A week’s holiday in North Wales and I’m behind with my reading.
The lure of the beautiful Welsh coastline has cost me. I’m now fighting a rearguard with my IRM International Certificate in Risk Management coursework.
Fortunately, I’ve been pretty strict with the timetable and left myself a couple of weeks before the exams start in June to catch-up. But I can’t afford to fall behind much more.
The third module, of which I’m about half way through, is about risk assessment.
According to the core text: “Risk assessment is defined in British Standard BS 31100 as the overall process of risk identification, risk analysis and risk evaluation.”
The purpose of risk assessment is to identify the significant risks that could affect the undertaking, whether that’s the organisation’s strategic objectives or a particular project/process/operation.
Sounds simple enough, but there’s a lot of reading in this module.
I’m already learning, for example, about different risk classification systems. One in particular is called PESTLE. That stands for political, economic, sociological, technological, legal and ethical (including environmental) risks. It is often used to identify external and hazard risks but it’s less easy to apply to financial, infrastructure and reputational risks.
Risk assessment includes an evaluation of risk likelihood and impact. This allows for a determination of the right response. Loss control initiatives help to reduce the likelihood and impact of a loss—and its therefore a central component of hazard risk management.
It’s not that simple though. Some risks should be minimised but others should be embraced to achieve growth, e.g. those associated with a new product line or company alliance.
I’ve learnt that as well as defending against bad risks the best companies define and predict the upside risks that can deliver significant rewards.
No comments yet