Risk Assessment

A risk assessment is a process to identify potential hazards and analyze what could happen if a hazard occurs. Abusiness impact analysis(BIA) is the process for determining the potential impacts resulting from the interruption of time sensitive or critical business processes.
There are numerous hazards to consider. For each hazard there are many possible scenarios that could unfold depending on timing, magnitude and location of the hazard. Consider hurricanes:
A Hurricane forecast to make landfall near your business could change direction and go out to sea.
The storm could intensify into a major hurricane and make landfall.
There are many “assets” at risk from hazards. First and foremost, injuries to people should be the first consideration of the risk assessment. Hazard scenarios that could cause significant injuries should be highlighted to ensure that appropriateemergency plansare in place. Many other physical assets may be at risk. These include buildings, information technology, utility systems, machinery, raw materials and finished goods. The potential for environmental impact should also be considered. Consider the impact an incident could have on your relationships with customers, the surrounding community and other stakeholders. Consider situations that would cause customers to lose confidence in your organization and its products or services.
As you conduct the risk assessment, look for vulnerabilities—weaknesses—that would make an asset more susceptible to damage from a hazard. Vulnerabilities include deficiencies in building construction, process systems, security, protection systems and loss prevention programs. They contribute to the severity of damage when an incident occurs. For example, a building without a fire sprinkler system could burn to the ground while a building with a properly designed, installed and maintained fire sprinkler system would suffer limited fire damage.
The impacts from hazards can be reduced by investing inmitigation. If there is a potential for significant impacts, then creating a mitigation strategy should be a high priority.
Contact AGM to learn more about the risk assessment process.