1. Explain Risk Management Process
1.1. Ensure overall business and business assets are safe • Protect against competitive disadvantage • Compliance with laws and best business practices • Maintain a good public reputation
1.1.1. • Risk management process involves five steps that are as follows: 1) Risk is identified 2) Risks are assessed 3) Risk management plan is developed (risk treatment) 4) The developed plan is tested and implemented 5) Risk are re-evaluated
2. Identify elements in risk analysis
2.1. Assets
2.1.1. Assets are resources of the organization that are to be maintained and protected as these are the essential components for information storage, communication (e.g. computers, databases. Hardware, software, network and extra)
2.2. Threats
2.2.1. Threats are the disruptive event occurrences that make an organization work in an abnormal way. These threats can be due to the natural disasters (like earthquakes and hurricanes), security threats (like hacking, virus, information destruction, information modification and extra)
2.3. Vulnerabilities
2.3.1. Vulnerability is the weakness of the organization that is taken as a way of entry to create a threat to an organization.
3. Explain steps involved in risk analysis
3.1. Identify the hazards
3.1.1. to understand the difference between a ‘hazard’ and ‘risk’. A hazard is ‘something with the potential to cause harm’ and a risk is ‘the likelihood of that potential harm being realised’. Hazards can be identified by using a number of different techniques such as walking round the workplace, or asking your employees.
3.2. Decide who might be harmed and how
3.2.1. identified a number of hazards you need to understand who might be harmed and how, such as ‘people working in the warehouse’, or members of the public.
3.3. Evaluate the risks and decide on control measures
3.3.1. After ‘identifying the hazards’ and ‘deciding who might be harmed and how’ you are then required to protect the people from harm. The hazards can either be removed completely or the risks controlled so that the injury is unlikely.
3.4. Record your findings and implement them
3.4.1. Your findings should be written down it’s a legal requirement where there are 5 or more employees; and by recording the findings it shows that you have identified the hazards, decided who could be harmed and how, and also shows how you plan to eliminate the risks and hazards.
3.5. Review your assessment and update if necessary
3.5.1. You should never forget that few workplaces stay the same and as a result this risk assessment should be reviewed and updated when required. I hope this post has given you more insight into risk assessments, please feel free to discuss this information or post more specific information below.