The Risk Management process follows a 4 step procedure that repeats itself periodically. Each of the typical four stages used in practice has been summarised below. 

Risk Identification – The risk identification process involves an investigation of where the organisation is exposed to uncertainties and potential dangers.

Risk Assessment and Prioritisation – Establishing the significance of the identified risks and prioritising them accordingly based on criticality. These factors assist in decisions on whether risks should be addressed or ignored.

Risk Treatment – Process of developing and implementing strategies to control the risks that need to be addressed.

Monitor and Review – The Monitor and Review stage analyses the effectiveness of our implemented controls by re-assessing our risks. Also, alterations in the business environment prompt the constant review and update of the risk management package preparing us for future risks.

These steps in the risk management process and methods for conducting each stage are explained further in their respective sections.