Page Navigation

Risk Assessment

This section relates to analyzing and evaluating risk factors already identified, particularly the identification of causes, assessing control effectiveness, impact, probability analysis, assessing risk rating, assigning focal points, and analyzing the risk appetite.

Overview

The Risk assessment includes the analysis and evaluation of the risks related to the strategic, programmes, funding proposals, processes, projects, ICT, and Humanitarian Integrated Risk Framework (IRF) components in terms of their likelihood of occurrence and impact, considering the effectiveness of existing Control Self Assessment (CSA) controls (as part of risk register and mapped to the relevant risks) and practices with the periodicity and the ERM calendar established by the Enterprise Risk Management Secretariat (ERMS). The objective is to allow first-line responders to undertake objective risk assessments and make adequately risk-informed decisions. The heads of the unit must complete a risk assessment following a consultative, disciplined, and systematic approach.

Risk assessment steps

Risk assessment is the iterative process of risk analysis and evaluation. The objective is to provide sufficient necessary information at appropriate suitable intervals for risk-informed management decisions. Robust risk assessments allow for greater acceptance of risk-taking opportunities (such as innovation, operational efficiencies, and maximizing existing synergies in processes) while ensuring rigorous monitoring and control of risks.

Risk analysis entails understanding the risks, and considering root causes with their consequences. The likelihood that those consequences can occur, provides input to the choice of the most appropriate risk response strategies.