Skip to main content Accessibility help
  • Print publication year: 2017
  • Online publication date: August 2017

8 - Risk Identification



Once the context within which risks are being analysed is clear, and a full risk taxonomy available, it is time to start identifying risks. The point of the risk identification process is to decide which of the many risks that might affect an organisation currently do so, or may do so in future. Part of the risk identification process also involves determining the way in which risks will then be analysed, in particular whether a qualitative or quantitative approach will be used. These, and other factors, are included in a risk register, discussed in Section 8.5.

Risk identification should be done as part of a well-defined process. This ensures not only that as many risks as possible are identified, but also that they are properly recorded.

There are four broad areas to risk identification. The first concerns the tools that can be used, whilst the second concerns the ways in which the tools are employed. Identification also includes an initial assessment of the nature of the risk, and also the way in which the risk is recorded. Each of these aspects is discussed in turn.

Risk Identification Tools

In this section, a range of potential risk identification tools is discussed. These can generally be used in a number of ways and simply describe the starting point for the generation of ideas. Some common tools are described below.

SWOT Analysis

SWOT – standing for strengths, weaknesses, opportunities and threats – analysis is one of the best known techniques for strategy development. However, it can also be used to identify risks. Having said this, its scope is much broader, covering not just the negative aspects of the risks but the positive prospects for future strategies.

Strengths and weaknesses are internal to the organisation whilst opportunities and threats are external. In this way, SWOT analysis ensures that both the internal and external risk management contexts of an organisation are considered.

It is important to recognise what constitutes a strength or a weakness. In particular, strengths only matter if they can be used to take advantage of an opportunity or to counter a weakness; conversely, weaknesses are important only if they result in exposure to a threat.

Some broad categories for SWOT analysis are given in Table 8.1.

Recommend this book

Email your librarian or administrator to recommend adding this book to your organisation's collection.

Financial Enterprise Risk Management
  • Online ISBN: 9781316882214
  • Book DOI:
Please enter your name
Please enter a valid email address
Who would you like to send this to *