ecratum News

Request a Demo >>

Risk Management: Risk assessment in five steps

Posted by Bertrand Duteil on 04/05/2017


In life like in business, most of our actions entail their share of risks. Limiting those risks to their minimum and acting on the most recurring ones let us evolve safely in our activities and plan more easily the future.

Companies are subject to all kinds of risks, including economic, environmental or work safety related. Certificates such as the OHSAS 18001 can guide you when it comes to work safety. But for general risks, a risk assessment can let companies identify risks and how to actively act on them. We will today learn more about this strategy and how to implement it easily in your company.

What is risk assessment?

According to, risk assessment is the “identification, evaluation, and estimation of the levels of risks involved in a situation, their comparison against benchmarks or standards, and determination of an acceptable level of risk.”

The evaluation and estimation of the level of risk are mainly based on the potential loss and the probability of occurrence of this risk. Those two factors can nevertheless be hard to evaluate.To get the full picture, it is important to involve the interested parties at risk and follow the five following steps to realize a complete risk assessment.

Five-steps guide to risk assessment

  • Identify the risks and hazards

To well identify a risk, you first have to understand the context and environment in which it is evolving. Together with your team and employees, you should uncover, describe and list the different risks your activity or project may encounter.

Making the difference between hazard and risk is crucial.

A hazard represents anything that could cause harm such as chemicals, machines but also delay or system complexity.

A risk is the chance for someone or for a project to be harmed by one of those hazards and how serious the harm caused would be.

  • Define who/what might be affected and how

The focus lays on who, within your company or the public, or what may be affected and how. The target groups could be full-time or part-time employees, specific departments such as the production or quality teams, or even third parties such as external companies or clients.

Depending on the type of risks you are assessing and managing, their classification can greatly vary. While work safety risk assessment classifies risks as physical, mental, biological or chemical, other risks assessment will focus on financial data, project management or team environment.

  • Evaluate the risks and decide on precautions

Once the risks and hazards are identified, it is important to evaluate and prioritize them. As explained earlier, defining the potential losses and their probability of happening can help you evaluate how serious a risk is. When a risk is above the acceptable level, it should become for you a priority to reduce this risk level and act on it.

To do so, a list of precautions and measures should be made and implemented in order to limit the potential threat. The risk zero may be hard to reach, but limiting it to an acceptable level is generally possible.

  • Record your significant findings

Along the process, you may want to document your risk assessment. Knowing which risks your company is willing to take, which risk levels are considered as acceptable and which measures and precautions are in place to limit these risks is precious.

It is important to notice that risks assessments may also be requested by some of your business partners, B2B customers or even external bodies during audits. Having them ready will help you prepare your audits and business relationships stress free.

  • Review your assessment and update if necessary

The world is ever changing and so is your business. Some risks may disappear with time but some new ones will eventually come up. Review your assessment regularly and update it if necessary to avoid any bad surprise and keep every potential risk at an acceptable level.


Prevention is better than cure. Efficiently assessing and managing the risks in your company can avoid you many problems and help you plan accurately the future of your organization. By following these five steps, you can easily stay up-to-date about the vital signs of your business.

You want to easily administer your risk assessments and always stay up-to-date about the current risks in your company? Discover now ecratum and its different modules supporting you with your document management and your suppliers exchanges thanks to regular notification and automatic reminders.

Discover now our SRM platform

Tags: tips, risk management