As we all know risks are part and parcel of every project or big initiative we undertake. Risk also known as peril is defined as the possibility of loss or injury. Often times in the context of business the loss can mean financial losses, losing a competitive edge thereby causing an emotional setback to entities undertaking the project.
Risks can be managed in three ways by identifying, prioritizing and assessing them:
Risk mitigation: reducing the risk
Risk elimination: elimination of unacceptable risks
Risk avoidance : maintaining status quo and not pursuing the initiative
Organizations undertaking major initiatives need to follow a systematic process like ISO 31000 to deal with risks – highly recommended.
However often times executives need a quick process to evaluate a project’s risk to make a go/no-go decision. Below is an effective formulation do just that:
Composite Risk Index = Impact of Risk event X Probability of Risk occurrence
The impact of the risk event is commonly assessed on a scale of 1 to 5, where 1 and 5 represent the minimum and maximum possible impact of an occurrence of a risk. Similarly, the probability of occurrence can be assessed on a scale from 1 to 5, where 1 represents a very low probability of the risk event actually occurring while 5 represents a very high probability of occurrence. The Composite Index thus can take values ranging from 1 through 25 where the range can be divided into Low, Medium and High.
Based on the Composite Risk Index score, an executive can make an educated estimate of the severity of the risk involved.