Featured Product
This Week in Quality Digest Live
Risk Management Features
Mark Schmit
Particularly wanted are workers with electrical and mechanical aptitude for jobs as maintenance technicians
Lucca Henrion
Carbon dioxide can make up a significant percentage of concrete mass
James Wells
Learn to speak the language of business, time, and dollars
Yoav Kutner
Let salespeople spend more time on customer service, market research, and competitor analysis
Jose Luis Alvarez
CEOs should sharpen their most important strategy execution tool

More Features

Risk Management News
Design, develop, implement, continually improve risk management in systems and software engineering
ISO/IEC/IEEE 16085 has just been updated
Galileo’s Telescope describes how to measure success at the top of the organization, translate down to every level of supervision
NSF-funded project is developing a model to help manufacturers pivot and produce personal protective equipment
How to develop an effective strategic plan and make the best major decisions in the context of uncertainty and ambiguity
What continual improvement, change, and innovation are, and how they apply to performance improvement
Good quality is adding an average of 11 percent to organizations’ revenue growth
Further enhances change management capabilities
How the nation’s leading multistate cannabis company ensures quality and safety standards

More News

Michael Dehoyos

Risk Management

Eight Basics of Risk Management

Risk management essentials for business

Published: Wednesday, May 6, 2020 - 11:01

The amount of risk that one is exposed to when running a business is vast. Some risks may result in severe legal or financial trouble or cause the business to shut down. Mitigating these risks is a major aspect of successfully running a business.

Every aspect of a business has certain risk factors attached to it. Those who are in leadership roles within a company or organization must take the lead in risk identification and management. This article will summarize eight basic considerations for those who are responsible for risk management within their organization.

Senior employees must lead by example

The way culture is created within an organization has much to do with what those in senior positions will tolerate and what they will not. This can apply to any type of risk, whether it be personal safety, credit risk, liquidity risk, or operational risk. The leaders within a workplace set the standard for the rest to follow. Failure to set an appropriate standard will ultimately have undesirable consequences.

Leaders should be closely involved in the development, training, and implementation of risk management programs and protocols.

Look for internal risks

For many professionals, the term “risk management” conjures ideas of supply chain issues, market cycles, and liquidity issues. Although these are all valid concerns, risk can also come from within an organization. Senior officials within a company should look for risks within the organization and not just for external ones.

A Forbes article by Simon Biddiscombe highlights a couple of high-profile examples of internal risk “including the case of a disgruntled Tesla employee who used his insider access to make code changes and export large amounts of highly sensitive data to outsiders.” Or another case where a Capital One employee exposed personal data of more than 100 million clients in the United States and Canada. “According to Verizon’s 2019 ‘Data Breach Investigations Report,’ 30 percent of data breaches were caused either intentionally or accidentally by insiders,” Biddiscombe writes.

Larger companies face larger liabilities

Larger companies have a more difficult time managing risk. As departments are added, and existing ones grow larger, they become more difficult to manage. There are more moving parts, more opportunities for things to go wrong. Large companies are also more likely to be the target of legal action looking for large legal compensation, should an employee become seriously injured or killed. According to Robert Shaftoe writing in Chron (“The Liability of Small vs. Large Accounting Firms”), “all of the Big Four firms periodically have clients that experience accounting scandals.”

Develop strategies that emphasize flexibility

Software companies began to experience a much higher level of success once they implemented the Agile project management philosophy. This philosophy stresses the notion of being flexible to changes in a business’s needs or greater environment. Although the Agile methodology relates specifically to software development, the principles of flexibility can be applied to any business. Sebastian Botiș of Today Software Magazine writes that effective risk management involves identifying the risk, analyzing each risk to determine its exposure (i.e., severity of impact), prioritizing the identified risks based on their exposure, creating action plans (responses) to deal with the high-priority risks, continuous monitoring, and follow-up to ensure that your action plans are mitigating the risks.

Get everyone involved

Risk management is the responsibility of everyone. Workplace leadership should encourage all employees to voice their concerns or offer suggestions regarding issues they think have the potential to cause major problems.

Look at successful competitors

Companies that are successful exercise quality risk management. Looking at these organizations to study what type of protocols or strategies they must manage, mitigate, and respond to risk can be a useful exercise. According to Robert S. Kaplan and Anette Mikes, NASA's Jet Propulsion Laboratory “has established a risk review board made up of independent technical experts whose role is to challenge project engineers’ design, risk-assessment, and risk-mitigation decisions. Experts ensure that evaluations of risk take place periodically throughout the product-development cycle.

Conduct a SWOT analysis

The acronym SWOT stands for strengths, weaknesses, opportunities, and threats. Strengths and weaknesses are generally considered to be internal factors, areas where the company succeeds and areas where it fails. Opportunities and threats are external factors, what market conditions or other external factors position the company with opportunities, and which ones can be potentially harmful to the company.

Those in charge of risk management should conduct a thorough and honest SWOT analysis to ensure they are well-positioned should any issues occur.

Risk management matters to investors

Educated investors and financial institutions are acutely aware of the risks associated with certain industries. Companies looking to attract big-money investors must be aware that one of the first things that will be scrutinized is the company’s risk management plan. A common example of this can be seen with resource companies operating in politically unstable countries. The smart money will be interested in what specific steps the company has taken to minimize risk, should a political uprising occur.


Risk management is a vital part of business operations. Without it, an organization is fully exposed and vulnerable, should some major issues arise. Risk management is all about mitigating the effects of negative events over which the business itself has no direct control.


About The Author

Michael Dehoyos’s picture

Michael Dehoyos

Michael Dehoyos is a content marketer and editor at Phd Kingdom and Academic brits. He works with companies to develop a personalized marketing strategy that best presents the company’s brand and product/service. Michael is also a writer, having contributed to numerous publications. Most of his work can be found at Origin Writings.