Business risk assessment
Upcoming SlideShare
Loading in...5

Business risk assessment






Total Views
Views on SlideShare
Embed Views



1 Embed 1 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Business risk assessment Business risk assessment Presentation Transcript

  • Notes by MS 1
  • Business risk assessment refers to the assessment ofrisks and opportunities affecting the achievements ofthe organizational goals and objectives.Business risk assessed at three levels. Business riskassessment at all three levels is essential to identify theTHREATS, OPPORTUNITIES and ALTERNATIVES for actionto achieve the organizational goal and objectives:  Strategic: guidance for a time period of 5 to 10 years and assessment performed by senior management. It is usually limited to assessment i.e. Identification, Measurement and prioritization of risk. 2
  •  Project/Program/Process: for current period of organizational activity. Project manager or process owner is responsible for initial assessment and monitoring or may also share with an oversight committee. It is a mixture/blend of risk assessment in the planning phase and risk management in the implementation phase. Operational: in everyday operations like health and safety issues. This performed by supervisory level or by individuals or work team tasked with a particular management. It is usually focuses on risk management i.e. standard workplace risks and hazards have been already identified in strategic process of assessment; the task is to manage risk to get the job done. 3
  • Strategic Risk Assessment1. Understanding of overall goals and objectives by examining of fundamental documents and classification of indentified goals and objectives into SHORT, MEDIUM and LONG TERMS issues.2. Choosing of strategic risks that are likely to be of greatest importance: ◦ Operational risk is that entity will not meet its operational goals and objectives. ◦ Fiscal risk is that deficiencies in expenditure control and revenues will adversely affect agreed-up outcomes or objectives. ◦ Reputation risk is that some action by the entity will impair the ability to reach its goals and objectives. ◦ Other strategic risk, such as Policy, Regulatory etc. 4
  • 3. Definition of various important and relevant environments and uncertainties: ◦ Political / Government ◦ Technological ◦ Legal and Regulatory ◦ Competitors ◦ Customers, Constituents and stakeholders ◦ Physical ◦ Markets ◦ Suppliers ◦ Economic/Financial 5
  • 4. Creation of series of matrices …… environments (step 3) X identification based on time (step 1)5. Using of various creative processes such as brainstorming, imagine scenario of possible threats and opportunities for each cell of matrix. Thinking outside the box as much as possible.6. Combining of the risk assessment for various goals and objectives for each of the three time horizon to get a composite strategic risk assessment. 6
  • Project Risk AssessmentIt uses a different method to identifying riskand opportunity. The method can be one orcombination from the following: ◦ Exposure analysis based on assets involved ◦ Environmental analysis based on study of changes ◦ Threats scenario by exploring various narrative scenarios under numbers of different conditions, especially for catastrophic events and frauds 7
  • Observation or/and measurement of risk is a difficultsubject, therefore, risk factors are used that are eitherobservable or measurable characteristics of conditionsat risk.A standard set of risk factors and criteria should beestablished to measure and rank projects according totheir perceived risk.Each project, program or process to be formallyassessed for risk should be scored by the projectinitiator with the established risk factors based onunderstanding of the project, program or process andthe perception of risk as described. 8
  • Procedure of Project Risk Assessment ◦ Identify Risk: use one or more methods to identify risk i.e. Exposure, Environmental and/or Threat analysis. 9
  • Measure Risk/Develop Alternatives: ◦ Read each factor and sub-criteria for familiarization with aim of each. ◦ Consider the project, program or process using each of the factors/criteria. ◦ Score each factor for the project, etc. on a scale of 1 to 5 (lowest to highest) based on your subjective assessment of the strength/weakness or presence/absence of the criteria. ◦ Sum the scores for the each factor and divide by the number of factors to get the average score. ◦ High risk score are those with an average of 4.25 or more. Low risk scores are those with an average score less than 2.25. These are starting figures that can be adjusted for experience. ◦ Analyze high-risk areas and develop alternatives i.e. controls and other risk management techniques, to deal with each of the high risk components. ◦ Price out the alternatives and compare risk and cost. 10
  • Control design: choose the most cost-effectivecontrols within reasonable prudence andorganizational tolerance for accepting risk.Risk Management: monitor risk and hazards,making adjustments to the project plan asnecessary to meet changing conditions. 11
  • Operational Risk ManagementOperational risk is the day to day mitigation of safetyand health risks of employees performing their jobs.Operational risk also covers visitors and temporaryworkers in the workplace and risk to general public dueto operations.The focus of operational risk is on risk management.Risk assessment usually done by a specialist involved inworkplace risk: ◦ Health Risk ◦ Safety Risk ◦ Environmental Risk 12