Check to see if you’re managing all 12 risks correctly and if you’re focusing on the wrong ones.
There are three very understandable reasons why it often appears that the majority of managers either disregard certain risks or fail to take them as seriously as would be prudent.
• Awareness The majority of people are most successful at managing risks they are most aware of. These typically involve events that take place fairly frequently or are brought to their attention by the media, the insurance industry, or the relevant regulator. In most cases, these factors are unrelated to the likely seriousness of the event in question or its probability. As a result, minor thefts and vandalism are frequently underrated.
The possibility The majority of people greatly underestimate the likelihood of seemingly unimportant occurrences. I was surprised to learn that lightning actually kills a lot of people every year, and I just met a person who was killed twice!
The severity The majority of people overestimate the severity of their most serious risks. As a result, inadequate control measures are implemented as data loss and reputation loss are frequently underestimated.
Therefore, don’t be surprised if you fall into the majority; however, take a look at this list and consider how each risk might affect your company and whether you are focusing on controlling the most important or least important ones.
There are twelve major risk categories.
1. Property. Probably the most well-known group is this one. Fire, storm, theft, and malicious damage are all included. When evaluating it, try to consider not only the cost of repairing or replacing it but also how any loss or damage will affect your business.
2. People. Health and safety is the aspect of risks related to people that receives the most attention, and for good reason. The setting, in addition to the number of people involved and the nature of the work, determines its relevance to your company: For instance, it is safer to clean windows in a bungalow than in a skyscraper! Other risks that involve people typically receive less attention. However, these can be catastrophic if not managed properly. Poor employee relations, absenteeism, competency, and discipline are among the risks. Failures in these areas may result from a lack of focus on staff recruitment, training, and retention.
3. Motor. This risk is usually taken seriously by fleet managers, but some have regretted not looking into issues related to employees using their own vehicles for work. In contrast, the most significant motor claim I ever had to deal with was caused by a mobile plant hitting a low railway bridge. The cost of maintaining the bridge’s safety was in addition to the plant’s repair.
4. Cyber. This pertains to any outcome of using computers or the Internet. While many managers take precautions to protect their equipment from hacking, malware, and viruses, they do not take sufficient measures to control how employees or others misuse IT, the Internet, and social media.
5. Financial. There are pure financial consequences, such as those resulting from poor financial management, poor investments, cash flow, and fraud, as well as the cost of under- or over-insurance, in addition to the financial consequences of all the other risks, which can be partially controlled by insurance.
6. Environmental. This isn’t just a problem for big polluters. Breaking tree preservation orders or encountering archaeological remains while digging a trench fall into this category. I remember how much effort, time, and money were put into trying to sell or improve a “Historic” building.
7. Regulatory. Although falling foul of a regulator and receiving a temporary or even permanent ban from operating is devastating to your business, it is hoped that you will be aware of the regulations that apply to your industry.
8. Reputational. It is possible for the public’s perception of your shortcomings to be exaggerated in comparison to the actual damage done. My mind goes to horsemeat! The way you respond can make the difference between using a strategy to limit damage and dousing the flames with gasoline. Training for you and your employees? could be an excellent purchase. Training on how to use social media should be included in this.
9. Continuity of Business or resilience. This refers to the long- or short-term effects of an undesirable event on your business, which may or may not be a risk you can manage. For instance, in addition to attempting to reduce the likelihood of a fire occurring in your premises, do you have a viable strategy for operating the business while you await repairs?
10. Logistics chain How much do you know about your suppliers’ risk management procedures? How much do you rely on any of them? How simple would it be to switch? Do these factors influence your supplier selection?
11. Business or strategic This is the possibility of making rash decisions about the business’s overall direction, such as moving or restructuring. This category could also include underpricing a significant contract or failing to account for a significant cost in your budgeting, both of which are examples of major miscalculations made within a sound strategy.
12. Third Party or Liability This pertains to the costs incurred by your company when people file claims against you, whether they are successful or not. The management of the risk of an accident is distinct from the management of the claims process.
Now think about three “ifs.”
I. Please let me know if you know of any other categories. It could be that I have been unable to control it!
II. Risks interact with one another, which is why there are areas where they overlap. As a result, it’s preferable to examine them together rather than separately. They cannot be properly managed in isolation.
III. If there are risks on this list that you don’t understand or know how to manage, you should probably at least have a preliminary conversation with a risk management consultant. What are you willing to risk?