Following is something I learned while working in Risk Management for cybersecurity and other IT concerns. This is my generic plan for managing any risks, technical or not.
- Identify Risk
- Consider probability
- Consider Impact
- Plan for Avoidance or Reduction
- Backup Plan
The worst time to plan is when in the middle of crisis. Risk management doesn’t have to be too formal. If you at least consider risk, you have a better chance of getting through a crisis more easily.
Following are 2 examples of risks. You live in the southern tip of Texas. Consider the risk of a blizzard using the generic steps.
- Blizzard
- Highly unlikely
- Local services will likely be shut down
- Keep some extra food and water stored in home
- Follow government evacuation/relief plan or self-evacuate
Now, consider a persistent heat wave with extreme temperatures.
- Heat Wave
- Highly likely
- Affects physical ability/health, increases probability of fire, inhibits machine operation
- Plan for hydration/rest/shade to prevent heat casualty, plan for fire suppression, decrease use of machinery
- Evacuate or follow local government advisories
There are more considerations for Risk Management, but this format allows for basic planning. The chief consideration is #2, the probability or likelihood of occurrence. This allows for better planning and directing resources where they are best used.
From the examples, a heat wave is likely to occur, so you will spend more time working on that risk. You are not likely to experience a blizzard, so it is less important to plan for it. You can set your order of work by the likelihood of the risk.
Tailor a full plan to your expected risks, which will likely include such items as a manual crank radio, water, food, etc.
One Student analogized this as leaving he bar late at night and deciding a route home. Since he knew one city had checkpoints for pulling folks over without cause, he avoided it on his drive home. This is a form of Risk Avoidance. 😉