Photo by Jason Goodman on Unsplash

Happy New Year – this is the time of year when we reflect on the year that has passed and look to see what we want to achieve for the coming year.   One New Year custom is to open the front door to welcome in the New Year and the back door to let out the old. From a business perspective it is a good time to look at our business, review where we are, are we where we thought we would be, what we can improve on.  We can open our front door to new opportunities and the back door to let go of what no longer serves us.

But what if you don’t know where to start, for some business owners they don’t have the luxury of having other people to do this for them as they are wearing many hats and time is in short supply.  Over the next couple of months, I am going to look at some tools to assist you on your journey. First on my agenda is looking at putting together a Risk Register.

Tool #1 – Business Risk Register

When we talk about Risk Registers, health & safety may be the first thing that comes to mind but this can be applied to your whole business.  Make a list of all the areas of your business, you can use the PESTLEheadings (political, economic, social, technological, legal and environmental).  These are external to the business and then internally look at areas such as your staff, finances, marketing and any other areas related to your business strategy.  Once you have identified the relevant areas you can use the following headings to analyse them:

ID number – number each item on your list

Category – what part of the business does it apply to

Risk Definition – of the item you are including

Consequences – if the risk materialised what would be the consequences

Preventative Action – what could be put in place to eliminate or mitigate the risk.  

Level of risk – it is high/medium/low

Responsibility – who is responsible for this item and importantly are they aware that they are.

Analysing your business isn’t something that should be done in isolation, include input from other stakeholders in your business to gain different perspectives.  Stakeholders include anybody who has an interest in the business including customers, shareholders, employees.  Often, we leave out the people who are actually carrying out the tasks which limits our understanding of the roles and risks involved.

You need to decide how often you will review the register; it is prudent to review this frequently to:

ensure that the items are being addressed,
if anything, new needs to be added, taken off,
is there any change to the level of risk for any item?

As mentioned above you need to have a discussion with the person/people that will have responsibility for the different items on your register.  Do they have the requisite skills to carry out what is expected of them and importantly have they accepted responsibility for this item?

Designing a risk register will also help you with your Business Continuity Plan which details the processes and procedures that will assist you to keep your business going or restore them as quickly as possible in the event of a major disaster.

 

I have included a simple table below to give you an example of what may be included:

 

ID NOCATEGORYRISK DEFINITIONCONSEQUENCESPREVENTATIVE ACTIONLEVEL OF RISKRESPONSIBILITY
‘001CustomersCustomers are unhappy with our serviceReduced sales resulting in the business being unable to meet its liabilitiesCarry out a customer satisfaction survey.

Review the results, address any issues highlighted.

Carry out customer service training with employees.
LowSales & Marketing Manager
‘002Compliance/
GDPR
Data not being securedFear that data may be leaked and the business fined for noncompliance.Carry out a review of all the personal data held by the business. Ensure all computers holding personal data are password protected or held in secure locations.HighOverall responsibility will be given to the HR Director but will apply to all depts who hold personal data.