The ABCs of Risk Management

Risk management appears as something that is mystical and cryptic. Just read this description from Wikipedia:

“Risk management is the identification, assessment, and prioritisation of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability and/or impact of unfortunate events or to maximise the realisation of opportunities. Risk management’s objective is to assure uncertainty does not deflect the endeavour from the business goals.”

It's not as difficult to understand risk assessment as it seems. Basically, risk management is necessary to prepare for known risks, and it can be done in many ways. To choose a correct way, a case-specific evaluation is required, including evaluating the type and the severity of the risk. In this text, we will categorise risk and go over your options for managing the risks.


Categorising Risks

Risks can be categorised in many ways, though categorisation isn’t always necessary. Broad categorisation is usually done between damage risks and business risks.

Damage risks are harmful and unexpected events or chains of events that are caused by human mistakes, environment, and/or malfunctioning or broken devices or systems. Business risks consist of business investments where the counterbalance of potential reward is the business’ failure. Therefore, business risk usually has a positive counterpart, while damage risk doesn’t.

That’s why damage risks are perceived as the target for risk assessment. Damage risks can be categorised by the cause, the environment, or the action. The risk can be caused by nature, humans, buildings, devices, etc. The risks found in a specific environment can be caused by the same factor, but their effects or the ways to manage them can be different. For example, managing a forest fire is different than managing an attic fire.


Options for Managing Risks

Quick version: Can you remove the risk? If not, can you decrease the probability of the risk or the severity of the consequences? If that isn’t possible, can you transfer the risk? And if that doesn’t work, you can always accept the risk.

Explanation: My risk is to crash my car on my way to work. I have removed the risk by using public transport. I also have a risk of being late to my meetings. I’ve reduced the probability of being late by leaving for my meetings a bit earlier. However, if I’m about to be late, I notify the person I’m having the meeting with. This is a way to diminish the severity of the consequences.

After the meeting, I’m walking on the street and accidentally knock over a ladder that a worker is standing on. The risk is that I could be accused of causing damage and be held legally responsible. This is why I’ve transferred the risk regarding the costs by insuring myself with liability insurance. When I come home late, I have the risk of getting a scowl in my direction. I’ve accepted that risk.


We will familiarise you even more with risk assessment in our following texts.

For more on how you can be ahead of risks, implement VUCA in your life. 

Safety KPI's are the core of risk management. Download our FREE guide to learn more:

New call-to-action

We are building the world's first operational involvement platform. Our mission is to make the process of finding, sharing, fixing and learning from issues and observations as easy as thinking about them and as rewarding as being remembered for them.‍

By doing this, we are making work more meaningful for all parties involved.

More information at

Related posts

Decoding Risk Management with Erik Engstrand

Nearly all real estate assets being impacted by COVID-19, we sat down remotely with Erik Engstrand,...

Risk Management
3 min read

The Power Of Whistleblowing

To understand whistleblowing and its importance in risk management, it is first necessary to...

3 min read

Apprehending Whistleblowing with Miikka Karimo

With whistleblowing being a hot topic due to the upcoming EU Directive, we interviewed Miikka...

3 min read

Involve your stakeholders to report

At Falcony, we create solutions that multiply the amount of observations and enable our customers to gain greater understanding of what’s going on in their organisations, areas of responsibility and processes.