Risk evaluation methods
What is the 'best' risk evaluation method?
Risk evaluation is one of the most important parts of project management and of running any business. Every project which is undertaken by a company - whether that be a construction project, specific product production run or anything else - requires the management and mitigation of risk.
The type and amount of risk associated with the running of a project or operation is of course largely dependent on the type of industry and company. Construction companies have very different risks to IT companies, but both assume a lot of risk.
One of the most important parts of risk and hazard management is risk evaluation.
When considering the 'best' risk evaluation method for your company or projects, it's important to think about what makes the most sense for you.
How an IT company evaluates risk will share some common ground with how the construction company evaluates risk, but there will also be some practical difference between how they get evaluations done.
For example, a completely office based IT company can probably afford to draw out some extensive what-if analyses and fault trees, whereas a construction company is much more likely to lean on the more practical risk assessment.
In general, the combination of risk assessments and risk registers is the most common and 'best' risk evaluation method. Risk assessments are very practical and easy to conduct before conducting tasks, while risk registers enable the macro-level evaluation of a series of risks in a reliable way.
Risk assessment has become synonymous with risk evaluation because it is so commonly used and trusted. Other good and trusted risk evaluation methods include:
- What-if analyses
- Safety and other functional checklists
- Fault tree analysis (FTA)
- Failure mode and effect analysis (FMEA)
- Hazard and operability study (HAZOP)
When should we evaluate risk?
The key to any risk evaluation method is that it is used. The weakness of risk evaluation is that it isn't action-oriented, it is inherently preventative.
This means that people and companies need to have proactive procedures and processes for when risk evaluations or risk assessments are employed - otherwise you move away from risk evaluation towards project issue management.
The risk evaluation procedures you put in place will once again depend on the risk evaluation methods you lean on, but assuming you use risk assessments and other basic risk evaluation methods, your risk assessment processes should be pretty obvious.
For example, a normal construction company who operate on pretty standard construction projects have a few key phases of the project lifecycle when they need to assess risk on a project level:
- Safety risk
- Commercial risk
- Financial risk
- Environmental risk
These phases are prior to work commencing and when there are any major changes.
In addition to this level of risk evaluation, it's also critical that part of the company's risk evaluation method enables people on the ground to assess risk at all times.
These every day risk evaluations are very different to assessing risk from a company or project level, and ensure that the company is operating safety and evaluating risk down to the human level.
When to evaluate risk comes down to the nature of your work, but you should evaluate risk as much as possible where possible and feasible. Evaluating risk is almost never a waste of time, because circumstances and conditions are always changing - and evaluating risk always makes people more aware of risk, which is half the battle.
See and use more risk evaluation examples here.
How to implement your risk evaluation method
Once you have chosen your favoured risk evaluation method, the hard part starts, which is implementing your risk evaluation method in a way which makes it valuable.
This is where it's important to have a practical risk evaluation method.
If it's extremely difficult for workers to engage in and manage your risk evaluation method, then it probably won't get done. Making it as easy and frictionless as possible is the aim of the game.
For example, most construction and site based companies now take advantage or risk assessment and site apps.
These apps make it easy for workers to conduct risk assessments directly from site, and then auto-populate your important company risk management levers like your risk registers.
If you conduct all of your risk evaluations from an office, then you may have some excel templates which people can open, access and complete whenever required.
The other really important parts (and often ignored) part of any risk evaluation method are training and culture.
Too many companies choose a risk evaluation method, implement it at the management level, and then assume that they will get company and worker buy-in.
This is often the down fall of many safety management processes.
Instead, the company should get worker feedback and input on the risk evaluation method when it is being chosen and implemented, and then continuous feedback and insight about how it can be improved.
Only then can you get proper risk evaluation coverage across the organisation and create a more complete safe working environment.
People in 80+ countries use this safety management software to better manage safety across their organisation.