Scribd Logo
Upload

Welcome to Scribd!

  • Risk Assessment-Creating A Risk Matrix

    Uploaded by

    Federico Leon
    250 views11 pages
    Risk Assessment: Creating a Risk Matrix

    Original Title

    Risk Assessment-Creating a Risk Matrix

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Risk Assessment: Creating a Risk Matrix

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    250 views11 pages

    Risk Assessment-Creating A Risk Matrix

    Uploaded by

    Federico Leon
    Risk Assessment: Creating a Risk Matrix

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    RISK

    ASSESSMENT:
    CREATING A
    RISK MATRIX

    5 minutes on

    Tim Lozier, EtQ, Inc.

    CONFIDENTIAL: This document contains information that is confidential and proprietary to EtQ, Inc.
    Disclosure, copying, distribution or use without the express permission of EtQ is prohibited. Copyright 2013

    Risk
    is
    the
    new
    Compliance needs to be maintained need a systematic,
    quantitative measure
    Benchmark
    Risk is becoming the new benchmark for compliance
    Business are moving at a faster rate

    Objective, Repeatable
    Helps to make better, more informed decisions

    Step 1. Defining Risk


    Not easy! Companies spend time and money building a risk
    taxonomy
    Risk comes from Hazards and Harms
    Hazards = A situation that poses a level of threat to life,
    health, property or environment (an undesired event)
    Harms = resulting damages from the Hazard
    Risk = The potential that a chosen action or activity will lead
    to an
    undesirable event
    Control = A method of evaluating potential losses and taking
    action to reduce or eliminate the potential for an undesired
    event

    We need a scale Severity and Frequency


    Define the level of Risk on a pre-defined Scale:

    Step 2. Quantifying
    Hazards and Harms
    Severity

    Description

    Catastrophic

    Likely to result in death

    Critical

    Potential for severe injury

    Moderate

    Potential for moderate injury

    Minor

    Potential for minor injury

    Negligible

    No significant risk of injury

    Frequency

    Description

    Frequent

    Hazard likely to occur

    Probable

    Hazard will be experienced

    Occasional

    Some manifestations of the hazard are likely to occur

    Remote

    Manifestations of the hazard are possible, but unlikely

    Improbable

    Manifestations of the hazard are very unlikely

    Step 3. Build it all into a


    Risk Matrix

    The Risk Matrix: tool used in the Risk Assessment process, it


    allows the severity of the risk of an event occurring to be
    determined.
    Graphically displays the total of each of the hazards/harms
    that contribute to the risk
    Severity = X
    Probability = Y
    Risk Score = XY

    RISK
    (XY)

    Hold On There are some gray areas


    Risks are not always black and white
    When defining risk management, some organizations find it
    convenient to categorize risks into the following three
    regions:

    Probability

    The broadly acceptable region (Generally Acceptable - GA)


    The ALARP (As Low As Reasonably Practicable) region; and
    The intolerable region (Generally Unacceptable - GU)
    GU
    ALARP
    But how many zones?
    How to determine ALARP?
    GA

    Severity

    Step 4. Test your Risk Matrix


    You

    must vet the matrix


    Risk score is a mathematical measure
    Use real world examples to ensure validity of the matrix
    Example: False symmetry in risk matrix needs to be
    validated with real world situations

    PROBABILITY

    5
    4 10
    3
    2
    1

    10
    8
    6
    4
    2

    15
    12
    9
    6
    3

    20
    16
    12
    10
    8
    4

    SEVERITY

    25
    20
    15
    10
    5

    A Vetted Risk Matrix is just a Tool

    Risk Matrix is designed as a tool, not a solution


    Risk is only quantifying the result
    Organizations need to work on interpreting the decision

    Risk Teams review events to make decisions, using the Risk


    Matrix as a tool for the decision-making process

    How to Apply The Risk Matrix - Example


    Use Risk Assessment to filter adverse events
    What is the risk of the event, versus when it came into the
    system
    Prioritize events by their RISK not their due date
    Resolve low-priority events at the source where they are found
    Minor Complaints/Nonconformances/Audit findings
    Events with little impact can be immediately resolved
    Risk Mitigation: Applies risk assessment to verification and
    effectiveness in Corrective Action
    Are we reducing the risk to the right level?
    Are we truly mitigating risk of recurrence?
    Wheres
    the Risk
    here?

    Conclusion
    Understand your Hazards and Harms within the organization

    Risk Assessment is great tool for making informed decisions

    Build a scale that makes sense to your organization


    Plot the scale on a graph to form a Risk Matrix
    Determine where the acceptable and unacceptable risk lie
    Then, vet that matrix with real-world historical examples
    Use the Risk Matrix as a tool within a Risk team to filter adverse events
    by their Risk

    For more than 5EtQs Blog on Risk Matrix


    blog.etq.com
    minutes
    Webcasts on EtQs Risk Based
    system
    www.etq.com/webinar

    www.etq.com
    info@etq.com
    516.293.0946

    You might also like