Risk identification is the first step in the ERM process cycle, and has three components:
- Risk Categorization and Definition
SimErgy will modify its risk categorization and definition (RCD) tool, developed through years of research and client work, to suit your organization’s businesses. The RCD tool is a fairly comprehensive list of known potential risks, and includes a risk categorization hierarchy, the risks themselves, and definitions. The RCD tool provides a uniform lexicon for risks throughout the enterprise and becomes a natural focal point for many aspects of the ERM program. SimErgy will use this customized RCD tool to help develop, evaluate, or enhance your firm’s risk categorization and definition.
- Qualitative Risk Assessment
SimErgy will evaluate, or help perform, your qualitative risk assessment, which involves soliciting input from internal personnel about the organization’s key risks, including a qualitative scoring of likelihood and severity for each potential key risk. This is used to prioritize the list of potential risks and narrow them down to the list of key risks, which will be quantified in the next step in the ERM process cycle.
- Emerging Risk Identification
Emerging risk identification involves monitoring of known risks as well as environmental scanning for unknown risks. SimErgy will help you develop an approach for both of these components.