3.1.1 Risk identification
For 43, 77, the organization should firstly performe an exhaustive risk list.
Naturally occurring risks
Man-made or artificial risks
floods, hurricanes, tornadoes, volcanic eruptions, earthquakes, tsunamis, and other geologic processes
For example Fire acciednet
Explosiore (in case the educational instutue had a labortaroy
36, argue that to identify sources of risks, the organization shall develop a comprehensive list of all internal and external context risks they might impact the achievements of objectives. These risks could relate to events that might create or prevent an objectives, enhance or degrade that objectives, or accelerate or delay achieving the objectives also it should consider the risk not under the control of the organization.
The leadership in this phase is essential to perform an effective risk assessment for all business area, for 70, suggest a systems thinking approach for risk identification that includes assessment on the organizational value chain, defines the relationship among its components in the business area, and a categorization to analyze those relationships.
On the other hand, 78 proposes a temporal hierarchy for risk identification that considers how risk emerges, materializes and evolve as business activities progress over time. A hierarchical view of emerging risk provides a framework for identifying the conditions under secondary risks can evolve. While risk categorization helps decision makers to agree on a common language, the researcher considers that risk categorization reinforce placing risks on silos thus hindering co-operation between business areas. A hierarchy approach to risk identification breaks down risk causes and risk effects and derives from a general perspective into a more detailed description of identified risks. This method explores risk identification process based on risk relationships, evolution of risk and the movement of risk experienced overtime 78.