Risk Management-Identify, Analyze &  draw Mitigation plan
Risk Assessment, Risk Management and Risk Monitoring

What you will learn

Understand What is risk?

Understand What is Risk Management?

How to identify the risks?

How to Analyze the risks?

How to develop the Risk Mitigation Plan?


1. Planning and Prevention (Response-Risk Management)

A risk is any threat that an event or action will adversely affect the business and its objectives. Risk can be defined as the combination of the probability of an event occurring and the consequences if that event does occur. This gives us a simple formula to measure the level of risk in any situation.

Risk = Likelihood x Severity

Risk= Failure probability x damage related to the failure

Risk Management is a process of thinking systematically about all risks or problems before they happen and setting up mitigation plan that will minimize risk for business-as-usual operations.

5 Steps to Risk Assessment

• Identify the Business Risks

• Prioritize them with the help of Risk Priority Number (RPN) Matrix

• Work on Risk Mitigation Plan

• Periodically review Business Risk and RPN

• Record Significant findings if any

Analyze the Risk

• Assess the likelihood of the risk occurring – measuring the probability of occurrence

• Assess the consequence/impact if the risk occurred – measuring the frequency or severity

Get Instant Notification of New Courses on our Telegram channel.

Note➛ Make sure your 𝐔𝐝𝐞𝐦𝐲 cart has only this course you're going to enroll it now, Remove all other courses from the 𝐔𝐝𝐞𝐦𝐲 cart before Enrolling!

• The risk then determines whether the risk rating is low, medium, high

Risk Matrix, Example 1

A risk matrix used during risk assessment to define the level of risk by considering the category of probability or likelihood against the category of consequence severity. This is a simple mechanism to increase visibility of risks and assist management decision making

Risk Assessment and Mitigation Plan Template


Step 1: Brainstorm risks.

Step 2: For each risk, assign a High/ Medium/ Low value for both likelihood and Potential impact

Step 3: Develop a mitigation strategy for each High/ High, High/Medium, and Medium/ High risk. Consider developing mitigation strategic for the Medium & High risks.

Risk Treatment

Acceptance/Retention: If, after controls are in place, the residual risk is demand acceptable. However, plans should be in place to manage/fund the consequences of the risk should it occur.

Reduction: Implement a strategy that is to reduce the likelihood or consequence of the risk to an acceptable level, where elimination is excessive in terms of time or expense

Share/Transfer: Implement a strategy that shares or transfers the risk to another party, such as outsourcing the management of physical assets, developing contracts with service providers, or insuring against the risk.

Avoidance: Deciding not to proceed with the activity that introduce the unacceptable risk, choosing an alternative more acceptable activity that meets business objectives, or choosing an alternative less risky approach or process




About Author and Why learn from me?
What is risk and risk Management?
Risk management as defined by ISO

Identification of Risks

Identification of Risks

Typical Risk

Understanding some common typical risks

Analysis and how to measure risk?

Analysis of Risks
How to measure risks and arrive at mitigation plan?

Risk Treatment

Four ways of risk treatment

Risk Management summary and conclusion

Summary and Conclusion