[Business Impact Analysis] [Risk Impact and Likelihood Assessment]
Part 3: RAR - Risk Impact and Likelihood Assessment for MBS
Introduction
![[BCM] [GEN] [E3] [RAR] [T3] Risk Impact and Likelihood Assessment](https://blog.bcm-institute.org/hs-fs/hubfs/Generic%20Morepost%20for%20Companies/Updated%20Generic%20BCM%20eBook%20Morepost/BCM%20GEN%20E3/%5BBCM%5D%20%5BGEN%5D%20%5BE3%5D%20%5BRAR%5D%20%5BT3%5D%20Risk%20Impact%20and%20Likelihood%20Assessment.png?width=200&height=175&name=%5BBCM%5D%20%5BGEN%5D%20%5BE3%5D%20%5BRAR%5D%20%5BT3%5D%20Risk%20Impact%20and%20Likelihood%20Assessment.png)
The Risk Impact and Likelihood Assessment is an essential component of the Risk Analysis and Review (RAR) phase in Business Continuity Management (BCM).
For an organization such as Marina Bay Sands (MBS), which operates as a world-class integrated resort comprising hospitality, retail, entertainment, conventions, and casino operations, the identification and assessment of risks must be precise and comprehensive.
This process involves evaluating threats in terms of their impact across multiple dimensions (finance, operations, legal, regulatory, reputation, people, social responsibility, and assets/IT systems) and assessing the likelihood of their occurrence. By doing so, MBS is better positioned to prioritize risk treatments, allocate resources effectively, and ensure resilience during disruptive incidents.
The assessment framework aligns with the ISO 22301 standard and follows BCM Institute’s methodology, ensuring that MBS maintains its operational stability while safeguarding stakeholders’ confidence and its global brand reputation.
Risk Impact and Likelihood Assessment Table for MBS
|
Threat |
Impact Area - Finance |
Impact Area - Operations |
Impact Area - Legal & Regulatory |
Impact Area - Reputation & Image |
Impact Area - Social Responsibility |
Impact Area - People |
Impact Area - Assets/IT Systems/Information |
Risk Impact Area (Highest Numeric Score) |
Risk Likelihood |
Risk Rating |
Risk Level |
Expected Period of Disruption |
|
Pandemic Outbreak (e.g., COVID-19) |
Severe loss of revenue due to closure of casino, hotels, F&B, and events |
Full suspension of operations |
Compliance with government-mandated closures and health regulations |
Significant global brand damage if poorly managed |
Public health responsibility to prevent spread |
Health and safety of employees and guests compromised |
IT strain from increased online demand, need for digital customer engagement |
Finance (5) |
High |
Extreme |
Critical |
Months (6–12) |
|
Terrorist Attack or Bomb Threat |
Substantial financial losses due to prolonged closure and recovery |
Complete shutdown of affected facilities |
Possible non-compliance with safety standards |
International media coverage damaging brand trust |
Failure to ensure guest safety affects corporate social license |
Risk of casualties among employees and guests |
Physical destruction of assets, possible IT system disruption |
People (5) |
Medium |
High |
Severe |
Weeks to Months |
|
Cybersecurity Breach (Data Theft, Ransomware) |
Regulatory fines and compensation costs |
Disruption of casino, hotel booking, and payment systems |
Breach of data protection laws (e.g., PDPA, GDPR) |
Loss of guest trust in digital platforms |
Responsibility for safeguarding customer data |
Employee and customer personal data compromised |
Critical IT systems compromised (payments, loyalty, reservations) |
Assets/IT Systems (5) |
High |
Extreme |
Critical |
Days to Weeks |
|
Natural Disaster (Flood, Fire, Earthquake) |
Property damage, repair, and insurance claims |
Interruption of hotel, retail, and casino operations |
Compliance with workplace safety regulations |
Negative publicity on safety and preparedness |
Impact on community welfare and employees’ families |
Safety risk to staff and guests |
Structural damage, IT equipment destruction |
Operations (5) |
Low |
Medium |
Moderate |
Weeks |
|
Supply Chain Disruption (Food, Retail, Event Supplies) |
Increased costs for alternatives, potential revenue loss |
Inability to provide F&B, retail, and convention services |
Possible contractual breaches with suppliers |
Dissatisfaction from guests and partners |
Reduced ability to support local communities |
Staff unable to perform due to lack of resources |
Disruption in stock and service continuity |
Operations (4) |
Medium |
Medium |
Moderate |
Days to Weeks |
|
Regulatory or Legal Non-Compliance (e.g., Gaming laws, PDPA) |
Fines, penalties, suspension of licenses |
Casino and operations may be halted |
Breach of regulatory frameworks |
Reputational loss in global gaming and hospitality markets |
Perception of poor governance |
Employees’ roles impacted if licenses are suspended |
IT/data-related breaches tied to compliance |
Legal & Regulatory (5) |
Medium |
High |
Severe |
Weeks to Months |
|
Fire Safety Incident (Localised Fire) |
Revenue loss due to evacuation and temporary closure |
Temporary halt to affected sections (casino, hotel wing) |
Regulatory investigations, fines for safety lapses |
Public perception of unsafe environment |
Impact on customer and staff well-being |
Employee and guest injuries |
Damage to physical assets, IT hardware |
Assets (4) |
Low |
Medium |
Moderate |
Days to Weeks |
|
Labour Disputes or Staff Shortages |
Higher labor costs, potential revenue impact |
Service delivery delays in hotels, F&B, conventions |
Possible non-compliance with labor laws |
Damage to employer brand, negative media |
Impact on corporate responsibility as major employer |
Staff morale and turnover affected |
HR/Payroll IT system disruption |
People (4) |
Medium |
Medium |
Moderate |
Days to Weeks |
Summing Up ...
The Risk Impact and Likelihood Assessment for Marina Bay Sands (MBS) highlights the multi-dimensional threats that could disrupt its integrated resort operations.
The analysis demonstrates that pandemic outbreaks, cybersecurity breaches, terrorist threats, and regulatory non-compliance represent the most severe risks due to their high impact across finance, people, and IT systems and their potential for long-term disruption.
Through this structured assessment, MBS is equipped to prioritize risks requiring immediate mitigation strategies, such as strengthening cybersecurity resilience, enhancing public health readiness, and reinforcing regulatory compliance programs.
Additionally, medium-level risks such as supply chain disruptions, labour disputes, and localized fire incidents must be addressed through contingency planning and operational flexibility.
By integrating these insights into its broader Business Continuity Management (BCM) framework, MBS can reinforce resilience, safeguard its reputation as a premier global destination, and ensure continuity of service excellence even during disruptive events.
More Information About Business Continuity Management Courses
To learn more about the course and schedule, click the buttons below for the BCM-300 Business Continuity Management Implementer [BCM-3] and the BCM-5000 Business Continuity Management Expert Implementer [BCM-5].
![Register [BL-B-3]*](https://no-cache.hubspot.com/cta/default/3893111/ac6cf073-4cdd-4541-91ed-889f731d5076.png)
![FAQ [BL-B-3]](https://no-cache.hubspot.com/cta/default/3893111/b3824ba1-7aa1-4eb6-bef8-94f57121c5ae.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
