Throughout this new ITRA (Information, Technology, Risk Advisory) article, you will discover and learn more about Risk Concepts and in particular:

  • Few important definitions about this subject
  • The Scales of Reference
  • The Risk Matrix & Key Takeaways

 

Definitions

What is Risk?

Any event, resulting from vulnerabilities and/or hazard that may have any materail and non-material impacts on your company, and its ability to reach objectives at any level.

 

What is Inherent or Gross Risk?

Risk without consideration of risk mitigation. Ex Loss from misappropriation without considering insurance claim coverage and data recovery ability.

 

What is Residual or Net Risk?

Remaining risk once risk mitigation has been implemented.

 

What is Risk Appetite?

Maximum Residual risk level accepted to achieve the company objectives

 

Scales of reference

Likelihood scale

In the risk matrix, probability is a measure of the possible occurrence of a risk event. It is often standardized on an axis from 3 to 5 values ranging from low to very high.

 

Impact scale

The impact of risks aims at identifying and evaluating the consequences of a risky event. It is common to use a scale from 1 to 5 to quantify this, from low to very important. Impact scale could be determined relying on topic focused scales such as reputational impact, legal impact, financial impact or from a combination of those different impacts.

 

The Risk Matrix

The final objective of any risk manager is to be able to identify through these 2 scales what is his inherent risk and his residual risk once the compensations measures (mitigation) are in place.

riskmatrix.png

 

The result is most of the time schematized in what is called the risk matrix which poses each risk and allows to undertake new actions or to make sure of the good control of the latter.

 

Key Takeaways

There is no one size fit all matrix or risk map but a critical need to promote a tailored approach that could enable decision making process and reduce uncertainty.  

Through the development of these themes in our article, you now have an overview of the various conceptual risks.

If you are interested or want to know more about #RiskManagement, #Risklifecycle or any subjects #Risk subjects related our risk management experts are here to discuss and support you in your efforts!

Our IT Advisory Specialists