Risk Assessment

Question 1

According to Hopkin and ISO 31000, what does Risk Assessment include?

Answer 1

Risk recognition + Risk analysis + risk evaluation

Question 2

From whom will a top down approach to risk assessment come from?

Answer 2

From Board and Senior Management level.

Question 3

What are the advantage of a top down approach to risk assessment?

Answer 3

1. Helps define the overall attitude of the firm to risk.
2. A structured view of significant risks can be presented by Senior Management.
3. Enterprise wide approach to risk.
4. Most important strategic risk will be identified quickly.
5. Buy in to risk management from the top.
6. Likely for there to be a consistent methodology.

Question 4

What are disadvantage of a top down approach to risk assessment?

Answer 4

1. Directors and senior management tend to be more focused on external risks.
2. Limited awareness of internal operational risks or interdependencies of risk.
3. Danger that senior management believe they can manage crises.
4. New operational risks may not be identified.

Question 5

What are the advantages of a bottom up approach to risk assessment?

Answer 5

1. Significant buy in at all levels
2. Can be mirrored to org chart and risk impacts beyond immediate operational risks can be discussed.
3. Operational staff have greater awareness of local risks and their causes.
4. Methodologies can be varied according to local norms and culture. Useful in a multinational organisation.

Question 6

What are the disadvantages of a bottom up approach to risk assessment?

Answer 6

1. Little focus on external or strategic risks.
2. Time consuming and may demotivate if it takes too long to develop.
3. Danger that the approach becomes too detailed and blinkered resulting in a silo approach.
4. New risks emerging from operational activities might not be reported by operational staff.

Question 7

According to ISO 31000, what are some of the risk assessment techniques that can be used?

Answer 7

1. Questionnaires and checklists.
2. Workshops and brainstorming.
3. Inspections and audits
4. Flow charts and dependency analysis

Question 8

Why is risk perception important when conducting risk assessments?

Answer 8

When assessing risk, it’s important to recognise that different people will have different perceptions of risk. No one will be completely objective in their view of risk as their perception will influence their judgement.

Question 9

What are some quantitative ways of assessing risk?

Answer 9

HAZOP Studies - Hazard and Operability studies
FMEA - Failure Mode and Effects Analysis

Question 10

What are some qualitative ways of assessing risk?

Answer 10

SWOT analysis - Strengths, Weaknesses, Opportunities, Threats
PESTLE analysis - Political, Economic, Social, Technological, Legal, Environmental

Question 11

What is a risk matrix?

Answer 11

A method of visually plotting the likelihood and impact of a risk on a scale.

Question 12

How can a risk be deemed significant?

Answer 12

If the risk surpasses the benchmark level for that risk or similar risks.

Question 13

How may you minimise the effects of risk perception in a workshop?

Answer 13

Use voting software to identify a majority position and show spread of opinion.

Discuss why people may have differing views.

Question 14

What approaches to risk prioritisation?

Answer 14

1. Prioritise on likelihood
2. Prioritise on impact