Skip to main content

The risk management process

The main risks from the "Risk identification and assessment" phase must be analyzed in detail.

This analysis helps integrate the main risks. The company's governing body must come up with a reasonable strategy and define the necessary measures adapted to all of the risks.

Risk management process

Graphic. Shows the different stages of the risk management process

The analysis must include the following elements:

  • analysis of causes and effects,
  • quantitative assessment, and/or
  • qualitative assessment

Detailed analysis of the risks in three steps

Graphic. Shows the three stages of detailed risk analysis

Holding a meeting to analyze the main risks in detail ensures a uniform understanding of risk within the company and within each department/production center. The risks must be attributed to the people (risk managers) in charge of constantly monitoring them.

Risk management strategies should be developed and implemented for all of the main risks. These risks may be:

  • accepted
  • reduced
  • avoided
  • transferred

They should be monitored constantly so that changes may be accounted for. A combination of risk-management strategies is often used and implemented in the planning of measures.

Sample action plan

Source: KPMG Schweiz, Methodik zur Einführung eines Risikomanagementsystems, 2008