This section of the toolbox enables the user to select certain criteria to filter the risk assessment methods. These criteria are based on the steps of the risk assessment process according to ISO 31000:2018 as well as the method properties. The analysis phase is further categorized into the analysis of causes, consequences, likelihood, and severity of the consequences. Each method property is further categorized into three levels: low, medium and high.
ISO 31000
Risk Identification
This step demands the organization to identify sources of risk, areas of impacts, their causes and potential consequences. The aim of this step is to generate a comprehensive list of risks that might negatively impact the organization, harm the people and/or the environment. This step should be continuously monitored based on any changes in the environment.
Risk Analysis
This step aims in analyzing the identified risks based on the associated causes and consequences along with their likelihood and severity respectively. Risk analysis provides an input to risk evaluation and to decisions on whether risks need to be treated, and on the most appropriate risk treatment strategies and measures.
Risk Evaluation
This step aims at the prioritization of the identified risks that have been analyzed in the analysis phase. This is in order to assist in making decisions about the risks that need urgent treatment. Risk evaluation involves comparing the level of risk determined during the analysis process with an established risk criteria.
Method Properties
Complexity
Effort
Method Type
Qualitative methods are more subjective but simpler than quantitative methods. Quantitative methods are more resource intensive. Semi-quantitative methods combine the qualitative and quantitative assessment aspects.