Understanding the risks your company faces is about more than simply identifying potential hazards; unless your company has unlimited resources, you also need to be able to quantify those risks in order to prioritize them in terms of mitigation. While that's a task that comes easily to some people, others can benefit from a risk map, a two-dimensional representation of risks that can help you see at a glance which risks demand more immediate attention – and resources.
Plus, risk maps can play an important role in helping other people in your organization understand the risks the company faces, especially when you're trying to promote buy-in for a risk-related expenditure. Many board members may not truly appreciate the relative risks a business faces; providing a visual aid can be tremendously valuable in ensuring your message is understood, even by those who may not have a “risk” mentality.
Plus, by using a risk map, decision-making among different departments can be facilitated and silos can be broken down: By plotting decisions of different departments on one map representing the entire company, it can be easier to see which decisions need to be prioritized.
More recently, the same technique has been used to map opportunities to make it easier to identify which opportunities represent the least risk and the most potential rewards.
Most risk maps use two axes: The vertical axis reflects the likelihood or potential frequency of a given risk, while the horizontal axis reflects the impact. You can see an example of a risk map (or “heat map,” as it is also sometimes called) at this Purdue University website. Using this design, moving farther to the right and/or up indicates increased risk, while activities or elements with the lowest risk are located closer to the lower left.
Developing a risk map is a skill that can take a little time to master, so before using one for a presentation to, say, your board of directors, set aside some time to consider the risks your company is facing and try plotting them on a simple two-axis map. You might be surprised how quickly your risk mitigation options begin to fall into place. Once your initial draft is complete, review it with a colleague and use their input to fine-tune it and gain additional insight that can help you allocate resources, make mitigation decisions and get that all-important board buy-in.