Risk Management Process Series Part 1: Risk Assessment
If you’ve ever checked the weather before you went on a camping trip, you’ve completed a risk assessment. In the simplest of terms, a risk assessment is the process of identifying the potential bad stuff that could happen to your plans. For both camping trips and organizational strategic plans, effective risk assessment can increase the likelihood of everything being efficient, safe, and successful.
How do I do a risk assessment?
All risk assessments will involve identifying risks and assessing them in some way.
Identifying Risks
To ensure you identify as many potential risks as possible, it’s essential that you get all the right stakeholders in the room. For a special district, this could include leadership, staff, insurance partners, or agents, but this list is not exhaustive. If you don’t have a broad spectrum of stakeholders engaged in your risk identification process, some risks are bound to be missed.
Another gold mine for comprehensive risk identification is your industry. What risks are similar organizations facing? You may find that there are ample resources online that discuss common industry risks. Alternatively, you can reach out to other organizations like yours or professional associations (e.g. OWRC, OAWU, ORPA, OFCA) and see if they would be willing to share their risk assessments.
Assessing Risk
Typically, when we’re assessing risks, we want to know their likelihood and severity. In other words, their impact.
Some organizations find it helpful to use a risk matrix. This tool can help you decide how impactful a risk could be, and whether you will choose to tolerate it. Different organizations may accept different levels of risk.
Taking a look at the matrix below, let’s imagine that ABC District is assessing their risk of an earthquake. Perhaps they assess that an earthquake is possible and very expensive. Given how impactful an earthquake would be to ABC District, they may decide the risk is “unacceptable” and begin taking actions to remediate the risk.
As can be expected, a risk matrix is particularly helpful with prioritizing risks. It’s also purpose-built to help you determine risk impacts that are unique to your organization (for example, tsunamis probably don’t make the priority list in eastern Oregon).
Completing Your Risk Assessment
Once you’ve identified and evaluated your risks, your assessment is complete and you’re ready for the next step in the risk management process – risk controls. We’ll be discussing risk controls in the next newsletter, so stay tuned.
Need assistance with your risk assessment process? Consider scheduling a voluntary risk management consultation with one of our risk management consultants. We can walk your facilities with you and help guide you through the risk assessment process.
Reach out to riskmanagement@sdao.com to schedule your consultation today. This service is provided free of charge to all members enrolled in the SDIS property/casualty insurance program.