As a business owner, you put a lot of time and energy into your business to make sure your customers are happy and that you can put food on the table.

So imagine if all that. time, effort, and money was for nothing. Imagine how you’d feel if it all came crashing down tomorrow as a result of an avoidable risk that you hadn’t accounted for.

A business risk assessment can help you avoid this.

But where do you start?

Here are some real-world scenarios and a business risk assessment example that you can take away and apply to your own business.

Business risk assessment: real-life examples

Any business faces a wide range of risks.

Some of these will be minor; others can have such catastrophic effects that they force closure of the business.

For this reason, we suggest that all business owners perform a business risk assessment to identify the risks you face and the steps you may need to take to mitigate these risks.

To illustrate the importance of assessing your weak spots, here’s a few real-life examples from businesses we’ve worked with:

  • A building business is compromised, costing $90,000

The computer system of a small building business was hacked. The infiltrator gained access to the builder’s email account to prepare invoices for current customers. These invoices obviously had the hacker’s bank account details rather than the builder’s.

One customer paid $90,000 to the hacker’s bank account; and this money was whisked away overseas before anyone suspected there was a problem.

The builder would have been legally able to collect the $90,000 because, after all, the client paid into the wrong account.

However, the negative word-of-mouth implications and feelings of guilt that would accompany such an action would have been too much to bear.

The building business owner ended up absorbing the loss himself, which meant completing a job with no profit whatsoever.

  • A hairdressing business is hacked, costing thousands

A small hairdressing business utilised a single computer to run its booking system. This computer contained all details about upcoming appointments and customer contact details.

They performed regular backups of this data but never checked whether these backups actually worked.

One day, they arrived at work to find that the computer had been hacked. They were threatened with the data being destroyed unless they paid a ransom.

This ransom was exorbitant but they now had no idea about what bookings they had in the coming days and weeks. This was debilitating for the business.

They couldn’t even accept new bookings as they risked doubling up, costing the business thousands of dollars.

  • A business loses hundreds of thousands – to an employee!

An internal accounts employee was given unrestricted access to the bank accounts and billing systems of a business.

This employee started creating fictitious invoices from three of the largest suppliers. The payments of these invoices were made direct to the employee’s own bank account.

Undetected over a number of years, the employee managed to defraud the business of hundreds of thousands of dollars.

Business risk assessment example in two steps

Let’s look at an example of a business risk assessment that you can follow in your own business. It involves two basic steps…

Step 1: Document all the risks that you face

Examples of these include:

  • If you produce products, there is a risk of theft
  • If your business requires specific licensing, there is a risk of non-compliance
  • Most businesses run the risk of customers’ confidential data being hacked or distributed

Step 2: Categorise your risks

The list you made in step one should be categorised by:

  • The likelihood of it occurring (high, medium or low)
  • The impact to your business if it occurs (high, medium or low)
  • The overall severity, based on the likelihood and impact (high, medium or low)

These categories will help you assess whether you need to take action to mitigate each risk.

You might be willing to take your chances with something that has a low chance of occurring and a low impact even if it does occur.

However, something with a high chance of occurring and a high impact would almost certainly require you to take some sort of preventative or mitigating action.

Common business risk examples

To get you started, here’s a list of some common business risks:

  • Employees are paid below the award wage
  • Non-payment from customers
  • Employees provide poor service to your customers
  • Theft of product or customers by employees
  • Spoilage of products caused by extreme weather
  • Shortage of stock when demand is high
  • Your customer data is hacked
  • Employee or client accidents in the workplace
  • Not meeting minimum licensing requirements
  • Not paying employee superannuation on time
  • Employees obtaining kickbacks or bribes from suppliers or contractors
  • Employees faking time sheets

Which of these business risks are you facing – and how would you categorise them?

If you’d like some guidance on performing a business risk assessment, please get in touch and our team will be able to assist.