Management Articles


 

Risk Assessment - A Business Strategy For Conducting Contingency Planning

By: Bob Mehta

Bob Mehta is the owner of USA based Supremus Group LLC and is the contributing author for Supremus Group & is expert in regulatory compliance. For more details visit:
http://www.training-hipaa.net & http://www.compliancehome.com

View their website at: http://www.compliancehome.com

A Risk Assessment is recognizing, investigating, and furthermore considering every part of the possible risks, intimidation and danger to the businesses inside and outside environment. It determines if a facility (building) is susceptible to climate correlated events, HVAC breakdown, Internal/External Safety vulnerabilities and local area hazards. It permits a business to manuscript what extenuating measures have been in use to deal with these exposures. By means of recognizing the intimidation that at present are being militated against threats that are not, a business can accumulate a list of recommendations for enhancement.

On the way to be unbeaten, every risk assessment has to contemplate on the local identifiable problem linking to the business.  Previous to discover other concerns, focus on top of the most realistic risks and intimidation that at present exist in the business setting.  This can comprise factors such as:
  1. The Character of the Business.
  2. Nearby Vicinity of Facility.
  3. The Structure of the Facility.
  4. General Climate Patterns.
  5. Technology Reliance.

Purpose of the Risk Assessment


Throughout the Risk Assessment, risks to the business will be recognized and assessed. The susceptibility of the business to these risks will be rank. You will also:
  1. Recognize what deterrence practices are being utilized.
  2. Describe and put into practice safety measures to alleviate risks.
  3. Successfully negotiate the overall risk to the business.
  4. Assemble a case for strategy selections.

After the assessment is concluded, a business can make decisions regarding technique of extenuating risks. By carrying out a Risk Assessment and Business Impact Analysis, a business can put into practice the most excellent strategies for Contingency Planning.


Risk Assessment Procedure


Regardless of the deterrence practices utilized, possible vulnerability that are in existence and possibly will result in damage to the business have to be considered. Even supposing the precise nature of these exposures and their consequences are hard to find out, it is important to carry out a risk assessment of every part of threats that can logically turn up.

What be supposed to be incorporated?

All locality and facilities be supposed to be built-in in the risk assessment. Encircle businesses, local fire, police and community utilities should also be integrated in the assessment. Any vendor offer service that is provided to the business should also be assessed.


Steps to Follow

The subsequent steps are essential for carrying out a Risk Assessment.
  1. Recognize Threats/Risk and Vulnerabilities.
  2. Examine risks and find out vulnerability.
  3. Recognize alleviation and recovery options.
  4. Assess and Choose Preferences.

There are further procedures that need to take place during this process. Some of those proceedings are:
  1. Examine Internal Plans and Policies.
  2. Meet with Outside Groups.
  3. Make out Assets.
  4. Carry out an Insurance Review.

Evaluate Your Risk


The course of recognizing risks/threats, likelihood of incidence, the susceptibility to every risk/threat and the potential impact that possibly will be trigger, is essential to get ready with pre-emptive measures and create recovery strategies. Risk recognition also endow with a number of additional advantages including:
  1. Exposes earlier unnoticed vulnerabilities that require to be tackle through plans and procedures.

  2. Recognize where pre-emptive measures are missing or need reevaluated.

  3. Can point out the importance of contingency planning to get staff and management on board.

  4. Will help in documenting interdependencies between departments and amplify communication between internal groups. Can also point out single points of malfunctions between critical departments.

For the simplicity of this process, categories of risk should be shaped to focus the thought process. In the Risk Assessment Survey, the most important categories consist of, Natural Risks, Man-Made (Human) Risks, and Environmental Risks. These are certainly not requirements, and should not be deem to be constraining.

The character of a risk/threat should be determined, regardless of the type. Factors to consider should consist of (but not limited to):
  1. Geographic Location
  2. Weather Patterns for the Area and Nearby Areas
  3. Internal Hazards (HVAC, Facility Security, Access, etc)
  4. Propinquity to Local Response/Support Units
  5. External Hazards (neighboring Highways, Plants, etc).
Possible exposures can be classified as:
  1. Natural Threats
  2. Man-made (human) Threats
  3. Environmental Threats.
Other steps in managing Risk Assessment are to analyze following points:
  1. Likelihood of Incidence.
  2. Susceptibility to Risk.
  3. Potential Impact.
  4. Pre-emptive Measures in Place.
  5. Insurance Coverage.
  6. Past Experiences.

Results to Analyze


The moment the Risk Assessment Survey and face-to-face dialogue have been conducted, the next process is to analyze and present the outcome so that
Decision-Making Management is able to acquire most use of the data. Analysis can be a time-consuming and monotonous process, particularly with huge amount of data, but it is vital to the RA process.

The analysis will be the groundwork for planning recommendations to senior management. The recovery strategies that require to be developed should be based on the result of the Risk Assessment Investigation and interviews, in addition to the Business Impact Analysis findings.


Final Report & Presentation

Start your final report with managerial overview of the Risk Assessment Project. This will clarify the purpose of the project, what was in scope, and what approach was used. Then provide a summary review of potential hazards.


Formation of Executive Report

The findings from the Risk Assessment will outline the basis for the final report. The point is to provide senior management with an adequate amount of information to make them comfortable in sanctioning the recommending strategies, actions, budgets or to acknowledge the level of risk by not executing recovery strategies. The report should consist of graphs, which visually exhibit the findings. Do not overuse the graphs. Excessive graphs and reports can create reviewing the information perplexing. Make available graphs for overall information on the departments, financial impact, etc.

The final report should consist of:
  1. Prior Disruption History
  2. Risks & Vulnerabilities
  3. Pre-emptive Measures
  4. Presenting the Results
  5. Next Steps
The Risk Assessment process is an essential phase of Continuity Planning. The probability of a disaster impacting a business is unpredictable. The business should put into practice a wide-ranging Continuity Planning Program and build up recovery plans that comprise all vital operations and functions of the business.

© Copyright 2007, Bob Mehta

The author assumes full responsibility for the contents of this article and retains all of its property rights. ManagerWise publishes it here with the permission of the author. ManagerWise assumes no responsibility for the article's contents.

 

Place "+" (without the quotes) in front of words that must appear; "-" to exclude articles with certain words; and put double quotes around phrases. For example, fantastic search will find all case studies with either the word "fantastic" or "search" (or both). On the other hand, +fantastic +search will find only case studies with the words "fantastic" and "search". "fantastic search" will find only case studies that with the phrase "fantastic search". Note: Searches will not find words, such as 'management', that appear in more than half of the articles or words less than five letters long.

 


Would you like us to consider your own articles for publication? Please review our submission and editorial guidelines by clicking here.