Risk Matrix

Description

In a qualitative approach, risks are usually categorized into “high”, “medium” and “low”, and are represented in a risk matrix. This risk matrix represents the possibility and severity in order to integrate the potential accident scenarios that were identified in the threat identification stage. Inside the matrix, the criticality of a risk, through the use of colors, can identified. The results provided by this matrix can be used to compare risks and identify improvement and mitigation measures.

Effort

Low

Complexity

Low

Method Type

Semi-Quantitative

Qualitative

ISO 31000

Risk Analysis - Likelihood

Risk Analysis - Severity

Risk Evaluation

Prerequisites

Risk matrix template

Basic Approach

1. Determining the probability of occurrence based on the possible threats/causes
2. Determining the severity of the consequences
3. Extracting the evaluation class from the matrix (red, orange or green areas)

Advantages

  • Simple evaluation of risks
  • Provide a possibility to rank the identified risks
  • Adequate representation based on color coding

Disadvantages

  • It may over-simplify complex situations, particularly where quantification is attempted
  • Subjectivity can affect the quality of the analysis and evaluation

PDF