The steps involved in managing risk
A. Establish Goals and Context
As outlined in the Risk Management process, the risk assessment is undertaken within the context of your goals. The identification / validation of your goals is therefore a critical first step in the risk management process.
Effective risk management requires a thorough understanding of the context in which your Department or Agency operates. The analysis of this operating environment enables you to define the parameters within which the risks to your outputs need to be managed.
The context sets the scope for the risk management process. The context includes strategic, organisational and risk management considerations. According to the Standard, strategic context defines the relationship between the organisations and its environment. Factors that influence the relationship include financial, operational, competitive, political (public perceptions / image), social, client, cultural and legal. The definition of the relationships is usually communicated through frameworks such as the SWOT (Organisational strengths, weaknesses, opportunities and threats) and PEST (Political, Economic, Societal, and Technological).
The organisational context provides an understanding of the organisation, its capability and goals, objectives and strategies. According to the Standard, organisational context is important because:
a) risk management occurs within the context of endeavouring to achieve the goals and objectives,
b) failure to achieve the objectives is one set of risks that need to be managed, and
c) the goals and strategies assist to define whether a risk is ...