
The purpose of this section of the Business plan is to show that:
- All the risks involved in the delivery of the business plan have been identified.
- There is a plan to address them - should they arise - that is based on an assessment of their impact on the plan.
This section of the business plan should outline the result of the risk assessment which can be developed in three steps:
Identifying risks
All the risks associated with the project should be identified, ideally using a SWOT Analysis (Strengths Weaknesses Opportunities and Threats) or a PESTLE Analysis (Political, economic, social, technological, legal and environmental) with project stakeholders. The risks identified may include the following:
Potential risks and impacts |
|
Area of risk |
Potential impact |
Management/Governance |
Potential for financial losses |
Operational |
Financial losses |
Environmental / External |
Financial losses |
Financial |
Financial losses |
Legal compliance |
Legal action |
Download this table at the end of the page
Risk assessment
Once identified the risks to the proposals in the business plan can be assessed against two questions:
- How likely is the risk?
- What will happen if it does occur?
A simple scoring system can be used to decide which risks are the most important to address and agree plans for mitigation. Once this has been done, those which score highest (IV in the table below) should be addressed first and then all others addressed in turn. Finally you are left with those which are both unlikely and will have limited impact (I in the table) and you can develop a plan to address them should they arise.
Likelihood of Occurrence (Chance of Happening) ↑ |
III High Likelihood |
IV High Likelihood |
I Low Likelihood |
II Low Likelihood |
|
Level of Severity of Impact → |
Risk control
The risk assessment can be developed into a risk control strategy by considering whether each risk to your plans can be addressed by sharing it, avoiding it, managing it or accepting it. Ideally it should be possible to manage all of them.
For example a risk to a project may be reduced rental income due to a high turnover of small business workspace tenants.
This risk can be avoided by either hoping it will not happen or trying to pass it on to the tenants by increasing notice periods for tenancies in letting and leasing arrangements.
This risk can be managed by having excellent credit control and tenant liaison processes so that problems with payments are quickly identified and by developing active waiting lists for tenancies from good publicity and marketing.
This risk can be accepted - on the basis that small businesses have high levels of failure and that the risk is a feature of the business of providing small business workspace.