Last Saturday I presented my 2021’s MasterClasses Day where in one day I shared my 4 MasterClasses. One of the topics Food Safety Professionals always look for is Managing Organizational Risks. This is out of our comfort zone… we are comfortable with food safety risks, right? For this month’s article I decided to offer everyone (after all is Christmas time 🎄 ) section 3 of my Managing Organizational Risks e-book. Enjoy!
Managing Organizational Risks is an ongoing process, it is an iterative process. In the figure below, there are 6 steps in the framework to guide you go through it.
1- What are we trying to achieve? First of all, you have to know where the organization is going, and what is its mission, vision and goals are.
2- What can happen? By definition, risk is the effect of uncertainty in goals. At this stage you may use tools such as SWOT analysis to identify Strengths, Weakness, Opportunities and Threats; with this tool, you’ll identify what can obstruct or help achieve the goals. Other tools you may use are McKinsey 7S model (to survey internal issues) and PESTEL (to survey external issues).
3- Which risks are more impactful? As soon as you identify the risks, you should prioritize those risks according to how likely is it to happen and how severe the consequences are marked. A simple risk matrix of likelihood and severity may be used and the result compared with a specific criteria (threshold) previously defined.
4 – What shall we do? Now you know which risks are above your threshold and require action. It is time to develop mitigation treatment measures designed to protect from threats and to maximize opportunities.
5- Did it work? It is not time to go on vacation! 🏖️ First, do what you said you would do (treatment measures) and then check if actions are achieving intended results. Many times, some treatment measures may backfire and you should not wait a whole year to find out. Delegate the person(s) responsible for implementation of measures, set the due date and then establish how you will check the implementation process and its effectiveness.
6- What changed? Everything is changing. Organizations change, regulations change, technology changes, and well the whole world changes. Any change can introduce new risks and this is why you should regularly assess for new risks.
But the question is, what should the frequency of the assessment be? A typical annual risk assessment may be adequate for an organization to meet its minimal compliance obligations. However, you may revisit your risk assessment more often and informally to reassess for any changes in the risks and determine the effectiveness of the actions taken. Do trend analysis!
Would you add any additional steps to my framework? Share any tip you have on this topic because I am sure, somewhere in the World, another Food Safety Professional will make good use of it.
This article was written by Nuno F. Soares.
Contributing Editor: Jocelyn C. Lee, Food Safety Consultant
Disclaimer: The information contained on this article is based on research done in the last months and the authors personal experience and opinion. It is not intended to represent the view of any organization they work for or collaborate with. The authors will not be held liable for the use or misuse of the information provided in the article.