Technique 2.82 Risk Management

Introduction

Risk management (contingency planning) involves understanding and planning for possible events that could have a negative impact, ie what could go wrong.

Need to identify potential risks early and develop strategies to prevent or mitigate the negative impacts.

The aim is to
-
preventative (stop/eliminate the adverse event occurring)
-
recovery (mitigate/diminish/minimise/reduce the impact of the adverse event happening).

In identifying risks they are 2 types:
- external,
ie anything outside your organisation's influence like geopolitical challenges, industry challenges, socio-economic changes, etc
- internal,
ie anything inside your organisation like staff, conditions of work, skill levels, etc

Once the risks are identified with possible controls, there is a need to assess the likelihood of each risk occurring, eg
- low, medium or high
- rare, unlikely, possible, likely, almost certain
- numerical ranking like from 1 to 5, with 1 indicating unlikely and 5 very likely

Regularly monitor and evaluate plus update your risk register

Your risk management will be successful if:
- all this risks are identified with time to develop and implement any necessary controls
- your controls are in place in preventing or mitigating risk
- your risk register is kept up to date
- all staff are aware of potential risks and their role in risk management

Identifying and ranking risk

 

No.

The risk
(what could happen & and how it can happen?)
Consequences from an event happening Description & adequacy of existing controls Likelihood rating
(a)*i
Consequence rating
(b)*ii
Overall risk level
(a + b)
Risk priority*iii
               
               
               

Notes
i)
rare (1), unlikely (2), possible (3), likely (4), almost certain (5)
ii) low (1), medium (2), high (3), very high (4)
iii) top, medium, low

Risk treatment and action plan

No. Treatment / controls to be implemented
Risk rating after treatment, etc
Person responsible for implementing treatment, etc
Timeframe
Date completed
Monitoring
Reviewing
Date completed
 




How
When

                 
                 
                 

Most managers are good at understanding single, simple risk and at mitigating against it. However many struggle to understand multi-risks and their relationships to each other plus causality chains.
(source: David Bryan, 2020)

Search For Answers

© 2008 - 2023 Bill Synnot and Associates
Registered - All Rights Reserved
Designed by: FineIT

BSA Chat Assistant