Risk assessment is the process of identifying variables that have the potential to negatively impact an organization’s ability to conduct business.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
In a large enterprise, a risk assessment is usually conducted by the Chief Risk Officer (CRO). A risk assessments can be quantitative or a qualitative. In a quantitative risk assessment, the CRO assigns numerical values to the probability an event will occur and the impact it will have. These numerical values can then be used to calculate an event's risk factor, which in turn can be mapped to dollar amounts. Qualitative risk assessments, which are used more often, do not involve numerical probabilities or predictions of loss. The goal of a qualitative approach is simply to rank which risks pose the most danger.
This table illustrates an example of a quantitative assessment.
A risk matrix is a qualitative tool for sharing a risk assessment.