increases in wages and other labor costs, energy, healthcare, insurance, transportation and
fuel and other expenses
B. Examples of risk (incidents) that cause direct and indirect disruptions to the
Hotel business
Disruption to hotel business can occur through many Direct & in-Direct means
Whilst intentional security related incidents such as Criminal & Terrorism, many other
serious disruptions are created though unintentional Accidental, Climate or
Environmental incidents and disasters
An organization may become a ‘Proximity Victim’ from an un – related external threat or
incident
Direct Disruption Examples Indirect Disruption Examples
Crime/Fraud/ Terrorism External Financial Crisis
Fire Pandemic Issue
Flooding Currency Fluctuation
Bomb threat Legislative Practices
IT Failure Adverse Weather Conditions
Power Outage Transport Disruptions
High Security Alert
Industrial Action
4. Purpose of Strategic Plan
11
12. The Strategic plan aims to identify the main objectives and activities that Marriott Sprowston
Manor Hotel will focus on over the next five years.
The most significant issues to be addressed are:-
The development of a risk culture
The integration of ‘risk’ as a factor in decision making
The importance of the risk management system to the future viability of the Hotel
Key recommendations are:-
That Marriott Approve the strategy plan.
4.1 Status of Strategy Plan
Basic information about the strategy is contained in the table.
Strategy effective from this date Jan 2011
Strategy Covers this period Jan 2011 to Jan 2016
Strategy approved by General Manager / Cluster GM
Strategy to be adopted by the Hotel Jan 2011
Person Accountable for this strategy Human Resources Manager
1st Person to contact about this strategy Human Resources Manager
Stakeholders to consult with (minimum) GM, Executive Directors, Managers, Staff
Performance will be reported through Management Plan
This strategy must be reviewed at least Annually
This Plan is an integral support document for the organization and guide for the Hotel and policy
making in the area of risk management.
4.2 Key Issues
12
13. Strengths :- Opportunities :-
Well Managed integration of current systems with risk
management
Financially Sound operation
Utilization of talented staff
More awareness of risk management
standards over recent years
Regular committee meetings
Weaknesses :- Threats :-
Process documentation in risk Bad risk may occur due to lack of
management is lacking process documentation
Lack of knowledge at a supervisor level Poor Decision making as a result of not
regarding risk management enough emphasis on risk analysis
Resources appear to be inadequate in Risk of bad reputation as not
the risk management areas maintaining the brand standards.
Recording important information
5. ERM Framework for Marriott Sprowston Manor Hotel
13
14. ERM Framework -- Figure 2
This enterprise risk management strategy is chosen for the Marriott Sprowston Manor hotel to
deal with risks and opportunities and to manage risk by enterprise risk management process.
With the enterprise risk management framework, it will enable Marriott to mitigate risk for the
smooth flow of business.
Risk Management is important to the operations of the hotel. The identification, assessment and
control of all risks are important to the successful achievement of the hotel’s vision and mission.
An important part of the enterprise risk management strategy is the development of processes for
the smooth flow of business. As a Marriott brand it is important for the hotel to maintain the
standards and provide high quality of service to customer, and maintain the reputation risk.
Marriott Sprowston Hotel is subject to various risks that could have a negative effect on the
company and its financial condition. Marriott considers the skills, resources and technology
required to manage and monitor risk exposures in the context of risk appetite. It does this by
helping staff to understand the relative significance of the risks faced by the hotel and thus better
priorities risk monitoring and control activities. The aim of the plan is to plot the risk for the
hotel for next 5 years that might impact on adverse incidents and may interrupt normal business
14
15. operations. This plan will show the implementation of strategies in hotel operation for efficient
flow during the 5 years period.
Example --
Marriott recognizes that it is too late to plan an effective response to an adverse incident
and resulting business interruption once the incident has occurred.
The extraordinary events that have occurred since September 2001 have only served to re
emphasize the need and to be prepared to respond to old as well as new challenges to the
world in which it operate. As the old adage tells, ‘Failing to Prepare is Preparing to Fail’
Enterprise business risk is defined as threats to the organization's capability to achieve its
objectives and execute its business strategies successfully. The organization's value creation
objectives define the context for management's determination of risk management goals and
objectives which, in turn, drive and focus the process of managing business risk.
