Risk identification requires coordination between risk experts and those who well understand organizational structure and operation of the company.
Risks that businesses have to face will depend on the type of business activities such as: political risks, market risks (prices, interest rates, exchange rates …), personnel risks, technology risks, environmental risks and regulations on environmental protection, risk of construction timeline and engineering, risk of capital, risk of inputs, weather risk, risk of progress, extended construction time, risks of labor safety, market risks of raw material prices, labor, risks of final setllement, debt collection, regulatory risks …; In the financial sector, the banking sector has to confront risks of non-performing loan, financial investment risk, liquidity risk …
Risk analysis activity aims to determine the level of influence and risk probability . There are many types of risks, indeed it is necessary to analyze risks and distinguish what kind of risks occur with a high frequency or less frequently, cause more or less serious consequences… since then taking appropriate risk management measures. Risk analysis and assessment is the measurement of the severity of the risk in order to deal with set priorities. Based on the level of severity, risks are generally classified into three groups including:
- Dangerous group (risks whose consequences can lead to bankruptcy of the business);
- Critical group (risks whose consequences force the business to borrow in order to continue operating);
- Unimportant group (risks that the company can overcome by itself without having huge financially difficulties).
Risk analysis essentially aims to analyze causes and consequences of risks. Based on the scale of impact and probability of occurrence, risks will be assessed either quantitatively (financially) or qualitatively (non-financial). Enterprises must develop and agree on a scale of impact assessment and probability. This scale describes the impact of risks in terms of finance (revenue, profit, cost …) or non-financial (reputation, brand, legislation, personnel …). During the analysis process, it should be noted that a risky event can cause different consequences and have great impact on many corporate goals, so adequacy should be considered in all aspects that risk are damaging .
To reduce damages caused by risks, managers need to follow a risk assessment process with following steps:
- Determine the objectives of enterprise;
- Identify existing and potential risks likely to affect the achievement of your business goals;
- Analyze their impact, even including their frequency of occurrence;
- Identify measures to manage and minimize their damage.