homepage > For business > Step 2


Link to Government website, ‘Preparing for Emergencies’
Back to For business
 

Step 2 illustration

Assess the risks


There are two aspects to every risk:
1. How likely is the risk to happen?
2. What effect will it have on your business?



WHAT IS RISK?
Risk is the threat that an event or action will adversely affect a business’s ability to achieve its objectives and successfully execute its strategies. Risk can generally be identified, planned for and dealt with if it does turn into a crisis.

Picture of a shop closed signRisk assessments should be conducted to identify the risks that pose a threat to the performance of the critical functions in the event of an emergency.  This will help organisations to focus resources in the right areas, and develop appropriate plans.

Common risks could include:

  • Burst pipes internally or externally
  • Fire and flooding including flash flooding
  • Gas explosion, bomb or terrorism threat
  • Denial of access to your premises
  • Legal/regulatory action
  • Utilities failure internally or externally
  • Burglary, vandalism and subsequent loss of key components or facilities
  • Staff sickness or absence, perhaps due to an epidemic or pandemic
  • Key supplier failure or loss of financial institution

This list is not exhaustive and will differ depending on the nature and location of your organisation.

Once you have identified your risks it is important to identify how they will impact on your business.

This may be achieved by the use of a simple Risk Matrix as shown below:

Diagram of a simple risk matrix
Source: Emergency Preperedness (Guidance on part 1 of the Civil Contingencies Act 2004)

Definitions of risk ratings:

Very High
Critical risks requiring immediate attention. They may have a low likelihood of occurrence, but their potential consequences are severe enough to warrant being treated as a priority.
High
Significant enough to warrant appropriate consideration of strategies to reduce or eliminate these risks.
Medium
Less significant risks, but may cause upset and inconvenience in the short term.
Low
Risks which are unlikely to occur and would not have a significant impact if they did happen.

Having used the Risk Matrix to identify and prioritise the risks to your organisation you then need to decide on a strategy (step3).

Useful links for further information on risks:

Move to:
Step 1            <   Step 2   >            Step 3                Step 4                Step 5