Definition
Risk Analysis (also Risk Assessment) is a set of analytic and/or quantitative activities that supports Risk Management. It can be considered the union of the two first pillars of a formal Risk Management Framework (thus not including Risk Mitigation).
Approach
Risk analysis entails identifying the risks to an organization, assessing the critical functions necessary for an organization to continue business operations, defining the controls in place to reduce organization exposure and evaluating the cost for such controls. Frequently it involves also the quantification of threats to an organization and the probability of them being realized.
Application Domains
The notion encompasses a large number of activities within organisations (and in particular such as banks and insurance companies where the management of risk has dominant role), for example:
- Credit Risk Analysis
- Operational Risk Self-Assessment Workshops
- Material Risk Assessment Exercises
- Political Risk Analysis
- Business Impact Analysis
- Disaster Risk Assessment
- Energy Risk Analysis
Methodologies
Risk analysis may or may not be dependent on quantification and risk models, but typically does involve structured analysis and interpretation of data. Overall process of Risk Identification, risk analysis, and risk evaluation.