Page Navigation
Embedded Files
6. Risk Rating
This sub-section analyses the risk rating and provides guidance on the results from a combination of impact and probability of the risk occurring.
Overview
Overview
The risk matrix is based on two intersecting factors: the likelihood that the risk event will occur and the potential impact the risk event will have on the business unit. In other words, it is a tool that helps you visualize the probability and the impact of a potential risk occurring.
For each risk, the risk rating will be an automated value after the effectiveness of internal controls has been considered. This will be reflected by a color-coded scale: Critical (Red), High (Orange), Medium (Yellow), and Low (Green) for all risks.
Interpreting a risk rating
Interpreting a risk rating
A function of risk impact and probability (impact * probability), also called the “criticality” of the risk. A risk may have a significant impact when it occurs, although the probability that it may happen is very remote. Conversely, a risk with a minor impact may turn into a significant risk for the Organization if it occurs repeatedly or is not managed. Therefore, when discussing the criticality of the risk, there should be clarity about the impact and probability of each risk on the relevant objective(s).
Video tutorial
Video tutorial
RA Step 6 Risk Rating_Final.mp4Step-by-step guide
Step-by-step guide
Automated risk rating based on the combination of impact and probability.
Automated risk rating based on the combination of impact and probability.
Page updated
Report abuse