The concept of risk assessment and management is an extremely crucial component of any organization’s operation. Without it, the organization would be less effective due to the fact that it would not have a way to determine which of its activities produce more risk than the others. The article review that I wrote for last week had a lot to do with risk assessment. It touched on the fact that there is a significant amount of methods of assessing risk. This makes me curious as to which method is described here in the professor’s discussion. I believe the most common are the NIPP-RMF and the FEMA model. There is a slight similarity to the risk assessment method that is used in the army.
In the army’s risk management method, there are also five steps. The first step is identifying the hazard. The next step is assessing the hazard and to determine what the risks are. Step three is developing controls and making risk decisions. Step four is to implement the controls that were developed in step three. Step 5 is to supervise the implementation of the risk mitigation controls and to evaluate their effectiveness.
In steps one and two, this is where the actual risk assessment is taking place. This is where you determine what the risks are and then how it could impact the mission or the organization. You can do this by comparing the present situation to past experiences. Also, there has to be a judgment call on how likely the hazard or negative event is to take place. If it has a higher probability, then it can increase the overall level of risk. After you identify the severity and probability of a hazard happening then the next step is to develop controls that will mitigate the severity of the hazard and reduce the probability of the hazard happening. After the controls are developed, they need to be implemented and used. This does not work unless the controls are continuously assessed for effectiveness. If there is room for improvement, then it is made in the supervising and evaluating stage.
The main idea behind this is to effectively manage the risk and attempt to eliminate as much of it as possible, if not all. This is simply one method of risk management. As seen in the example that the professor wrote, there are other ways. All the methods have the same common objective though. The professor stated that most professionals would agree that the most important step in any risk management process is the risk assessment step. I would have to disagree. Although it is important, in my opinion, the most important step is the identification of the hazards. This is my opinion because without the ability to identify the hazards then none of the other steps can occur effectively. If a hazard just happens upon us, then we lose our preemptive abilities to reduce and mitigate the risk beforehand. Instead of being proactive we are forced to become reactive, which very rarely produces the same level of results.