| |
About Risk
Risk is the
possibility
of experiencing
harm or loss.
Risks have to do with
exposure
to uncertain changes. A change is always a risk. This is the
reason in compliance we always authorize, test and document
changes.
People take risks for a good reason: To profit, to change their
life, to try another approach that is more promising. They take
risks in the hope of a favorable outcome.
The four stages of the Risk Process
1. Risk Identification
2. Risk
Analysis
3. Risk Planning (selection and implementation of countermeasures,
when the risks are above our risk appetite)
4.
Implementation of countermeasures,
monitoring, reporting and reviewing Risk Management actions
against objectives
According to the Stanford Encyclopedia of Philosophy,
in non-technical contexts,
the word risk refers, often rather vaguely, to
situations in which it is possible but not certain
that some undesirable event will occur.
In technical contexts,
the word has several more specialized uses and meanings.
Five of these are particularly important since they are widely
used across disciplines:
1. risk =
an unwanted event which may or may not occur.
An example of this usage is: “Lung cancer is one of the major
risks that affect smokers.”
2. risk =
the cause of an unwanted event which may or may not occur.
An example of this usage is: “Smoking is by far the most important
health risk in industrialized countries.” (The unwanted event
implicitly referred to here is a disease caused by smoking.) Both
(1) and (2) are
qualitative
senses of risk. The word also has
quantitative
senses, of which the following is the oldest one:
3. risk =
the probability of an unwanted event which may or may not occur.
This usage is exemplified by the following statement: “The risk
that a smoker's life is shortened by a smoking-related disease is
about 50%.”
4. risk =
the statistical expectation value of an unwanted event which may
or may not occur.
The expectation value of a possible negative event is the product
of its probability and some measure of its severity. It is common
to use the number of killed persons as a measure of the severity
of an accident. With this measure of severity, the “risk” (in
sense 4) associated with a potential accident is equal to the
statistically expected number of deaths. Other measures of
severity give rise to other measures of risk.
Although expectation values have been calculated since the 17th
century, the use of the term “risk” in this sense is relatively
new. Today
it is the standard technical meaning of the term “risk” in many
disciplines. It is regarded by some risk analysts as the only
correct usage of the term.
5. risk =
the fact that a decision is made under conditions of known
probabilities (“decision under risk” as opposed to “decision under
uncertainty”).
How to assess the risks in your workplace
from the Health and Safety Executive - HSE (UK)
Follow the five steps
1.Identify the hazards
2.Decide who might be harmed and how
3.Evaluate the risks and decide on precaution
4.Record your findings and implement them
5.Review your assessment and update if necessary
Don’t overcomplicate the process. In many organisations, the
risks are well known and the necessary control measures are easy
to apply. You probably already know whether, for example, you
have employees who move heavy loads and so could harm their
backs, or where people are most likely to slip or trip. If so,
check that you have taken reasonable precautions to avoid
injury.
When thinking about your risk assessment,
remember:
A hazard is anything that may cause harm, such
as chemicals, electricity, working from ladders, an open drawer,
etc; and the risk is the chance, high or low, that somebody
could be harmed by these and other hazards, together with an
indication of how serious the harm could be.
What is a hazard?
A hazard is anything with the potential to cause harm e.g.
working at height on scaffolding.
What is risk?
A risk is the likelihood that a hazard will cause a specified
harm to someone or something, eg if there are no guard rails on
the scaffolding it is likely that a construction worker will
fall and break a bone.
What is risk management?
Risk management is a process that involves assessing the risks
that arise in your workplace, putting sensible health and safety
measures in place to control them and then making sure they work
in practice.
What
is risk assessment?
A risk assessment is nothing more than a careful examination of
what, in your work, could cause harm to people, so that you can
weigh up whether you have taken enough precautions or should do
more to prevent harm.
Prudence keeps life safe, but does not often make it happy.
Samuel Johnson
Free
E-book: 100 Job Descriptions in Risk and Compliance Management
|
|
Join the International
Association of Risk and Compliance Professionals (IARCP). Membership
is Free
www.risk-compliance-association.com/How_to_become_member.htm
Benefits for Members:
www.risk-compliance-association.com/Member_Benefits.htm
Reading Room
www.risk-compliance-association.com/Reading_Room.htm
Certified Risk and Compliance
Management Professional (CRCMP)
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
Certified Information Systems Risk and Compliance Professional
(CISRCP)
www.risk-compliance-association.com/CISRCP_Distance_Learning_and_Certification.htm
Privacy and Compliance with the Federal
Trade Commission Fair, the California Online Privacy Protection Act,
the Children Online Privacy Protection Act, the Privacy Alliance,
the Controlling the Assault of Non-Solicited Pornography and
Marketing Act
www.risk-compliance-association.com/Privacy.htm
Become a member of the International
Association of Risk and Compliance Professionals (IARCP). Membership
is Free. You will receive a monthly newsletter with risk and
compliance management news, alerts and opportunities. You can
register below:
Distance Learning and
Online Certification programs
from the International Association of Risk
and Compliance Professionals (IARCP)
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
The
Cost:
US$
297
What is included in this
price:
A. The
official presentations
we use in our
instructor-led classes
B. Up to
3 Online Exams
C.
Personalized Membership Certificate printed in full colour.
Processing, printing,
packing and posting to
your office or home
Certified Risk and Compliance Management Professional (CRCMP) -
Distance
Learning and Online Certification Program
Certified Information Systems
Risk and Compliance Professional (CISRCP) -
Distance
Learning and Online Certification Program
To
learn more:
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
| |
