Before a business can assess or mitigate business risk, it must first identify probable or likely risks to its bottom line. There is no sure-fire method for identifying these risks, but companies rely on past experience for reasonably approximating what could happen. Risk-processes naturally evolve and mature over time, but there are some fundamental principles that stay constant.

Assessing Business Risks

Business risks come in all shapes and sizes. This means that effective risk assessment must be adaptable to or uniquely designed for specific dangers. Whenever possible, a firm should group similar risks into comparable analytic processes.

Ideally, a company should allocate capital based on risk as determined by cost-benefit analysis. Every risk identification process should lead to effective analysis, and every analysis should inform corporate governance.

Internal Versus External Risk Analysis

There are two broad forms of risk that may affect a business: internal and external.

External Risks

External risks are those that originate outside of the firm and include economic trends, government regulation, competition in the market and consumer taste changes. Internal (firm-specific) risks include employee performance, procedural failure, and faulty or insufficient infrastructure.

External risk assessment is almost always data-heavy. Since most external risks are systemic to an economic system – and therefore outside of the control of the company – forecasts cannot be adjusted based on different corporate governance decisions.

The external assessment begins by categorizing potential risks. Some scales are nominal, and some are ordinal. Companies prefer nominal categories because they are easier to manipulate and compare. Quantitative techniques, such as benchmarking or probabilistic modeling, adapt to new data as it arrives. Companies can then track relevant indicators and create thresholds of acceptable risk for a given project.

Internal Risks

Internal risks affect far more specific and controllable processes. Companies use operational risk assessment for risk of loss from inadequate business decisions. Compliance risk assessment is crucial, particularly in tightly controlled industries, such as banking or agriculture.

Internal audit risks must be assessed, particularly for publicly traded companies. It wasn't long ago that companies simply operated on industry-standard practices. Modern companies, however, assess internal risks by considering the likelihood and impact on specific objectives.

  1. What are the major categories of financial risk for a company?

    Examine four major categories of financial risk for a business that represent potential problems that a company may have ... Read Answer >>
  2. What are the primary sources of market risk?

    There are four primary sources of risk that affect the overall market: interest rate risk, equity price risk, foreign exchange ... Read Answer >>
  3. What are some common measures of risk used in risk management?

    Learn about common risk measures used in risk management and how to use common risk management techniques to assess the risk ... Read Answer >>
  4. Why are mutual funds subject to market risk?

    Find out why mutual funds, like all investments, are subject to market risk, including how the different types of market ... Read Answer >>
  5. What Are the Components of a Risk Premium?

    Learn the five main risks that comprise the risk premium and how they affect investors. Read Answer >>
Related Articles
  1. Investing

    Balancing the Different Risks Investors Face

    One of the keys to investing successfully is to balance different types of risk.
  2. Investing

    The Risks Associated with Common Investments

    Investing inherently involves some risk. Here are some of the different types of investment risks.
  3. Financial Advisor

    Active Risk vs. Residual Risk: Differences and Examples

    Active risk and residual risk are common risk measurements in portfolio management. Understand the differences between them and find example calculations.
  4. Personal Finance

    What Does It Really Mean to Be Risk Averse?

    We can’t really get away from risk and there are many meanings for this thing we call risk.
  5. Financial Advisor

    Pro Tips on Evaluating Clients' Risk Tolerance

    Want to keep clients longer? Bolster your risk assessment capabilities.
  6. Investing

    Using Logic To Examine Risk

    Know your odds before you put your money on the table.
  7. Investing

    Investor Risk Tolerance: Ability and Willingness

    Risk tolerance includes both the investor's ability and willingness to take on risk.
  8. Investing

    What You Should Know About Risk Tolerance and Risk Capacity

    When deciding how to invest, you need to consider your risk tolerance and your risk capacity.
  9. Trading

    Risk Tolerance

    Knowing your risk tolerance – and keeping to investments that fit within it – should keep you from complete financial ruin.
  10. Investing

    How To Manage Portfolio Risk

    Follow these tips to successfully manage portfolio risk.
  1. Specific Risk

    Specific risk is a risk that affects a minimal number of assets, ...
  2. Associate in Risk Management (ARM)

    An associate in risk management designation is a nationally recognized ...
  3. Business Risk

    Business risk is the possibility a company will have lower than ...
  4. Country Risk

    Country risk is a term for a set of risks associated with investing ...
  5. Risk Profile

    A risk profile is an evaluation of an individual or organization's ...
  6. Price Risk

    Price risk is the risk of a decline in the value of a security ...
Trading Center