Risk assessment matrix
- 1 Risk Assessment Introduction
- 2 Types of Risk Assessment
- 3 Risk Assessment Matrix
- 4 Risk Assessment Matrix Tutorial
Risk Assessment Introduction
Risk assessment is the process of risk analysis and risk evaluation. The concept of risk is defined as the probability and severity that a hazard will occur, where a hazard is defined as a condition with the potential for causing an undesirable consequence. A risk analysis is performed as a quantitative evaluation of the risk of an activity.
Risk assessment is performed in safety engineering, reliability engineering, and environmental engineering. It is a key part of any engineering project, both large and small scale. Common risk assessment is performed using a risk matrix, a tool used to determine the severity and probability of an accident independently from one another. Criteria for information to be analyzed using a Risk Matrix model (State, 2004):
- Identify their most important (critical) processes and functions
- Identify threats most likely to impact those processes and functions
- Determine the vulnerability of critical functions and processes to those threats
- Prioritize deployment of personnel and resources in order to maintain continuous operation of critical functions and processes.
[[File:Riskcategories.png|center|Figure1:Examples of types of risk Categories for an Engineering Project(2).
Types of Risk Assessment
Risk assessment can therefore be conducted at various levels of the organization. The objectives and events under consideration determine the scope of the risk assessment to be undertaken. Examples of frequently performed risk assessments include:
Risk associated with the loss from activities such as design, engineering, manufacturing, technological processes and test procedures. (Dictionary, 2015) Technical risk addresses project level concerns and provides the detailed assessment of the technical risks and issues associated with each option in the capability proposal. The primary purpose of the technical risk assessment is to inform stakeholders of these risks and issues and assist the project in the development of effective risk treatments and issue resolution strategies. At this stage, a significant proportion of the technical risks may relate to insufficient technical information. (Division, 2010)
In recent years, increased regulatory requirements have forced businesses to expend significant resources to address risk, and shareholders in turn have begun to scrutinize whether businesses have the right controls in place. The increased demand for transparency around risk has not always been met or met in a timely manner, however—as evidenced by the financial market crisis, where the poor quality of underlying assets significantly impacted the value of investments. In the current global economic environment, identifying, managing, and exploiting risk across an organization has become increasingly important to the success and longevity of any business. (HouseCoopers, 2008) Evaluation of risks related to initial capital investment of the organization through input from various parties such as the World Bank, financial institutions, and stakeholders. This evaluation, typically performed by the finance function, considers the characteristics of the financial reporting elements (e.g. the effectiveness of the key controls (e.g., likelihood that a control might fail to operate as intended, and the resultant impact). (HouseCoopers, 2008) Mining projects are one of the world leaders in capital-intensive projects, and without capital investments would not be able to be undertaken. Capital is required throughout all stages of mine planning, mine design and mine reclamation. (Darling, 2011)
Forecasting metal prices is one of the most difficult tasks associated with project evaluation and design. The risk associated with the metal price is due to the fluctuations in price over the life of mine period. The metal prices and the revenue are the most sensitive elements when conducting a sensitivity analysis on the net present value of a project. (Darling, 2011)
As the Canadian dollar continues to drop against the U.S. dollar, the profit margins of the project will improve because the cost of production declines in dollar terms . (Darling, 2011)
Risk Assessment Matrix
Consequences of risks as laid down in the grid use descriptive words and are ranked according to severity: Insignificant, Moderate, Critical, and Catastrophic. Insignificant risks are the least severe and would be assigned the lowest rank. Inversely, catastrophic risks are those that would be first in the severity ranking. Determine tolerance by assigning dollar values to each severity ranking, as well as some qualitative characteristics of the consequence being described. (ExecutiveBrief, 2008)
Risk Assessment Matrix Tutorial
Risk Matrix Tutorial Video
Advantages of a risk matrix
- A quick way to graphically recognize the issues of the risk
- The severity of the hazard and the frequency to be evaluated independently from one another
- Estimation of probability are not needed
The actual determination of each space is determined prior to the assessment being completed, and varies from project to project. It is not unusual to see the Catastrophic – Improbable space be considered an unacceptable risk, as the consequence of such a hazard would be tragic for the project.
Disadvantages of a risk matrix
- Lack of depth to the tool
- The consequence of human error in the determination of the matrix
The lack of depth is an issue because should the tool be used as the only method of risk evaluation, the intricacies of the hazard could be oversimplified. For this reason, the matrix is a tool that should be used as an overview or preliminary measure in risk assessment.
The consequence of human error that could cause an issue with a risk assessment usually comes from judging spaces on the matrix inappropriately. While the axes will often have quantitative values associated with them, such as a percent chance of occurring or a set financial loss, the spaces are reliant on the judgment of the user.Therefore, some human error can be a factor in the overall risk assessment.