A risk statement is a natural language expression of a causal relationship between a real, existing state of affairs or attribute, and a potential, unrealized second event, state of affairs, or attribute. Risks can only be assessed and prioritised in relation to objectives and care should be taken to identify generic risks which will impact on business objectives but might not always be immediately apparent in thinking about the particular business objective. When a risk is identified it may be relevant to more than one of the organisation’s objectives, the potential impact may vary in relation to different objectives, and the best way of addressing the risk may be different in relation to different objectives.
It is necessary to adopt an appropriate approach or tool for the identification of risk.
Two of the most commonly used approaches are:
These approaches are not mutually exclusive, and a combination of approaches to the risk identification process is desirable – this sometimes exposes significant differences in risk perception within the organisation.
These differences in perception need to be addressed to achieve effective integration of risk management at the various levels of the organisation.
Related Posts via Categories
- Management of Risk Approach
- Risk Checklist Example
- Category of Risk
- Risk Self-Assessment
- Commissioning a Risk Review
- An Introduction to RMAF
- Risk Statements
- Risk Management Policy
- Going Through The Risk Management Process
- Risk Management 101