 |
|
|
 | Risk Assessment |
|
|
For an organisation to adequately protect against adverse outcomes, the actual risks to the business must be thoroughly understood. The risk assessment process is undertaken to achieve this understanding and firstly necessitates documenting background information (context) relevant to the risk assessment activity. The process of risk assessment can be applied to any activity, project, entire organisation or a part of an organisation - its application is limitless.
The Australian/New Zealand Standard Risk Management (AS/NZS 4360:2004) defines risk assessment as the process of risk identification, risk analysis and risk evaluation as follows:
|
|
|
Identify risks
Identifies the where, when, why and how events could prevent, degrade, delay or enhance the achievement of business objectives.
Analyse risks
Identifies and evaluates existing controls to determine consequences and likelihood and hence, the level of risk. This analysis should consider the range of potential consequences and how these could occur.
|
Evaluate risks
Compare estimated levels of risk against the pre-established criteria and consider the balance between potential benefits and adverse outcomes. This enables decisions to be made about the extent and nature of treatments required and respective priorities.
The following process of risk assessment is consistent with AS/NZS 4360:2004 and has been broken down into a number of activities to provide a general overview. Detailed guidance and templates can be found within the Handbook Risk Management Guidelines - Companion to AS/NZS 4360:2004.
|
|
PROUDLY SPONSORED BY
|
|
|
