A risk assessment is a systematic and forward-looking analysis of the impact and likelihood of potential future events on the achievement of an organization’s business objectives within a stated time horizon. An effective enterprise risk assessment process lays the foundation for management to respond with confidence to the question, “What are our most critical risks?” It also instills confidence in the board of directors that management has a basis for answering the question.
This guide outlines the process of completing a facilitated risk assessment session. The facilitated session is designed to encourage cross-functional communication that will build consensus around the risks that really matter. It is not a performance appraisal—it is a diagnostic tool to help focus your risk management priorities.