Any risk can be characterized by two quantities: impact and likelihood.

The impact of a risk is a measurement of the effect the risk will have on your objectives if it occurs. The likelihood of a risk is a measurement of the extent to which it is likely to occur.

The greater the impact and the greater the likelihood of a risk, the greater its severity. If you can measure impact and likelihood on numerical scales, such as 0-1 or 0-100%, you can form a simple severity measurement by multiplying the two together. However, because impact and likelihood tend to affect risk severity in different ways, it is usually better to use a pictorial description of severity.

Risk Matrix
The risk matrix is a commonly used to combine impact and likelihood into a single measure of severity.

The matrix is usually divided into red, yellow and green zones, as shown here, representing major, moderate and minor risks.

Impact and likelihood are measured on this matrix using an arbitrary 1-5 scale. You can attach whatever meaning you like to these scales, provided you do so consistently.

To Top

Assessment Data Quality
Another factor to be considered in assessing risk is the quality of the data, or precision, that is available to us. If we have reliable and reasonably detailed information about a risk, then our assessment of that risk is likely to be reliable as well. However, if our information is only sketchy or untrustworthy, our assessment will probably be provisional and will be subject to revision as our knowledge and understanding of the risk increases.

To Top