Risk Impact Spectrum

0
1183

screenshot88Risk impacts must include consideration of the risk impact spectrum.

The current floods occurring in North Eastern Australia are a natural disaster, which is hard to predict and even harder to control.  However these events make us realise that the initial consideration of the impact at hand, may actually not be the only impact your are dealing with at the time or in the future.

Every risk you have or think you have has a broad range of potential impacts for your organisation.  In this case the initial reaction regarding this risk, and event, is the initial impact of the surrounding floods and the damage to property and potential for loss of life.  But the event has layers of potential impacts.  For example, the floods could result in parts of Brisbane being without drinking water. During a natural flood disaster, we now considering drought based controls due to the potential impacts to drinking water in Brisbane!

This broad view of risks has reared its head many times before.  For example, the initial earthquake off Japan, that turned into a tsunami, and then into a potential nuclear disaster, is another classic example of the broad view you need to undertake in your risk assessments.  Organisations need to consider every risk in this regard.  Through going beyond the obvious impacts, organisations should consider the direct impactscollateral impactsconsequential impacts and the associated impacts.

impacts

Organisations need to consider the broad range of impacts as part of an effective risk management framework:

  • Direct impacts. These are the financial and non-financial impacts of the risk / event that occur as the event initially occurs and impact your organisation as a direct result of the risk / event. e.g. initial flood damage to property.
  • Collateral impacts. Relates to impacts that occur to either areas of your organisation not directly impacted or to stakeholders involved in your organisation in achieving its goals. e.g. customers injured at your premises, loss of central office functions because link is through sub-station at your impacted site.
  • Consequential impacts.  Impacts that occur as a result of the event but were not the direct initial impact, but rather occur as a consequence of the initial event. e.g. floods cause water treatment facilities to not operate, therefore resulting in you unable to access clean water for your employees.
  • Associated impacts.  The initial direct impact has a multitude of layers of impact on your organisation which are all associated to each other in some way. e.g. Flood impact results in electrical damage to your alarm leaving your property open to theft.

In order to manage the spectrum of risks we recommend a clear approach to considering each of these impact areas.  A simple but effective tool in completing this activity is a fish bone diagram where you detail the bone structures relating to the four parts of the risk spectrum.

risk impacts fishbone

Considering the broad range of impacts, beyond the traditional direct impacts, will provide your organisation with the key elements to best manage the risk and implement appropriate controls to reduce the potential risk impacts.  The above approach is one way of achieving the goal of understanding the depth of the impact that the risk could eventuate.

Risk management, particularly, operational risk, must become less qualitative and more quantitative in its approach to help businesses better understand their risks, impacts and controls.  This will in turn ensure the organisation achieves the best financial and operational outcomes.

So, remember that risks are more than just a single simple impact but rather are a spectrum of impacts for your organisation.

VN:F [1.9.22_1171]
Rating: 8.4/10 (5 votes cast)
Risk Impact Spectrum, 8.4 out of 10 based on 5 ratings
SHARE
Previous articleVirtual coincides with physical
Next articleToday’s Links February 3, 2013
Scott North has extensive experience in enterprise risk management, internal audit, operational risk and compliance, risk strategy, scenario planning, technology risk, technology business analysis, systems design, financial accounting, and management accounting. Scott is a Fellow of the Australian Institute of Chartered Accountants with a Masters Degree from the University of Melbourne in Business and Information Technology. Scott is also a Fellow of the University of Melbourne.