Assessing the Risks
Risks to the organisation need to be assessed to understand the level of impact they would have on the organisation over time should the underlying threat materialise and also the likelihood of occurrence. A standard way of achieving this is to use a Very Low, Low, Medium, High and Very High ranking system for both the likelihood and impact. This approach provides consistency of scoring and allows focus to be given to those risks where the likelihood and/or impact are scored High or Very High as these give reason for the most concern.
A common failing of risk assessment is to try to be all embracing too early in the development of the risk management system. Teed can help ensure that you focus on the most important risks i.e. those risks which relate to the organisation’s critical activities. After all it is those critical activities which must by definition have the greatest protection from unplanned disruption.