Before we come to what risk management means, let us define what ‘Risk’ means. Risk as defined in ISO 31000 is”the effect of uncertainty on objectives”. Put simply, once you have set the objectives for your small business – which could be around any business function like production, sales, finance, Logistics, etc., any adverse event, occurrence, development, or situation that hinders the achievement of these objectives is a risk.
These risks could be internal to the business, such as breakdown of machinery, strike, fraud, etc. or external to the business, such as regulatory changes, macro-economic shocks, market breakdown, default by a large customer, etc.
The definition of Risk Management is: the process of identification, evaluation, and prioritisation of risks with a view to minimise, control, and monitor the probability and/or impact of these negative events. What we will look at is to break this technical definition down and look at the practical aspects of the Risk Management framework.
The Process
Identification, evaluation, and prioritisation of risks
The first step in the process is identification of the risk, which involves identifying which specific…