Identify Threats: The first step in Risk Analysis is to identify the existing and possible threats that you might face. These can come from many different sources. For instance, they could be:
You can use a number of different approaches to carry out a thorough analysis:
Tools such as a SWOT Analysis (Harvard Model), an FMEA, can also help you uncover threats, while a Scenario Analysis helps you explore possible future threats.
Estimate Risk: Once you’ve identified the threats you’re facing, you need to calculate out both the likelihood of these threats being realized, and their possible impact. One way of doing this is to make your best estimate of the probability of the event occurring, and then to multiply this by the amount it will cost you to set things right if it happens. This gives you a value for the risk:
Risk Value = Probability of Event x Cost of Event
As a simple example, imagine that you’ve identified a risk that your rent may increase substantially.
You think that there’s an 80 percent chance of this happening within the next year, because your landlord has recently increased rents for other businesses. If this happens, it will cost your business an extra $500,000 over the next year.
So the risk value of the rent increase is:
0.80 (Probability of Event) x $500,000 (Cost of Event) = $400,000 (Risk Value)
You can also use a Risk Impact / Probability Chart to assess risk. This will help you to identify which risks you need to focus on. Don’t rush this step. Gather as much information as you can so that you can accurately estimate the probability of an event occurring, and the associated costs. Use past data as a guide if you don’t have an accurate means of forecasting.