Managing Risk

Managing risk is something we each do on a daily basis. This is also true in a business context where risks should be actively managed. Risk management processes are designed to provide a set of tools to put in place plans to mitigate and eliminate or at least minimise the potential impact on business objectives.

A risk can be defined as “an uncertain event or set of events which, should it occur, will have an effect on the achievement of business objectives”. It therefore could have a positive outcome (opportunity) or a negative outcome (threat).

This definition highlights the importance of linking risks to the objectives of the business and provides an essential starting point to understanding and defining the implications of risks that may be encountered.

A useful starting point is to undertake a SWOT Analysis. Identify your business Strengths, Weaknesses, Opportunities and Threats. Assess the risks associated with each opportunityand threat and log its probability and impact.

Consider risk management controls and reassess the risk in light of these controls. Eliminate or at best minimise the risk, conversely plan to capitalise on an opportunity realised. The stages of the risk management process including identifying, assessing, treating, monitoring and reporting risks should be recorded in a risk register.

Risk management is a continual process where opportunities and threats change as we move forward, therefore your risk register is not static. It is a management tool that should be used to help the achievement of the objectives of the business. Hence it is essential to ensure there is a robust approach to the management of risk with a regular risk review.