risk analysis

What is Risk Analysis?

Risk Analysis helps you identify and manage potential problems that could undermine key business initiatives or projects.

Risk is made up of two things: the probability of something going wrong, and the negative consequences that will happen if it does.

You carry out a Risk Analysis by first identifying the possible threats that you face, and by then estimating the likelihood that these threats will materialize.

Risk Analysis can be quite involved, and it's useful in a variety of situations. To do an in-depth analysis, you'll need to draw on detailed information such as project plans, financial data, security protocols, marketing forecasts, or other relevant information.

When to Use Risk Analysis

Risk analysis is useful in many situations, for example, when you're:

• Planning projects, to help you anticipate and neutralize possible problems.
• Deciding whether or not to move forward with a project.
• Improving safety and managing potential risks in the workplace.
• Preparing for events such as equipment or technology failure, theft, staff sickness, or natural disasters.
• Planning for changes in your environment, such as new competitors coming into the market, or changes to government policy.

How to Use Risk Analysis

To carry out a risk analysis, follow these steps:

1. Identify Threats

The first step in Risk Analysis is to identify the existing and possible threats that you might face. These can come from many different sources. For instance:

• Human - from illness, death, injury, or other loss of a key individual.
• Operational - from disruption to supplies and operations, loss of access to essential assets, or failures in distribution.
• Reputational - from loss of customer or employee confidence, or damage to market reputation.
• Procedural - from failures of accountability, internal systems and controls; or from fraud.
• Project - from going over budget, taking too long on key tasks, or experiencing issues with product or service quality.
• Financial - from business failure, stock market fluctuations, interest rate changes, or non-availability of funding.
• Technical - from advances in technology, or from technical failure.
• Natural - from weather, natural disasters, or disease.
• Political - from changes in tax, public opinion, government policy, or foreign influence.
• Structural - from dangerous chemicals, poor lighting, falling boxes, or any situation where staff, products, or technology can be harmed.

It's easy to overlook important threats, so make sure that you do as thorough an analysis as you can. You can use a number of different approaches to do this:

• Run through a list such as the one above to see if any of these threats are relevant.
• Think about the systems, processes, or structures that you use, and analyze risks to any part of these. Then, see if you can spot any vulnerabilities within them.
• Ask others who might have different perspectives. If you're leading a team, ask for input from your people, and consult other people in your organization or those who have run similar projects.

source: http://www.mindtools.com/pages/article/newTMC_07.htm