Risk management strategies

Making a strategy for risk management can involve more than just deciding whether to accept the risk or not.

If your business is part of a bigger supply chain that involves retailers, distributors or primary producers, you can spread the risk across a number of areas.

By spending time and resources on your risk management strategy, you’ll provide a safe workplace and reduce the chances of negative impacts on your business.

Consider these steps when forming your risk management strategy:

Identify the risks

Working out the risks to your business could be as easy as thinking about what could go wrong, and how and why it could happen. You might also need to do some research into:

  • past events and risks
  • possible future changes to your business environment, such as changes in economic trends (find out how to conduct market research and industry research)
  • social and community issues that could affect your business.

To identify risks, you can also:

  • look at hazard logs, incident reports, customer feedback and complaints, and survey reports
  • review audit reports such as financial audit reports or workplace safety reports
  • do a strength, weaknesses, opportunities and threats (SWOT) check for your business (download our marketing plan template for instructions on how to do this)
  • discuss business issues with your staff, customers, suppliers and advisers.

Analyse the risks

After identifying the risks to your business, it’s time to work out which ones are urgent. To analyse the risks related to an event (such as a competitor moving into the same street), you should first look at:

  • the damage that the risk would cause (for example, the risk of fewer customers means lower sales for your business)
  • the likelihood of the risk happening (for example, think about how similar the competitor's business is to yours, and how loyal your customers are).

Work out a rating system for damage and likelihood. For example, you could have:

  • ratings of 1 to 4 for damage (1 for slight damage, and 4 for severe damage)
  • ratings of 1 to 4 for likelihood (1 for not likely, and 4 for extremely likely).

Finally, to work out the level of risk for an event, use this formula: risk level = damage x likelihood Based on our example above, the lowest risk level you could get is 1 (1 x 1), and the highest risk level you could get is 16 (4 x 4). You can use the risk levels to rank your risks from least urgent to urgent.

Evaluate the risk

To evaluate a risk, you should compare the level of risk for various events against your risk criteria (find out how to set your risk criteria when you design a risk management plan). You should also check if your existing risk management methods are enough to accept the risk.

When to accept risk?

Sometimes businesses choose to accept risks and not spend any resources on avoiding them. You might decide to accept a level of risk for the following reasons:

  • The cost of treatment is much higher than the potential results of the risk.
  • The risk level works out to be very low.
  • The benefits of taking the risk greatly outweighs the possible damage.

What to do…

Thanks for your feedback. If you have any ideas on how we can improve, we'd love to hear them.

Please provide your comments in the feedback form.

You might also be interested in