What is Risk Assessment and how it is done 

What is Risk?
A probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities.


What is Risk Assessment?
Risk assessment is careful examination  of any hazard/loss/injury in your workplace which can cause damage to business/resources or any asset. Assessing Risk and identifying sensible measures to control the risks in your workplace.

It describes the overall process of:

• Identifying Risk
• Analyzing and Evaluating Risk 
• Determine appropriate ways to eliminate the hazard

What are objectives of Risk Assessment?

• Ensure business achieve their strategic objectives
• Improve the output over the business application to reduce business associated risks. 
• Improve efficiency and effectiveness of business operations
• Assuring best practices are adopted during test/deployment and implementation  life-cycle

What are the types of Risk Analysis?

There are two types of risk analysis : 

1. Qualitative: Evaluates and documents the probability and impact of potential project risks against a pre-defined scale.

The impact scale is organizationally defined (for example, a one to five scale, with five being the highest impact).

It considers all the risks identified in the identify risk process.

Example shown below:

2. Quantitative: A quantitative risk analysis is a further analysis of the highest priority risks during a which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project.

It only considers the risks which we mark for further analysis in the Perform Qualitative Risk Analysis Process. These are the risks which have a high impact on the project objectives.

How to assess the Risk?

There are five steps to assess risk:

These five steps are elaborated below:


1. Identify the Risk:

• Natural disasters (flooding, tornadoes, hurricanes, earthquakes, fire, etc.)
• Biological hazards (pandemic diseases, foodborne illnesses, etc.)
• Workplace accidents (slips and trips, transportation accidents, structural failure, mechanical breakdowns, etc.)
• Intentional acts (labor strikes, demonstrations, bomb threats, robbery, arson, etc.)
• Technological hazards (lost Internet connection, power outage, etc.)
• Chemical hazards (asbestos, cleaning fluids, etc.)
• Mental hazards (excess workload, bullying, etc.)
• Interruptions in the supply chain

2. Determine who might be harmed and how :

Determine who can be affected with the identifies potential Risk and how. Specify who can be harmed and how much.

3. Evaluate the risks and take precautions (Rank the risk on the basis of Impact it can cause)

Evaluate the risks arising from the hazards and decide whether existing precautions are adequate or more should be done. 

Figure shown below will show the rank on the basis of priority:

Ranking or prioritizing hazards is one way to help determine which risk is the most serious and thus which to control first. Priority is usually established by taking into account the employee exposure and the potential for incident, injury or illness. By assigning a priority to the risks, you are creating a ranking or an action list.

There is no one simple or single way to determine the level of risk. Nor will a single technique apply in all situations. The organization has to determine which technique will work best for each situation. Ranking hazards requires the knowledge of the workplace activities, urgency of situations, and most importantly, objective judgement.

4, Record Findings:

While recording the risk one should include details of risks noted in the risk assessment, and action taken to reduce or eliminate risk.

5. Review the Assessment:

Review the assessment on regular basis to make sure your control methods are effective and to make sure if your risk assessment was complete and accurate.

It is also essential to be sure that any changes in the workplace have not introduced new hazards or changed hazards that were once ranked as lower priority to a higher priority.