Start Talking About Risk

June 19, 2024

"Risk Management is about identifying and analysing the things that may have a major effect..."

There are many definitions and types of risk, but for the purposes of this post we will focus on risk in our business unit and say that risk is anything that threatens the ability of an organisation or business unit to accomplish its goals.

Risk is defined as the combination of the probability of occurrence of harm and the severity of that harm:

  • Severity is associated to a potential failure effect and indicates the related seriousness.
  • Occurrence is related to the causes of a potential failure mode and corresponds to the estimate of the number of failures that could occur. Hazard is a potential source of harm (physical injury to the health of people, damage to the property or to the environment).

Risk Management is the process of measuring or assessing risk and then developing strategies to manage the risk. Risk management is a discipline for dealing with uncertainty. It enables people and organisations to cope with uncertainty by taking steps to protect vital assets and resources.

Risk Management is a systematic and structured decision-making process, focused on value creation able to identify, assess and prioritise risks throughout the drug product life cycle.

It can be implemented in several areas, such as:

  • Quality.
  • Business.
  • Regulatory.

Every organisation faces uncertainty and risk. Few, if any, operate in risk-free environments. From uncertainty about economic indicators to concerns about safety and the organisation's ability to retain client support, managing a range of risks is required for both survival and success. Every organisation - even very small ones - can use risk management strategies and tools to protect vital assets.

Risk Management is about identifying and analysing the things that may have a major effect on your business and choosing the best method of dealing with each risk. By developing a Risk Management Plan, you ensure your business risks are managed.

The process of managing risks involves five steps:


Step 1: Identify risks that could impact your business

Take a close look at each of your business operations and ask yourself:

  • What could cause an impact?
  • How serious would that impact be?
  • What is the likelihood of this occurring?
  • Can it be reduced or eliminated?

For example, if you owned a cafe, your risks might include fire, food poisoning and floods (if you are in flood related area).


Step 2: Analyse risks to assess their impacts

Determine which risks have a greater consequence or impact than others. Separate minor acceptable risks from major risks which must be managed immediately. This involves deciding on the relationship between the likelihood and impacts of the risks you have identified.

In a cafe, the likelihood of a flood may be assessed as low, but the impacts on the business would be very high. A flood could potentially destroy both equipment and stock and would lead to loss of trade and financial loss.


Step 3: Evaluate risks to prioritise their management

Compare the likelihood and impact of each risk to evaluate and prioritise the resources you are prepared to invest to treat these risks. The outcome of this step is a prioritised list of risks that require further action.

In the cafe example, your prioritised list may be:

  • Fire - your top priority risk. The likelihood is high and the potential impact of a fire on the business is very high.
  • Food poisoning - your second priority risk. Whilst the probability may be assessed as low, the impact on the business would be very high.
  • Flood - your third priority risk. The probability is assessed as very low, but again the impact on the business would be very high.


Step 4: Treat risks to minimise their impact

You will need to determine which risks are acceptable for your business to leave untreated and which risks need to be treated.

Risk treatment is about considering options for treating risks that are not considered acceptable, through several strategies including:

  • Insurance.
  • Quality control processes.
  • Staff training.
  • Complying with government legislation and regulations.
  • Properly maintaining facilities, plant and equipment.
  • Using appropriate security devices.
  • Establishing systems and controls e.g., Segregation of duties (cash receipting, banking and accounting).
  • Developing contingency plans.


Some of the treatment strategies for the risk of flood might include:

  • Ensure flooding is covered by your existing insurance policy and the amount of cover is adequate.
  • Ensure stock and equipment are stored off the ground where possible.
  • Organise off-site storage for stock and equipment when a flood is forecast.


Step 5: Develop and review your Risk Management Plan

A Risk Management Plan indicates the chosen strategy for treatment of the identified risks. It details information about:

  • Risks identified.
  • Level of risks.
  • Planned strategy.
  • Timeframe for implementing the strategy.
  • Resources required.
  • Individuals responsible for ensuring the strategy is implemented.

The final documentation should include appropriate objectives, a budget, and milestones on the way to achieving those objectives.


Learn more here: https://www.libertasedu.co.za/

4 min read
Share this article:

Related Articles

All articles