Because risk has many forms, sources and contexts, there are numerous branches of risk management. Some examples which engineers may come across in their careers include enterprise risk management, project risk management and risk engineering.
This page describes some basic general concepts as an introduction to risk management.
The Mechanics of Risk Management
The standard process reflected in most conventional risk management environments generally follows a four-step process:
- Identify the risk: This could involve predicting, forecasting or documenting risks
- Quantify the risk: This could involve assessing, measuring or prioritise risks. eg. material vs. immaterial risks, immediate vs. non urgent
- Control the risk:This involves planning for and executing risk treatment or mitigation to do something about identified risks according to how they have been quantified
- Review the risk: This is an ongoing process of reviewing the progress of the risk, monitoring and recording it until the risk is either either completed or the risk profile has been downgraded.
Key concepts in determining the degree of risk are:
- its probability (likelihood) of occurrence (P)
- its perceived impact (I) eg. low-level, high-level
- the strength of the control environment eg. how mature is the system, and how well will it control the risk at hand?
These factors can be related in the basic risk management formula:
R=(P x I) / C
For example, if a risk’s probability and impact are high, and the control environment is weak or has a low effectiveness then the risk could be a major or even extreme threat. If a risk’s probability and impact are low, and the control environment is strong, then the risk is likely to be an insignificant threat.
Risk Management Framework
When building a risk management solution, the framework required can be divided into six key factors as shown in the diagram below.
Diagram courtesy of Warren Black, Complexus
The content on this page was primarily drawn from:
- Webinar titled ‘Perspectives on Risk: Engineers, frameworks and new ways of thinking', delivered to REBOK Community on 29 May 2018 by Warren Black, Principal and Founder, Complexus