What are Risk Assessment Scales?
Risk assessment scales help you identify, measure, and prioritize potential problems for your business. They do this by looking at how likely a risk is to occur (probability) and how much damage it could cause (impact). Using these scales, you can figure out how serious the impact would be and how likely it is for each specific risk. These same levels are often used to create a 'risk matrix,' a simple chart that helps you visually understand how significant each risk is.
- Impact Level: How severe the consequences would be
- Probability Level: How likely the risk is to occur
- Overall Risk Score: Usually calculated by multiplying the Impact Level by the Probability Level
Commonly Used Scales for Risk Assessment
Popular scales for risk assessment o evaluate the severity and likelihood and level of risks use 3, 4 or 5 steps. These scales help in systematically assessing and prioritizing risks based on their potential impact and probability, and evaluate and then prioritize risk level:
- 3-point scale: Low, Medium, High
- 4-point scale: Negligible, Minor, Major, Critical/ Catastrophic
- 5-point scale: Insignificant, Minor, Moderate, Major, Critical/Catastrophic
These scales help to systematically assess and prioritize risks based on their potential impact and likelihood, and to evaluate and then prioritize the level of risk. Which scale you use is purely up to your methodology. In our experience, the 4-point scale that is set as the default in the risk register is the best.
Default 4-Point Risk Rating Scale
Probability:
- Low: Extremely unlikely, very low chance that the risk will occur.
- Medium: Normally possible.
- High: Highly likely, the risk is likely to occur.
- Almost Certain: Bordering on certainty, the risk will almost certainly occur.
Impact:
- Negligible: Minimal or no impact.
- Minor: Small impact that can be easily handled.
- Significant: Significant impact that requires management.
- Critical: Severe impact that can be catastrophic.
Risk Level:
The level of risk is calculated by combining probability and impact. Here is a common range:
- 1-4: Negligible, Low Risk - Acceptable, no action required.
- 5-8: Moderate Risk - Monitor and manage.
- 9-12: High Risk - Requires immediate attention.
- 13-16: Extreme, Catastrophic Risk - Immediate and significant action required.
Example of a 3-Level Risk Assessment Scale
Probability:
- Low
- Medium
- High
Impact:
- Small
- Medium
- High
Risk Levels:
- Low
- Moderate
- High
Example of a 5-Point Risk Assessment Scale
Probability:
- Almost Impossible, Rare: Very unlikely to happen.
- Unlikely: Possible but not expected to happen.
- Moderate: May happen occasionally.
- Probable: Expected to occur under many circumstances.
- Almost Certain: Very likely to happen.
Impact:
- Insignificant: Minimal or no impact.
- Minor: Low impact, easy to control.
- Moderate Noticeable impact, requires management.
- Major: Significant impact, requires thorough management.
- Severe: Critical impact, can be catastrophic.
Risk Levels:
- 1-4: Tolerable, Low Risk – Acceptable, no action required.
- 5-9: Moderate Risk – Monitor and manage.
- 10-16: High Risk – Requires attention.
- 17-20: Very High Risk – Requires immediate attention, significant action needed.
- 21-25: Extreme Risk – Immediate action or termination of activity required.
How to Adjust Risk Impact and Likelihood
- You enter impact and probability levels on the Risk card
- The default settings (4 levels) can be easily changed
- See how you can customize risk levels or their names to your methodology