The small business specialists
Phone: 13 12 49
Risk management is a process in which businesses identify, assess and treat risks that could potentially affect their business operations.
A risk can be defined as an event or circumstance that has a negative effect on your business, for example, the risk of having equipment or money stolen as a result of poor security procedures. Types of risk vary from business to business.
You must decide on how much risk you are prepared to take in your business. Some risks may be critical to your success; however, exposing your business to the wrong types of risk may be harmful.
The most common business risk categories are:
Others include health and safety, project, equipment, security, technology, stakeholder management and service delivery.
Your risk management plan should detail strategies for dealing with risks specific to your business. It’s important to allocate time and resources to preparing your plan to reduce the likelihood of an incident affecting your business.
You can develop a risk management plan by following these steps:
Undertake a review of your business to identify potential risks. Some useful techniques for identifying risks are:
Ask yourself ‘what if’:
You can assess each identified risk by establishing:
TIP: The level of risk is calculated using this formula:
Level of risk = likelihood x consequence
To determine the likelihood and consequence of each risk it is useful to identify how each risk is currently controlled. Controls may include:
A risk analysis matrix can assist you to determine the level of risk.
Managing risks involves developing cost effective options to deal with them including:
Avoid the risk - change your business process, equipment or material to achieve a similar outcome but with less risk.
Reduce the risk - if a risk can’t be avoided reduce its likelihood and consequence. This could include staff training, documenting procedures and policies, complying with legislation, maintaining equipment, practicing emergency procedures, keeping records safely secured and contingency planning.
Transfer the risk - transfer some or all of the risk to another party through contracting, insurance, partnerships or joint ventures.
Accept the risk – this may be your only option.
You should regularly monitor and review your risk management plan and ensure the control measures and insurance cover is adequate. Discuss your risk management plan with your insurer to check your coverage.