The top face of the cube in figure 2 indicates that enterprise risk management spans the
hotels decision making process both strategically and it’s day to day operation. Enterprise
risk management is also integrated into the hotel’s reporting structure and all that it does
to meet compliance. The right hand side of the cube demonstrates that enterprise risk
management is considered throughout all levels of the hotel. The eight interrelated
components represented on the front face of the cube form the basis for establishing and
putting enterprise risk management into practice at the hotel. Each component is described
in more detail as follows;
Internal Environment – The internal environment comprises the Hotel’s history, culture,
values, organizational structure, strategy, policies and procedures. It forms the foundation for
15
16. defining the hotel’s risk approach and risk appetite.
Objective Setting – The objective setting is the process of determining the strategic objectives
for the Hotel and its risk strategy. The Hotel’s risk tolerance and the alignment between its risk
appetite and its objectives form part of the overall hotel strategy.
Event Identification – Event identification describes those developments either or external to
the Hotel that could significantly affect its ability to meet its strategic objectives, either
positively or negatively. In order to assure that the full scope of the Hotel is considered, event
and trend identification is done broadly engaging the management team.
Risk Assessment – Risk Assessment describes the extent to which potential events and trends
might affect Hotel’s objectives. Events and trends are assessed by two criteria – impact and
likelihood. Risk assessment can be done by qualitative or quantitative methods. Inherent and
residual risk assessments are employed. Both positive and negative impacts of events should be
examined.
Risk Response – The risk response is assessed for each risk event and trend by considering the
Hotel’s risk tolerance. Typical risk responses considered for a risk event include avoidance,
reduction, transferring, sharing or acceptance.
Control Activities – Control activities include the policies, procedures, reporting and initiatives
performed by the Hotel to ensure that the desired risk response is carried out. These activities
take place at all levels and functions of the hotel.
Information and Communication – Hotel information and communication regarding risk
management is identified, captured and communicated broadly to enable all personnel to deliver
on their responsibilities.
16
17. Monitoring – Monitoring refers to managing risk in the course of day to day operations.
Periodic evaluations where management defines the scope, methodology and frequency are done
to ensure currency of information in the Hotel business.
Enterprise risk management is not strictly a serial process, where one component affects only the
next. It is a multinational, iterative process in which almost any component can and does
influence another.
5.1 Enterprise Risk Management Framework Objectives
Enterprise risk management through the application of the framework objectives aids in the
achievement of the Hotel strategic priorities and advances the management practices at the hotel
specially, the ERM framework objectives are to:
A. Incorporate a consistent approach to risk management into the culture and strategic planning
process of the hotel, supporting the setting of priorities and making of decision making at the
management level within the operation.
B. Apply a consistent approach to risk response and control activities to support the hotel
governance responsibilities for innovation and responsible risk taking, policy development,
programs and objectives. In all cases appropriate measures will be put in place to address
unfavorable impacts from risks and favorable benefits from opportunities.
C. Manage a transparent approach to risk through formal and informal communication and
monitoring of all key risks, balancing the cost of managing the risk with the anticipated benefit.
Risk management practices will be adapted to encompass best practices, specific circumstances
and mandate.
5.2 Enterprise Risk Management Key Concepts
17
18. A hotel has complicated operations generating a risk that is broad and diverse. Risk is defined as
those potential events and trends that may significantly affect the hotel’s ability to achieve its
strategic goals or maintain its operation either positively or negatively. Once the event or trend
happens, it is no longer a risk; rather it is an issue for the hotel to deal with.
Good Managers address risk by implicitly building it into their programming and decision
making. The enterprise risk management framework is a methodology that formalizes risk
management and provides an all encompassing view of risk in order to aid in the operation of the
hotel.
A. The enterprise risk manager facilitates achieving the hotel’s strategic objectives by bringing a
systematic approach to evaluating and improving the effectiveness of risk management and
control.
B. All risks facing the hotel whether quantifiable or not is to be considered. Several types of risk
that are not easily quantified can potentially hold significant impact on a hotel, e.g. reputation,
customer experience.
