Why Risk Management is important for everyone
In the world of big business, we talk about risks all the time. What’s the risk of doing something, not doing something, if this person is sick, if that piece of code has a bug…!? It’s endless
But the missing part of those statements comes down to the “so what”. So what are we going to do about these risks. And that’s where risk management comes into play. For small business and entrepreneurial adventures, this is often overlooked until something goes wrong, partly because it is one of a million things a small business needs to consider, and in some cases partly because of a lack of awareness.
Risk management doesn’t need to be an onerous task — and here are some simple steps to break it down…
- Start off with a list of possible risk areas — here are a few suggestions:
Compliance Risks Examples:
- Contractual (leases, sponsors)
- Regulatory & statutory (employment/labour laws, GDPR and data protection)
- Industry standards
Financial Risks Examples:
- Loss of revenues
- Exchange rate losses
- Tax miscalculations
Operational Risks Examples:
- Computing systems
- Data security and management
- Emergency and disaster planning
- IT Failure
Strategic Risks Examples:
- Business partnering and alliances
- Reputation Risks
Business Climate Risks Examples:
- Job opportunities
- Growth in the market
There are numerous more examples depending on your industry/situation
2. Now go through the list and work out the impact of any of those things happening. If we take a common issue — as an example — loss of data.
If we lose all our company data, the impact would be that we no longer have access to our customer data base, our bespoke products and services. This would mean we would have to start from scratch again.
So far the impact has be described. It sounds pretty dire. But then you look at the some of the major impact areas — cost, time, quality and you realise this could become far more serious.
If you can’t access your customer details, you may not be able to contact them to inform them of your issues. They assume that you’re just being rubbish, and your reputation is damaged, impacting your future revenue
If you can’t access your documents, you have to redesign everything from scratch — this costs you more money, and also results in a delay to other work as you recover
Projects in flight are also delayed, leading to either a financial penalty, a reputation hit, or you are delayed picking up new work, whilst you get back up to speed.
3. So now we see —one risk can have numerous consequences. In order to mitigate this — we need to identify a way to manage the risk
For data loss — if we run a back up of all our systems regularly this will minimise the impact — hopefully you would only lose no more than a month of data if you start implementing regular back ups.
If you’re a small business owner, solo entrepreneur, or even just an individual, this can be easily done to places like drop box, or google drive. If you’re a larger company, you may want to invest in larger server back ups/fail-over options.
4. This needs to be repeated for every one of your risks. You might find some risks are acceptable — you are happy to live with as they are, or that other risks are external — e.g. natural disaster — you have no control over.
5. The last step — is to review. How often is down to personal choice. If you’re running high risk projects — a weekly review makes sense. For others — use your judgement!
