Featured Product
This Week in Quality Digest Live
Risk Management Features
Naresh Pandit
Enter the custom recovery plan
Anton Ovchinnikov
In competitive environments, operational innovation could well be the answer to inventory risk
Kari Miller
An effective strategy requires recruiting qualified personnel familiar with the process and technology
Sarah Schiffling
But supply chains will get worse before they get better
William A. Levinson
People can draw the wrong conclusions due to survivor, survey, and bad news bias.

More Features

Risk Management News
Major ERP projects take six months longer than companies were told
Three webinars to increase participation and understanding within the world of quality assurance
Partnership bolsters defense against growing cybersecurity risks
It is a smart way to eliminate waste and maximize value
An early warning system lets Arctic people know when bears approach
ISO 21434 automotive cybersecurity and implementing design and process FMEAs
Implementing a SIOP process can smooth supply spikes while improving cash flow and increasing profitability
Does your business’ security match up with competitors?
Prior to vote, IAF seeks industry feedback to understand the level of demand from businesses and regulators.

More News

Michael Dehoyos

Risk Management

Eight Basics of Risk Management

Risk management essentials for business

Published: Wednesday, May 6, 2020 - 12:01

The amount of risk that one is exposed to when running a business is vast. Some risks may result in severe legal or financial trouble or cause the business to shut down. Mitigating these risks is a major aspect of successfully running a business.

Every aspect of a business has certain risk factors attached to it. Those who are in leadership roles within a company or organization must take the lead in risk identification and management. This article will summarize eight basic considerations for those who are responsible for risk management within their organization.

Senior employees must lead by example

The way culture is created within an organization has much to do with what those in senior positions will tolerate and what they will not. This can apply to any type of risk, whether it be personal safety, credit risk, liquidity risk, or operational risk. The leaders within a workplace set the standard for the rest to follow. Failure to set an appropriate standard will ultimately have undesirable consequences.

Leaders should be closely involved in the development, training, and implementation of risk management programs and protocols.

Look for internal risks

For many professionals, the term “risk management” conjures ideas of supply chain issues, market cycles, and liquidity issues. Although these are all valid concerns, risk can also come from within an organization. Senior officials within a company should look for risks within the organization and not just for external ones.

A Forbes article by Simon Biddiscombe highlights a couple of high-profile examples of internal risk “including the case of a disgruntled Tesla employee who used his insider access to make code changes and export large amounts of highly sensitive data to outsiders.” Or another case where a Capital One employee exposed personal data of more than 100 million clients in the United States and Canada. “According to Verizon’s 2019 ‘Data Breach Investigations Report,’ 30 percent of data breaches were caused either intentionally or accidentally by insiders,” Biddiscombe writes.

Larger companies face larger liabilities

Larger companies have a more difficult time managing risk. As departments are added, and existing ones grow larger, they become more difficult to manage. There are more moving parts, more opportunities for things to go wrong. Large companies are also more likely to be the target of legal action looking for large legal compensation, should an employee become seriously injured or killed. According to Robert Shaftoe writing in Chron (“The Liability of Small vs. Large Accounting Firms”), “all of the Big Four firms periodically have clients that experience accounting scandals.”

Develop strategies that emphasize flexibility

Software companies began to experience a much higher level of success once they implemented the Agile project management philosophy. This philosophy stresses the notion of being flexible to changes in a business’s needs or greater environment. Although the Agile methodology relates specifically to software development, the principles of flexibility can be applied to any business. Sebastian Botiș of Today Software Magazine writes that effective risk management involves identifying the risk, analyzing each risk to determine its exposure (i.e., severity of impact), prioritizing the identified risks based on their exposure, creating action plans (responses) to deal with the high-priority risks, continuous monitoring, and follow-up to ensure that your action plans are mitigating the risks.

Get everyone involved

Risk management is the responsibility of everyone. Workplace leadership should encourage all employees to voice their concerns or offer suggestions regarding issues they think have the potential to cause major problems.

Look at successful competitors

Companies that are successful exercise quality risk management. Looking at these organizations to study what type of protocols or strategies they must manage, mitigate, and respond to risk can be a useful exercise. According to Robert S. Kaplan and Anette Mikes, NASA's Jet Propulsion Laboratory “has established a risk review board made up of independent technical experts whose role is to challenge project engineers’ design, risk-assessment, and risk-mitigation decisions. Experts ensure that evaluations of risk take place periodically throughout the product-development cycle.

Conduct a SWOT analysis

The acronym SWOT stands for strengths, weaknesses, opportunities, and threats. Strengths and weaknesses are generally considered to be internal factors, areas where the company succeeds and areas where it fails. Opportunities and threats are external factors, what market conditions or other external factors position the company with opportunities, and which ones can be potentially harmful to the company.

Those in charge of risk management should conduct a thorough and honest SWOT analysis to ensure they are well-positioned should any issues occur.

Risk management matters to investors

Educated investors and financial institutions are acutely aware of the risks associated with certain industries. Companies looking to attract big-money investors must be aware that one of the first things that will be scrutinized is the company’s risk management plan. A common example of this can be seen with resource companies operating in politically unstable countries. The smart money will be interested in what specific steps the company has taken to minimize risk, should a political uprising occur.


Risk management is a vital part of business operations. Without it, an organization is fully exposed and vulnerable, should some major issues arise. Risk management is all about mitigating the effects of negative events over which the business itself has no direct control.


About The Author

Michael Dehoyos’s picture

Michael Dehoyos

Michael Dehoyos is a content marketer and editor at Phd Kingdom and Academic brits. He works with companies to develop a personalized marketing strategy that best presents the company’s brand and product/service. Michael is also a writer, having contributed to numerous publications. Most of his work can be found at Origin Writings