The Risk Guide Risk Guide RSS Feed


Risk Management Knowledgebase

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 


Identifying Risks In order to manage risk, an organisation needs to know what risks it faces, and to evaluate them. Identifying risks is the first step in building the organisation’s risk profile.
Impact Impact if the risk occurs. Categories can be High/Medium/Low. Other typical categories are:
• Catastrophic (High)
• Major (High)
• Moderate (Medium)
• Minor (Low)
• Insignificant (Low)
Impact Analysis Impact analysis is essentially a means of systematically assessing the potential impacts resulting from various events or risks.
This is intended to help you understand the degree of potential loss (and various other unwanted effects) which could occur. This will cover not just direct financial loss, but other issues, such as reputational damage.
Implication An explicit statement of work or condition needed to achieve an objective or task.
Indirect Cost Direct costs (labour, material, and other direct costs) that can be consistently related to work performed on a particular activity.
Direct costs are best contrasted with indirect costs that cannot be identified to a specific activity.
Inherent Risk The exposure arising from a specific risk before any action has been taken to manage it.
This is the current risk rating.
Innovation Something new which may lead to better services/products, achievement of objectives or better value for money.
Many systems and processes are still paper-based and staff-intensive. The underlying assumption is that customers will fill in forms and that staff will process them by routine rather than by risk-managed exception.
Internal Control Response, which is initiated within the organisation, to risk is called internal control and may involve one or more of the following:
• tolerating the risk;
• treating the risk in an appropriate way to constrain the risk to an acceptable level or actively taking advantage, regarding the uncertainty as an opportunity to gain a benefit;
• transferring the risk;
• terminating the activity giving rise to the risk.
Interventions Interventions should be evidence based, though the lack of conclusive evidence should not block action proportionate to that risk.
Interventions should tackle as directly as possible the specific failures, concerns and other problems identified (and the specific causes and consequences of the hazards and risks).
Involuntary Exposure Some organisations can be exposed to risks which they can do little to mitigate or prevent themselves (e.g. exposure to natural radon emissions).
Issues Typical issues in risk assessment are:
Lack of Equipment; Competition; Human Error; Lack of Finance; Breach of Contract; Loss of Supplier; Poor Communication; Theft (by employees or external); Investment Decisions; Terrorism; Insufficient Skills; Food Safety;
Industrial Relations; Inadequate Staffing; Equipment Failure; Unsafe Working; Poor Recruitment; Computer Failure; Poor Management Controls; and, Inadequate Documented Procedures.
An Issue is a risk which has came to fruition. This is of immediate concern and must be dealt with promptly. A key point to remember is that an issue is something that has happened.

© RuleWorks - All Rights Reserved - Policy - - Sitemap