Risk management is a 5 stage process. These processes go simultaneously. These steps are to be followed for having a good risk management. These steps are listed and explained below:
1- Risk Identification:-
This is the first and the most important step of risk management. One cannot do anything with the risk unless and until that risk has been clearly identified. Risk identification starts from where the problem originates. Risk identification can be objective based, scenario based, taxonomy based and common risk checking.
2- Risk Analysis:-
Risk analysis includes analyzing the risk and measuring its vulnerability or its impact. Frequency and severity of the risk will be analyzed as well. Risk management can be quantitative as well as qualitative. Numerically determining the probabilities of various adverse events and expected extent of losses if any unexpected event occurs is a Quantitative Analysis where as defining the various threats, devising countermeasures and determining the extent of vulnerabilities is referred to as Qualitative Risk Analysis.
3- Risk Control:-
After analyzing the risk then decided that how can the risk be controlled. If the risk can be controlled by in house then well and good, if not then decide on how to transfer that risk. Risk control is the entire process of procedures, systems, policies an organization needs to manage prudently for all the risks which are arising.
4- Risk Transfer:-
If the risk is not manageable and one cannot retain that risk, then we have to transfer that risk to a third party. This is the stage where insurance comes in action. Insurance will be willing to take on those risks which the organization can’t handle.
5- Risk Review:-
Risk review is the last step in which all the above mentioned steps are evaluated. Review must be regular as the conditions and the circumstances of the business and organizations changes continuously. It should be monitored that the desired results of the risk management are being achieved or not and if not then identifying that where the problem occurred and then reviewing all the steps and making the changed in the management according to scenario.