Blog_Jan_Ban.jpg

Assessing Your Risk: Descriptor for Seven Risk Impact Area

This is the "Risk Descriptor" for the seven general risk impact areas to be considered as part of the "Risk Impact" assessment

This table is used for Risk Analysis and Review (RAR) and Crisis Risk Assessment (CRA) and IT  Risk Analysis and Review (IT RAR) assessment for BC | CM | CC | ITDR series.

Rose Lam

Descriptor Risk Impact AreaDescriptor for Seven Risk Impact Area

 

Seven Risk Impact Area

This is the potential effect, generally adverse, that the occurrence of the threat will have on the organisation. When completing your RAR or CRA exercise, the risk impacts are categorized into the following seven risk impact areas.

Descriptor for Seven Risk Impact Area

Descriptor for Seven Risk Impact Area

 

Risk Impact Area (Seven Category)

This is an explanation of the seven categories of risk impact areas.

[1] Financial

There will be financial or quantifiable impact due to loss of revenue, damage to property or equipment.

[2] Processes (Business Operations)

The critical business processes or day-to-day operations of the organisation are impacted.

[3] Legal and Regulatory

Non-compliance with regulatory requirements, inability to fulfil contractual obligations leading to penalties and sanctions; or strategy changes, i.e. outsourcing a service or production line to the vendor

[4] Reputation and Image

The organisation’s reputation and image are adversely impacted and may lead to adverse coverage on various media platforms due to delay or unavailability of key products and services.

[5] Social Responsibility

Public and/or community needs, expectations and interests are impacted by the specific threat.

[6] People

The threat that may cause adverse impacts on personnel, i.e. employees, part-time staff and agency staff.

[7] Assets / ICT Systems / Information

Critical assets, technology, telecommunications and information are impacted by the specific threat. Assets refer to a critical building, facilities, equipment, utilities or physical security of premises.

 

Risk Impact

Just to recap: Risk Impact is the impact on the organisation due to the occurrence due to the threat. 

When selecting the numeric score, it will be based on the highest numeric score derived from one of the seven "Risk Impact Area."  If there is more than one "Risk Impact Area" that has the same score, you are required the select the most relevant "Impact Area" affecting the threats or critical business functions.

 

Risk Impact Area (Highest Numeric Score)

This is the highest risk impact out of the 7 impact areas. This will have the maximum impact on the organisation due to the occurrence due to the threat.

 

Learn More About Business Continuity Management (BC-CM-CC-ITDR)

You may want to know more about our courses.

  [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?   [BL-3-Catalog] What Expert Level Blended Learning Courses that are Available?  

Your Comments

More Posts

New Call-to-action