Risk Assessment and Management

The purpose of this section of the Business Plan is to show that:

  • All the risks involved in the delivery of the business plan have been identified.
  • There is a plan to address them - should they arise - that is based on an assessment of their impact on the business.

This section of the business plan should outline the result of the risk assessment which can be developed in three steps:

Identifying Risks – with all stakeholders by using an analysis based on the SWOT method - Strengths, Weaknesses, Opportunities and Threats to the project or the promoting organisation. Alternatively a PEST Analysis (Political, economic, social, technological) can be used. Instructions on how to do this can be found here. For a list of potential risks and impacts click here

Risk Assessment - Once identified the risks to the proposals in the business plan can be assessed against two questions: How likely is the risk? What will happen if it does occur? A simple scoring system can then be used to decide which risks are the most important to address and agree plans for mitigation. Once this has been those which score highest should be addressed first and then all other addressed in turn until those which are both unlikely and will have limited impact have a plan to address them should they arise. To see a template to do this click here.

Risk Control

The risk assessment can be developed into a risk control strategy by considering whether each risk to your plans can be addressed by sharing it, avoiding it, managing it or accepting it. Ideally it should be possible to manage all of them.