C. All risks facing the hotel will be evaluated based on the likelihood of the risk occurring as
well as the impact on the Hotel if the risk event were to occur. The likelihood and impact of each
risks is evaluated both at an inherent (without Management) and residual (with Management)
level.
D. The following elements are essential when managing risk:-
1. Assurance: - Stakeholders are assured that risk is being managed within the hotel’s risk
tolerance and receive information regarding the quality and type of control in place.
2. Oversight and responsibility: - All critical risks facing the hotel have been identified,
managed and reported on at a level and frequency that support the hotel’s risk tolerance.
18
19. 3. Ownership: - Risks owners are assigned and understand their responsibility for management,
oversight and assurance.
E. Risk response for identified risks will be assessed according to the hotel’s risk appetite.
The Five possible risk responses are to:-
o Avoid (eliminate) the risk;
o Reduce (mitigate) the risk;
o Transfer the risk (e.g. insurance);
o Share the risk; or,
o Accept the risk.
F. A formal or informal evaluation of risk will be considered depending on the scope of the
decision or action taken at the Hotel. This will be done both at the onset and throughout the life
of the decision or action. Where applicable and quantifiable, the expected cost of the risk will be
considered in the business case used in the decision and evaluation process.
G. There will be a desire to learn from events that have transpired – the risk management process
is a cycle where experience providers key information for new decision and actions. Open and
appropriate communication of results and lessons learned is required to facilitate learning.
H. The hotel business risk will be evaluated annually. New risks will be considered. Risks no
longer relevant will be removed. The risk will be refreshed by rating the likelihood and impact
for each risk. The information is used to prioritize the risks and this in turn flows into the Hotel’s
business planning cycle.
5.3 Implementation of Enterprise Risk Management Process
The hotel process for risk management is shown below in figure 3 and is simply a flow chart of
expression of the front face of the cube shown in Figure 2. The process is continues and can be
applied at the hotel business level.
19
20. Internal
Environment
Objective Event Risk Risk Information /
setting identification Assessment Response Communicati
on
Control Monitoring
Activities
ERM Process -- Figure 3
A. ERM Risk Matrix and corresponding Management Action
Risk is evaluated by two criteria – likelihood and Impact. Figure 4 displays a matrix that
graphically represents impact and likelihood of each risk, as well as the corresponding
Management action. The Color gradient from green (low) to red (high) provides a comparative
level of priority when evaluating the hotel’s risk. The matrix is used to evaluate risk at the
inherent (without management) and residual (with management) levels. The corresponding
Management action suggests the appropriate response for risk assessed in that area of the matrix.
B. Risk Matrix and Corresponding Management Action
Risk Management Actions
Impact
Considerable Must manage Extensive
Significant management and management
required monitor risks essential
Moderate Risks may be Management Management
worth effort effort
20
21. accepting with worthwhile required
monitoring
Minor Accept Accept, Manage and
risk but monitor monitor
risk risks
Low Medium High
36 month 18 to 36 months 12-18 months
Likelihood
Risk Matrix -- Figure 4
5.4 ERM Communication and Consultation
Effective enterprise risk management requires information to be obtained of the hotel for
identifying, assessing and responding risk. Consultation will be as broad as possible within the
hotel business and use a variety of approaches. Hotel personnel will be encouraged to identify
risks that are both internal and external to the business. The knowledge gained through ERM will
be communicated in a relevant form and timeframe enabling Hotel personnel to carry out their
responsibilities while incorporating risk management.
5.5 Roles & Responsibilities
Everyone in an entity has some responsibility for enterprise risk management. The general
manager of the hotel is ultimately responsible and should assume ownership. Other Managers
support the hotel’s risk management philosophy; promote compliance with its risk appetite and
mange risks within their spheres of responsibility consistent with risk tolerance. A risk officer,
financial officer, internal auditor and others usually have key support responsibilities. Other
entity personnel are responsible for executing enterprise risk management in accordance with
established directives and protocols. The general manager provides important oversight to
enterprise risk management, and is aware of and concurs with the entity’s risk appetite. A
number of external parties, such as customers, vendors, business partners, external auditors,
regulators and financial analysts often provide information useful in effecting enterprise risk
21
22. management, but they are not responsible for the effectiveness of, nor are they a part of, the
entity’s enterprise risk management.
