The ABCs of Risk Management
Risk management appears as something that is mystical and cryptic. Just read this description from Wikipedia:
“Risk management is the identification, assessment, and prioritisation of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability and/or impact of unfortunate events or to maximise the realisation of opportunities. Risk management’s objective is to assure uncertainty does not deflect the endeavour from the business goals.”
It's not as difficult to understand risk assessment as it seems. Basically, risk management is necessary to prepare for known risks, and it can be done in many ways. To choose a correct way, a case-specific evaluation is required, including evaluating the type and the severity of the risk. In this text, we will categorise risk and go over your options for managing the risks.
Risks can be categorised in many ways, though categorisation isn’t always necessary. Broad categorisation is usually done between damage risks and business risks.
Damage risks are harmful and unexpected events or chains of events that are caused by human mistakes, environment, and/or malfunctioning or broken devices or systems. Business risks consist of business investments where the counterbalance of potential reward is the business’ failure. Therefore, business risk usually has a positive counterpart, while damage risk doesn’t.
That’s why damage risks are perceived as the target for risk assessment. Damage risks can be categorised by the cause, the environment, or the action. The risk can be caused by nature, humans, buildings, devices, etc. The risks found in a specific environment can be caused by the same factor, but their effects or the ways to manage them can be different. For example, managing a forest fire is different than managing an attic fire.
Options for Managing Risks
Quick version: Can you remove the risk? If not, can you decrease the probability of the risk or the severity of the consequences? If that isn’t possible, can you transfer the risk? And if that doesn’t work, you can always accept the risk.
Explanation: My risk is to crash my car on my way to work. I have removed the risk by using public transport. I also have a risk of being late to my meetings. I’ve reduced the probability of being late by leaving for my meetings a bit earlier. However, if I’m about to be late, I notify the person I’m having the meeting with. This is a way to diminish the severity of the consequences.
After the meeting, I’m walking on the street and accidentally knock over a ladder that a worker is standing on. The risk is that I could be accused of causing damage and be held legally responsible. This is why I’ve transferred the risk regarding the costs by insuring myself with liability insurance. When I come home late, I have the risk of getting a scowl in my direction. I’ve accepted that risk.
We will familiarise you even more with risk assessment in our following texts.
For more on how you can be ahead of risks, implement VUCA in your life.
Safety KPI's are the core of risk management. Download our free guide:
We are building the world's first operational involvement platform. Our mission is to make the process of finding, sharing, fixing and learning from issues and observations as easy as thinking about them and as rewarding as being remembered for them.
By doing this, we are making work more meaningful for all parties involved.
More information at falcony.io.
With whistleblowing being a hot topic due to the upcoming EU Directive, we interviewed Miikka...
Nearly all real estate assets being impacted by COVID-19, we sat down remotely with Erik Engstrand,...
Proper case management is integral to any business and, luckily, there is now a range of software...