Professional Documents
Culture Documents
why it is important
Lecturer: Fatima Rustamova
1. Definitions of risk
2. Types of risks
3. Risk description
4. Levels of risk
5. Classification systems
systems component or feature that will be impacted (eg risks can impact
people, premises, processes or products).
There is no universal classification system that fulfils the requirements of all
organizations. It is likely that each risk will need to be classified in several
ways in order to clearly understand its potential impact.
Risk likelihood
and impact
Following the Covid-19 pandemic, many organizations took a greater
interest and a proactive approach to risk and risk management. It is
increasingly understood that the explicit and structured management of
risks brings bene ts. Organizations that manage risks will be able to achieve
Why the following four areas of improvement, which are abbreviated as STOC
throughout this book:
understanding Strategy: Because the risks associated with different strategic options will be
fully analysed, better strategic decisions will be reached.
risk is Tactics: Because consideration will have been given to selection of the tactics
and the associated risks involved, available alternatives can be evaluated.
important Operations: Because events that can cause disruption will be identified in
advance and actions taken to reduce their likelihood of occurring, the
damage caused by these events will be limited and the costs contained.
Compliance: This will be enhanced because the risks associated with failure
to achieve compliance with statutory and customer obligations will be
addressed.
Hazard risks are often insurable as they can only have a negative outcome.
Hazard risk management is concerned with issues such as health and safety
at work, re prevention and avoiding the consequences of defective
products. Hazard risks can cause disruption to normal operations, as well as
resulting in increased costs and poor publicity associated with disruptive
Impact of events.
hazard risks If a hazard risk materializes, it may have a very large impact. For example, a
re could destroy the main distribution warehouse of an organization, but
the risks can be reduced by putting in place controls to minimize nancial
impact (by insurance) or reduce the extent of damage to reputation
(through crisis management).
The organization will need to
ask what features or
components are key to
success. This will result in the
identi cation of the strengths,
weaknesses, opportunities and
threats facing the
organization. This is often
referred to as a SWOT
analysis. Having identi ed key
dependencies, the
organization can then consider
Attachment the risks that will impact these
dependencies.
Risk and
optimize the risk
occurring (preventing
downside or, if it’s an
triggers opportunity, controls
can make it more likely
to happen and impact
bigger) and these can be
represented by vertical
lines on the left-hand
side of the bow-tie. In a
similar manner, recovery
controls can be
represented on the right-
hand side of the bow-tie.
Risk and
triggers
THANKS!
ANY QUESTIONS?