Position Responsibilities
The General Manager should discuss with the Executive Directors the
state of the hotel’s enterprise risk management and provide oversight
General Manager as needed. The GM should ensure it is apprised of the most significant
risks, along with actions management is taking and how it is ensuring
effective enterprise risk management. The General Manager should
consider seeking input from internal auditors and external auditors and
others.
The study suggests that Executive Directors assess the hotels
Executive Directors enterprise risk management capabilities. In one approach the
Executive Directors brings together business unit heads and key
functional staff to discuss an initial assessment of enterprise risk
management capabilities and effectiveness. Whatever its form, an
initial assessment should determine whether there is a need for and
how to proceed with, a broader, more in dept evaluation.
Managers and other Personnel should consider how they are
Managers & other conducting their responsibilities in light of this framework and discuss
Personnel’s with more senior personnel ideas for strengthening enterprise risk
management. Internal auditors should consider the breadth of their
focus on enterprise risk management.
With this foundation for mutual understanding, all parties will be able to speak a common
language and communicate more effectively. Management will be positioned to assess the hotel
enterprise risk management process against a standard, and strengthen the process and move the
enterprise toward established goals.
6. Risk Mitigation Action Plan & Responsibilities
22
23. Focus Area & Actions Who When
A. Financial Risk :-
Economic and Financial Crisis Risk 01/11 / Review
between Jan
To enhance technology and revenue General Manager / Executive
2011 – Jan
management tool that will enable to Directors
2016)
monitor and respond quickly to the
changing landscape Annually
General Manager / Executive Review between
Reduce investment in business
Directors (Jan2011 – Jan
expansion
2016)
To preserve profit margin lines by
Quarterly
driving revenue, increasing market
Review between
share and managing costs and debt,
General Manager / Executive (Jan 2011 – Jan
this is important to keep the business
Directors 2016)
healthy and preserve as many jobs as
possible.
Develop promotions and sales Monthly review
strategies to help hotel to drive between (Jan
General Manager / Director
incremental revenue and capture 2011 – Jan
of Sales
greater market share 2016)
Cancel bonuses of all head of Annually
General Manager / Finance Review between
departments within the hotel that will
23
24. help to cover the debt Director (Jan 2011 – Jan
2016)
B. Strategic Risk :-
Competition Risk 01/11 / Review
Between (Jan
Implement pricing strategy tool and General Manager / Executive
2011 – Jan
offer competitive prices to customers Directors
2016)
Develop effective marketing plan to
Annually
be successful in the competitive
Director of Sales review between
market
(Jan 2011 – Jan
2016)
To understand strengths & Quarterly
weaknesses of the hotels in Director of Sales/ Sales review between
competitive set and classify the hotels Executive / Sales Team (Jan 2011 – Jan
unique features to sell the product and 2016 )
winning the competition
Monthly review
General Manager / Executive
To offer discounted rates to customer Directors
between (Jan
to gain business 2011 – Jan 2016
Provide high quality and standard Daily review
service to customers and satisfy needs Managers / Team Leaders between (Jan
in order to be competitive in market. 2011 – Jan
2016)
Reputational Risk
Regular review
Develop good brand image in order to General Manager / Executive between (Jan
be competitive in market
24
25. Provide high quality of service to Directors 2011 – Jan 2016
guest and satisfy needs for excellent
Hotel Associates Regular review
reputation
between (Jan
Manage guest complaints effectively 2011 – Jan 2016
so it doesn’t affect the reputation General Manager / Executive
Regular review
Directors
between (Jan
2011 – Jan 2016
C. Operational Risk :-
Technology Risk Regular review
between (Jan
Improve technology and systems, and Information Resources
2011 – Jan 2016
update or replace to advanced system Manager
on regular basis
Provide training to all the associates Regular review
Information Resources
and its importance for business between (Jan
Manager
2011 – Jan 2016
Increasing Cost Risk
01/11/ review
Implement tool to minimize cost and
General Manager / Director between (Jan
to increase revenue
of Finance 2011 – Jan 2016
Review and control costs for smooth
General Manager / Director Regular review
functioning of business and to meet
of Finance between (Jan
profit margin line.
