Entrepreneurs are by definition moderate risk takers and a strong risk management is an important source of competitive advantage for their businesses. In a business plan, it is important for the recipients to see that the company’s management is aware of the relevant risks and is actively managing them. At first, a company’s risks have to be identified. A grouping into common risk categories, like market risks, competitive risks, financial risks etc. can help to get a complete picture. The identified risks are then assessed in regard to their likelihood of occurrence and the potential impact when they occur. Finally, the most severe and probable risks can be encountered by a number of strategies.
Entrepreneurs are by definition moderate risk takers, so they should not let themselves get paralysed by risks. Strong risk management is an important source of competitive advantage. It focuses on identifying what could go wrong, evaluating which risks should be dealt with and implementing strategies to deal with those risks. Entrepreneurs can beat the odds and build a thriving and rewarding venture by learning to recognise and mitigate risks. In a business plan, it is important for the recipients to see that the company’s management is aware of the relevant risks and is actively managing them.
Uncertainty plagues businesses in countless ways, but we can group most risks into the following categories:
- Market risks: There is insufficient demand for the company’s product at the set price (CBPI 2005).
- Competitive risks: Companies often underestimate the number of competitors and overestimate their own competitive advantage. Competitors can endanger the business model in a number of ways (CBPI 2005).
- Technology & operational risks: These risks cover everything in regard to the execution of the business (research & development, manufacturing, logistics etc.) (CBPI 2005).
- Financial risks: The most fatal risk for a company is to run out of cash. Under this category, commodity price risks, exchange rate risks, interest rate risks, asset price risks and others can be grouped.
- People risks: People are often the most important as well as least predictable resource of a company. Here, failure in recruitment, motivation and retaining the right staff can be very dangerous.
- Legal & regulatory risks: The list of possible problems with legal or regulatory roots is almost endless and includes the legal form of the business, taxes, contracts and industry regulations.
- Systemic risks: This category comprises risks that threaten the viability of entire markets, not just single companies within the market. A rise in oil prices or low-cost labor in emerging economies are examples for systemic risks.
The identified risks can now be assessed. Commonly, this is done in regard to two dimensions, namely likelihood and impact. Likelihood describes the probability of occurrence of the risk and impact describes the severity of potential consequences when the risk occurs. By using a risk matrix in which the dimensions are the scales, it can be assessed how relevant the individual risks are for the company. In the figure below, a risk matrix with three levels for each dimension is shown. The number of levels can be chosen individually to reflect the necessary level of detail. Risks that are allocated to the red squares have to be dealt with emergently, while ‘green’ risks might be acceptable. The matrix helps to concentrate on the risks that really matter.
After identifying a company’s risks and assessing their likelihood and impact, risk strategies aim at getting the risks out of the red area of the risk matrix. There is a great variety of strategies that can be applied and it is depending on the individual company and its environment which one suits the best. However, there are a number of general strategic approaches towards risks:
- Risk avoidance: Abandoning or refusing to undertake an activity in which the risk seems too costly. Avoidance usually means not doing a task or project at all in the future but it can also mean redesigning work or a process so that the risky step no longer has to be taken (WARNER, 2013).
- Risk reduction:Using various methods to reduce the probability that a given event will occur. Although some risks cannot be avoided, most can be appreciably reduced. The primary control technique is prevention, including the use of safety and protective techniques.
- Risk transfer: Shifting the consequences of a risk to persons or organizations outside the business. The best known form of risk transfer is to cover insurance.
Risk assumption: Involving the planned acceptance of the risk of loss. In some instances, reducing certain risks can be too expensive. Generally, the entrepreneur will assume risks in which losses that occur will not produce significant financial consequences to the business.
Risk Management for the Small Business
This document provides an introduction into the different types of risks an entrepreneur faces.
CBPI (2005): Risk Management for the Small Business. In: The Entrepreneur’s Guide to Financial Maturity: URL [Accessed: 17.12.2015]How Do You Manage or Mitigate Risk?
Risk Management: Procedures, Methods and Experiences
This paper gives insights into the risk management process.
BERG, H.-P. (2010): Risk Management: Procedures, Methods and Experiences. In: Reliability and Risk Analysis: Theory and Applications: Volume 1 , 79-95. URL [Accessed: 17.12.2015]Risk Management for the Small Business
This document provides an introduction into the different types of risks an entrepreneur faces.
CBPI (2005): Risk Management for the Small Business. In: The Entrepreneur’s Guide to Financial Maturity: URL [Accessed: 17.12.2015]http://www.entrepreneur.com
An introduction into risk management for entrepreneurs, including risk strategies.
http://www.infoentrepreneurs.org
A comprehensive guide on how to manage risks.
http://blog.readytomanage.com/how-do-you-manage-or-mitigate-risk/
A comprehensive description on risk strategies.