A condition and starting point for an efficient Risk management process is as complete an risk identification as possible. The risk identification should take place process orientated and subdivide into different risk ranges (management, purchase, manufacturing, infrastructure ranges, marketing, quality management, fire protection, industrial safety, environmental protection, EDP, transport etc.).
The technology of the risk identification should be co-ordinated with the specific risk situation of the enterprise. In particular if possible all risks should be seized and be led fast to precise and usable results.
After the risk evaluation all risks should be arranged arranged according to their financial effects and the probability of entrance in a risk inventory and/or a Risk map.
Think the unthinkable…
To the risk identification it goes quantifying the recognized risks now during the risk evaluation around or at least qualitatively to weights. During the risk evaluation one avails oneself of different instruments and methods:
- Scenario technology
- VALUE RK Risk
- ABC analysis
- Scoring models
- Risk map
- Monitoring team
- Analyzes of sensitivity
- Fuzzy Mathematics
- PML and/or MPL analyzes
etc.
An overview and a description of the methods find you in the RiskNET glossary!
During the evaluation of a majority damage risk for example the MPL (maximum Possible Loss) becomes or the PML (Probable maximum Loss) determines. For an enterprise it is importantly too experienced with which probability an individual damage height is beyond that exceeded.
In practice the probability of damage entrance is weighted frequently also qualitatively after the categories “very small”, “small”, “means”, “highly” as well as “very highly”. In particular risks regarding market loss and/or image loss can be so better illustrated.
The risk evaluation is part of the risk analysis method, those based on statistic data, systems analyzes, fault tree analyzes or analysis of expiration of incident (see RiskNET glossary) the enterprise risks to quantify. Impacts the quantitative procedures to its borders, then one avails oneself of qualitative methods and/or statements.
All realizations of the risk analysis (risk identification and - evaluation) flow either into a risk inventory or into a RiskMap (see illustration above). In compressed and clear form the risks of an enterprise are illustrated, in order to give so to the decision makers an overview of the risk situation of the enterprise and in particular the economic meaning. In this connection the goal of economical optimal security is important, i.e. security may not be the original goal of an enterprise.
No comments:
Post a Comment