Identifying, Evaluating, Recording and Responding to Your Risks (IERR)
The first step to managing risk is to identify the risks to your business and then evaluate them. You then record and report on them and finally respond by developing appropriate strategies to address the threats they pose in a structured way. Using this ‘IERR’ process, you can judge how risks impact on your business.
As you may have spotted, the process of risk assessment is closely linked to the Business Impact Analysis (BIA) that we discuss in Chapter 4, which is where we also help you identify your critical activities and assess the maximum period for which they can potentially be disrupted before the disruption proves threatening to your entire business.
This process may seem like a lot of work initially, but it’s all manageable. And when the systems are in place and you’ve trawled the risk-infested waters in which your organisation swims and assessed what you’ve found, ongoing maintenance is ...