1. Risk Assessment
Step 1
Identify Processes
In a manufacturing company, there will be following
processes
Manufacturing
Sales and Service
Purchase and Pay
Human Resource
Financial Consolidation & Reporting
The processes can be identified by looking at the
Income Statement and also how the company is
organized
www.risk.indigostripes.com
2. Risk Assessment
Step 2
Risk Identification
For each process meet with business unit
managers to understand “What could go wrong” ?
Also use some of the published normative models
from COSO and ISO31000 in order to consider
most risks for your business environment
Now consider what controls that are known to be
in place that would mitigate these risks
www.risk.indigostripes.com
3. Risk Assessment
Step 3
Risk Quantification
For each try to identify the money value that
would be impacted if the worst case happens.
Note you should not consider the controls or
mitigating factors. The worst that can happen is
the Impact (I)
Now try to understand the likelihood of the risk
happening by considering the controls. Example,
it may be only 20 percent of likelihood (L) of risk
happening
Now calculate actual Risk ( R) = Impact (I) X
Likelihood (L)
Risk quantification is subjective, both a science
and an art
www.risk.indigostripes.com
4. Risk Assessment
Step 4
Risk Tolerance
Now assess whether the residual risk is tolerable
and if not how to develop or enhance controls to
order to bring the risk under tolerance
Also regular testing of controls need to done to
make sure that controls are performing as
required and then adjust the risk assessment
www.risk.indigostripes.com
5. Risk Assessment
Do you need help with Risk
Assessment with your
company ?
Contact
nagesh@indigostripes.com
www.risk.indigostripes.com