2011 – Jan 2016
To reduce capital expenditure and
Annually
other miscellaneous costs General Manager / Director
review between
of Finance
Associates (Employees) Risk (Jan 2011 – Jan
25
26. Hire talented associates for business 2016)
development
Regular review
Provide training to associates on between (Jan
General Manager / Executive
regular intervals to offer standardized 2011 – Jan
Directors
service and satisfy customer 2016)
expectations
To look after associates and in turn
Regular review
associates will look after customers
General Manager / Executive between (Jan
and increase business
Director 2011 – Jan
Hazard Risk 2016)
Implement policies and procedures to
minimize harm to associates and
visitors and to control and mitigate
damage to property and equipment
Procedures for evacuation and 01/11 / review
assembly point at hotel between (Jan
Loss & Prevention Director 2011 – Jan
Implement Procedures to contain the 2016)
operational, service and public image
impacts of an adverse incident and to
manage and communicate information
regarding the incident.
26
27. D. Compliance Risk :-
Policies & procedures to ensure health Quarterly
safety standards are maintained review between
Loss & Prevention Director
(Jan 2011 – Jan
Conduct Health & Safety audit to
2016)
meet the compliance
7. Business Continuity Plan
Business continuity plan is a strategic plan that can also be used to manage risk and achieving
goals & objectives of the hotel.
Business Continuity Planning can be defined as a process which provides for the continuation of
critical business functions regardless of any event (called an Adverse Incident) that may interrupt
normal business operations. In the words the Company's Business Continuity is:
A process that can be implemented by Marriott management to ensure that Adverse Incidents are
responded to appropriately and timely, and, if the Adverse Incidents result in a business
interruption, to ensure the timely resumption of Mission Critical processes in a prioritized and
pre-planned manner.
Marriott's can compose a Business Continuity Program in four interdependent components,
which can together ensure a timely and appropriate response to an Adverse Incident:
A. Emergency Response: –
Procedures to minimize harm to customers and associates and damage to facilities and
equipment
B. Crisis Management:-
Procedures to contain the operational, service and public image impacts of an Adverse Incident
and manage and communicate information.
27
28. C. Disaster Recovery: -
Procedures to ensure the availability of mission critical computer systems, applications and
telecommunications
D. Business Resumption:-
Procedures to ensure the continuity and/or resumption of business operations in the event of a
partial or complete closure of a Marriott-managed property or corporate office.
The above four components will enable Marriott hotel to respond swiftly and effectively to an
interruption to normal business operation, protecting associates and assets, and ensuring the
continuity of critical business functions.
8. Conclusion
This report has developed the strategic risk management plan for Marriott Sprowston Manor
hotel to manage the hotel business risk and mitigating the risk. The main aim was to devise a
strategic risk management plan for next 5 years. The pan has developed an Enterprise risk
management strategy to respond the hotel risk effectively within a specific risk category.
Every step has taken to ensure that there was continuity throughout the whole plan and each risk
management elements are explained in detail. This will enable to understand each and every step
of risk management plan clearly. Continue assessment of all the modes will make the strategic
risk management plan successful and protect the Marriott brand in the fast growing hospitality
industry.
9. References
1. Strategic Risk – Risk management & different types of risk in business – (Viewed 24th
Nov)
<http://www.strategicrisk.co.uk/>
28
29. 2. The Risk Management Universe: A Guided Tour by David Hillson – Risk management
best practices and future development, understanding risk, (Viewed Nov 2010)
3. World Economic Forum – Global Risk Report 2010 – (Viewed 26rd Nov 2010)
<http://www.weforum.org/en/initiatives/globalrisk2010//index.htm>
4. IRM -- Risk Management Standard – (Viewed 28th Nov, 2010)
<http://www.theirm.org/publications/documents/Risk_Management_Standard_030820.pdf
5. Enterprise Risk Management – Integrated Framework - (Viewed 29th Nov 2010)
<http://www.idkk.gov.tr/>
6. Marriott Global Source MGS – Risk Management Strategy and Process – (Viewed 1st
Dec 2010)
<http://extranet.marriott.com>
7. Lecture Notes
29