Risk Assessment Calculator
Identify, evaluate, and prioritize business risks using a professional likelihood-impact matrix. Get risk scores and prioritized action recommendations.
Risk Assessment Calculator
Evaluate and prioritize risks using likelihood and impact scoring.
Formula: Risk Score = Likelihood (1-5) × Impact (1-5)
Scores: 1-5 Low, 6-11 Medium, 12-19 High, 20-25 Critical
Understanding Risk Assessment
The Risk Matrix Approach
A risk matrix plots risks on a grid with likelihood on one axis and impact on the other. This visual approach helps teams quickly identify which risks need immediate attention versus those that can be monitored over time.
Risks in the upper-right quadrant (high likelihood, high impact) are critical and require immediate mitigation plans. Risks in the lower-left quadrant may only need periodic review.
Risk Scoring Formula
Risk Score = Likelihood × Impact
Likelihood Scale (1-5):
- 1 = Rare (less than 5% chance)
- 2 = Unlikely (5-20% chance)
- 3 = Possible (20-50% chance)
- 4 = Likely (50-80% chance)
- 5 = Almost Certain (over 80%)
Risk Score Interpretation
Monitor & Accept
Plan Mitigation
Immediate Action
Urgent Priority
Identify Risks
Brainstorm potential risks across all categories: strategic, operational, financial, compliance, technology, and reputational.
Assess & Score
Rate each risk for likelihood (1-5) and impact (1-5). Calculate risk scores to prioritize your response efforts.
Mitigate & Monitor
Develop mitigation plans for high-priority risks. Implement controls and establish ongoing monitoring processes.
Common Risk Categories
Strategic Risks
- - Market disruption by competitors
- - Changes in customer preferences
- - Failed mergers or acquisitions
- - Geographic or product expansion failures
Operational Risks
- - Supply chain disruptions
- - Key employee turnover
- - Process or quality failures
- - Natural disasters or facility issues
Financial Risks
- - Cash flow shortages
- - Customer credit defaults
- - Currency fluctuations
- - Rising costs or margin pressure
Compliance & Technology Risks
- - Regulatory changes or violations
- - Data breaches or cyberattacks
- - System outages or failures
- - Privacy and data protection issues
Frequently Asked Questions
What is a risk assessment matrix?
A risk assessment matrix is a tool that helps organizations evaluate and prioritize risks by plotting them on a grid based on two factors: likelihood (probability of occurrence) and impact (severity of consequences). Risks in the high-likelihood/high-impact quadrant require immediate attention, while low-likelihood/low-impact risks may only need monitoring.
How do you calculate a risk score?
Risk score is typically calculated by multiplying likelihood by impact: Risk Score = Likelihood × Impact. Both factors are usually rated on a scale of 1-5, giving scores from 1 (minimal risk) to 25 (critical risk). Scores of 1-5 are typically low risk, 6-11 medium risk, 12-19 high risk, and 20-25 critical risk.
What are the main categories of business risk?
The main categories include: Strategic risks (competition, market changes), Operational risks (process failures, supply chain), Financial risks (cash flow, credit), Compliance risks (regulatory, legal), Technology risks (cybersecurity, system failures), and Reputational risks (brand damage, public perception).
How often should risk assessments be performed?
Risk assessments should be performed at least annually as part of strategic planning. Critical risks should be reviewed quarterly, and reassessment should occur whenever there are significant changes such as new projects, regulatory changes, market shifts, or security incidents. Continuous monitoring is recommended for high-impact risks.
What is the difference between inherent and residual risk?
Inherent risk is the level of risk before any controls or mitigation measures are applied. Residual risk is what remains after implementing risk controls. For example, a cybersecurity threat might have high inherent risk, but after implementing firewalls, training, and monitoring, the residual risk is reduced to medium or low.
Need Professional Risk Management Templates?
Get comprehensive risk registers, assessment frameworks, and mitigation plan templates used by Fortune 500 risk management teams.