Welcome to the SAMTRAC Blog

Enterprise risk assessment methodologies: Conclusions and strategic recommendations

[fa icon="calendar"] 7/8/17 6:00 PM / by Jiaqi Sun

Jiaqi Sun

Cover pic 7 July 2017.jpg

We’ve come to the end of Jiaqi Sun’s review of enterprise risk assessment methodologies. All that’s left to do is sum up what we’ve discussed, with potential recommendations.

Let’s dig in.

Risk management and assessment are not new concepts and have been evolving for decades. Many methodologies and techniques originate from the military, aviation, shipping and petroleum industries, such as FMEA and bow-tie analysis. Today, they remain some of the major risk assessment tools in various industries, such as mining, manufacturing and construction.


Enterprise risk can be categorised by the consequence of an incident and the research focuses on hazard, operational, and strategic risks. Many risk assessment methodologies and techniques are common in managing these risks including OHSEQ. From a risk assessment perspective, it is a systematic process that forms a part of the iterative risk management feedback loop, as recommended by the ISO 31000 risk management principle and guideline.


The revised ISO standard is expected to become less prescriptive and allow organisations more freedom to develop their own in-house risk assessment frameworks, processes and methods that fit in their risk profiles. In line with this trend, organisations are expected to deploy a combination of qualitative, semi-quantitative and quantitative methods that are complementary to each other, as there is no single, perfect method for an organisation and its work activities.


Internal risks, such as OHS and operational risks, are more specific and controllable than external risks that are often systematic to the entire country where the organisation operates. High-impact incidents should use quantitative or semi-quantitative risk assessment methods, which typically require a large amount of data and more sophisticated approaches, such as Valueat-Risk and Monte Carlo simulation to improve the reliability of risk assessment outcome. Qualitative and semi-quantitative approaches, such as brainstorming and risk matrices, are simple and easy to use at a lower cost than quantitative methods, but they are to a large extent restrained by subjective assumptions and opinions.


Most qualitative and semi-quantitative risk assessment techniques are based on the risk matrix approach, which includes frequency (likelihood, or probability) and severity (impact, consequence) elements. Some quantitative methods extended the risk matrix approach by incorporating exposure and/or vulnerability elements for more technical risk assessment, such as health and cybersecurity risks. Moreover, some risk assessment techniques only focus one element of the model, for example, frequency or severity, such as HAZOP and fault tree, while others are more comprehensive, covering identification, analysis and/or evaluation techniques, such as the bow-tie analysis. This research has focused on those risk analysis and evaluation techniques that provide a comprehensive assessment instead of only one element of the risk evaluation equation.


Quantitative techniques, such as mathematical modelling and simulation with analytics software, are most effective to assess high-severity events such as natural disasters and terrorist attacks. However, the measurement of probability of such rare events is less reliable due to the high level of uncertainty. The integration of qualitative knowledge and judgement with quantitative models is a current practice to alleviate the issues of uncertainties, knowledge dimension, time dynamics, and the other disadvantages of risk assessment techniques. Despite a challenge, risk assessment or measurement should take into account the interrelationships among risk categories and risks in order to assess risk from a portfolio perspective, for example, regression and root cause analyses. There is also a need for substantial research and development to obtain adequate modelling and analysis methods to handle different types of systems, such as electrical utility infrastructure.


By adapting to the OHSE context, NOSA is expected to incorporate the commonly-used methodologies and techniques deployed in different industries and recommend for incorporating into training courses a combination of qualitative and quantitative approaches that are currently most effective in industries, such as mining, construction and manufacturing.


Book your SAMTRAC International  E-Learning course now


Topics: Risk methodologies, risk assessment techniques, risk analysis

Jiaqi Sun

Jiaqi Sun

Jiaqi is the R&D and Innovation, Market Research Lead at NOSA. Focusing on market research and consulting in the occupational health, safety, environment and quality (OHSEQ) risk management space for the South African, Chinese and other advanced markets such as USA, UK, Australia and Canada. He has so far engaged in the following projects: o Digital open innovation platform o Predictive analytics o Occupational psycho-social wellness o Business sustainability/Corporate social responsibility gap analysis o Fatigue management o Chinese occupational health and safety industry o Global harmonized system (GHS) for classification and labeling of chemicals o Mining industry operational improvement in South Africa and Africa o South African market overview and trends of mine mechanization and automation o South African and African markets feasibility for environment social and governance (ESG) market research o South African medical waste segregation and management training services market o South African training services market for equipment operation and maintenance in water dams o A conceptual framework linking OHSMS, productivity and sustainable enterprise value: A strategic analysis of the dynamic transmission mechanism o South African training market for electrical safety in hazardous locations (flammable gases and vapour) o Disability equality market overview o The OHSE incident management software market overview and strategic recommendations o The Design of welding machine inspection register o South African lone working OHS training market o Adult Basic Education and Training market expansion strategies in South Africa o OHSE growth in the school sector of South Africa

Subscribe to our blog
Download the SAMTRAC Mining glossary

Lists by Topic

see all