Risk Management Roadmap - in 5 Steps to Risk Management.

Jan-Kees HarmsenRisk Management
Reading time:
5
Minutes
In this article
ISO2HANDLE QHSE Dashboard
Superpowers for
Risk Management
An unprecedentedly powerful set of superpowers ensures that you have your processes for quality, (occupational) safety, HR and environment under control in no time.
Google Reviews
Review StarReview StarReview StarReview StarReview Star
4.9 raiting
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Schedule a demo

Risk management: explained in 5 steps

If you want to get serious about risk management, you cannot avoid taking a structural approach. A good approach to risk management can already be done in 5 steps. It starts with the integral risk analysis, the establishment and implementation of the control measures, the evaluation and, as a final step, the implementation of the update of the risk analysis.

In a nutshell, risk management is a process of sequential steps. The process described below can be applied to risk management for projects. However, when it comes to strategic risk management or risk management for programs, the basic process can be further expanded is the basic process described further.

Step 1: the comprehensive risk analysis

The first step involves understanding the current state of affairs. To do this, you use an integral risk analysis. This analysis is performed based on the RISMAN method and is divided into a number of logical phases.

Determining the purpose of the analysis
The first step is to determine the purpose, that which the analysis is aimed at. In this way, it is possible to determine what is known in technical terms as the "top event. This refers to a situation that is classified as undesirable.

Mapping the risks
The risk analysis also involves mapping the risks based on different perspectives. In this way, an integrated picture emerges. With each new risk analysis, the relevance of the perspectives to be used is constantly reassessed.

  • political/governmental
  • financial/economic
  • legal/legal
  • technical
  • organizational
  • geographic/spatial
  • social

Identifying key risks
Several methods are available for identifying key risks. For this roadmap, we focus on the two most commonly used methods:

  • a list of risks, divided into points
  • mapping the individual risks along with the probability of occurrence. The consequence of the occurrence of the risks is assessed separately using numbers

Mapping of possible management measures

Normally, the following measures are possible:
avoid. In this situation, measures are taken that reduce the risk of creating an undesirable situation. It is thus eliminated or avoided.

mitigation. Mitigation involves taking measures to reduce the cause of a risk's occurrence or consequences. In reducing, effective measures are taken before a particular risk can occur. A consequence-oriented measure means devising measures and possibly going through preparatory actions that are applied when there is the possibility that a particular risk may arise.

transfer. A transfer of a risk does not eliminate the cause, but transfers the handling of the risk to another party. In many cases, this is chosen when it is foreseeable that a third party can better handle the risk.

accept. Accepting the creation of a risk is another option. In many cases, this leads to an increase in costs or the adjustment of an existing schedule.

Step 2: identify the management measures to be taken

After conducting the risk analysis, a good picture of the main risks emerges. Based on that outcome, it becomes clear which control measures can be taken. The final decision on which measures are applicable is made by the management team or project management. The starting point is the assessment of whether the intended effect of the intended measure or effort is acceptable. It is also decided who bears ultimate responsibility for implementing the management measure(s).


The result is a list of the following:

  • the risk
  • the management measure proposed
  • the person in charge of implementing the management measure.

Step 3: implementing the proposed management measures

Implementation of the management measure(s) is the responsibility of the designated person(s).

Step 4: evaluate the chosen management measures

The measures implemented should be evaluated on a regular basis. In this way, it becomes clear whether the measures adopted have achieved the desired effect.

Step 5: performing the risk analysis update

The final step is to update the list of risks based on the results of the assessment from step four. The list of risks was previously compiled in step one based on the risk analysis. The update clarifies which risks are still current and potentially new risks are identified and added to the list.

Want to know how QHSE managers use ISO2HANDLE to keep a grip on risks and control measures?
FAQ

FAQ

Try our superpowers for
QHSE managers?
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Start a free trial account
AUTHOR
Jan-Kees Harmsen

The only impossible journey is the one you never begin." -Tony Robbins

Are you a QHSE manager looking for a powerful solution? With our quality management software you get superpowers that give you control over processes for quality, (occupational) safety, hr and environment in no time. Based in the Netherlands, we proudly support hundreds of companies worldwide.