BCM Planning Methodology

Assessing Your Risk: Descriptor for Seven Risk Impact Area

Written by Rose Lam | Dec 8, 2021 7:50:38 AM

Descriptor for Seven Risk Impact Area

 

Seven Risk Impact Area

This is the potential effect, generally adverse, that the occurrence of the threat will have on the organisation. When completing your RAR or CRA exercise, the risk impacts are categorized into the following seven risk impact areas.

Descriptor for Seven Risk Impact Area

 

Risk Impact Area (Seven Category)

This is an explanation of the seven categories of risk impact areas.

[1] Financial

There will be financial or quantifiable impact due to loss of revenue, damage to property or equipment.

[2] Processes (Business Operations)

The critical business processes or day-to-day operations of the organisation are impacted.

[3] Legal and Regulatory

Non-compliance with regulatory requirements, inability to fulfil contractual obligations leading to penalties and sanctions; or strategy changes, i.e. outsourcing a service or production line to the vendor

[4] Reputation and Image

The organisation’s reputation and image are adversely impacted and may lead to adverse coverage on various media platforms due to delay or unavailability of key products and services.

[5] Social Responsibility

Public and/or community needs, expectations and interests are impacted by the specific threat.

[6] People

The threat that may cause adverse impacts on personnel, i.e. employees, part-time staff and agency staff.

[7] Assets / ICT Systems / Information

Critical assets, technology, telecommunications and information are impacted by the specific threat. Assets refer to a critical building, facilities, equipment, utilities or physical security of premises.

 

Risk Impact

Just to recap: Risk Impact is the impact on the organisation due to the occurrence due to the threat. 

When selecting the numeric score, it will be based on the highest numeric score derived from one of the seven "Risk Impact Area."  If there is more than one "Risk Impact Area" that has the same score, you are required the select the most relevant "Impact Area" affecting the threats or critical business functions.

 

Risk Impact Area (Highest Numeric Score)

This is the highest risk impact out of the 7 impact areas. This will have the maximum impact on the organisation due to the occurrence due to the threat.

 

Learn More About Business Continuity Management (BC-CM-CC-ITDR)

You may want to know more about our courses.