Beyond the EU: DORA and NIS 2 Directive's Global Impact
Risk assessment
1. RISK MANAGEMENTRISK MANAGEMENTRISK MANAGEMENTRISK MANAGEMENT
RAJASHREE POLYFILRAJASHREE POLYFIL
(A DIV. OF CENTURY ENKA LTD.)
BY : PANNALAL SONIBY : PANNALAL SONI
2. GENERAL
Risk is the potential of losing something of value. (such as
health & wealth)
A probability or threat of damage, injury, liability, loss or any
other negative impact that is caused by external or internal
vulnerabilities (inability to withstand the effects) and that
may be avoided through sound preventive action.
In CompaniesIn Companies : Risk is "an uncertain event or condition: Risk is "an uncertain event or condition
that, if it occurs, has a positive or negative effect on athat, if it occurs, has a positive or negative effect on a
companies goal" and itcompanies goal" and it isis inherentinherent with any of our activity.with any of our activity.
4. OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
5. Health & Safety Risk is the outcome of Hazards hence,Health & Safety Risk is the outcome of Hazards hence,
Hazard Identification is must to Assess & Mitigate such RISKHazard Identification is must to Assess & Mitigate such RISK
Health & Safety Risk is the outcome of Hazards hence,Health & Safety Risk is the outcome of Hazards hence,
Hazard Identification is must to Assess & Mitigate such RISKHazard Identification is must to Assess & Mitigate such RISK
OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
6. Health & Safety Risk is the outcome of Hazards hence,Health & Safety Risk is the outcome of Hazards hence,
Hazard Identification is must to Assess & Mitigate such RISKHazard Identification is must to Assess & Mitigate such RISK
Health & Safety Risk is the outcome of Hazards hence,Health & Safety Risk is the outcome of Hazards hence,
Hazard Identification is must to Assess & Mitigate such RISKHazard Identification is must to Assess & Mitigate such RISK
OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
7. OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
● Common Hazards at Shop Floor
● Risk associated with each Hazards
● Risk Assessment / Risk maping
● Risk Management Procedure
Health & Safety Risk is the outcome of Hazards hence,Health & Safety Risk is the outcome of Hazards hence,
Hazard Identification is must to Assess & Mitigate such RISKHazard Identification is must to Assess & Mitigate such RISK
Health & Safety Risk is the outcome of Hazards hence,Health & Safety Risk is the outcome of Hazards hence,
Hazard Identification is must to Assess & Mitigate such RISKHazard Identification is must to Assess & Mitigate such RISK
8. ● Common Hazards at Shop Floor
● Risk associated with each Hazards
● Risk Assessment / Risk maping
● Risk Management Procedure
1. Physical Hazards1. Physical Hazards
2. Mechanical Haz.2. Mechanical Haz.
3. Electrical Haz.3. Electrical Haz.
4. Chemical Haz.4. Chemical Haz.
5. Biological Haz.5. Biological Haz.
6. Human Hazards6. Human Hazards
a. Physiologicala. Physiological
b. Psychologicalb. Psychological
7. Other Hazards7. Other Hazards
1. Physical Hazards1. Physical Hazards
2. Mechanical Haz.2. Mechanical Haz.
3. Electrical Haz.3. Electrical Haz.
4. Chemical Haz.4. Chemical Haz.
5. Biological Haz.5. Biological Haz.
6. Human Hazards6. Human Hazards
a. Physiologicala. Physiological
b. Psychologicalb. Psychological
7. Other Hazards7. Other Hazards
OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
9. ● Common Hazards at Shop Floor
● Risk associated with each Hazards
● Risk Assessment / Risk Maping
● Risk Management Procedure
1. Injury1. Injury
2. Ilness2. Ilness
3. Diability3. Diability
4. Death4. Death
5. Fire5. Fire
6. Explosion6. Explosion
7. Toxicity7. Toxicity
8. Env. Damage8. Env. Damage
9. Health impairment9. Health impairment
10. Other10. Other
1. Injury1. Injury
2. Ilness2. Ilness
3. Diability3. Diability
4. Death4. Death
5. Fire5. Fire
6. Explosion6. Explosion
7. Toxicity7. Toxicity
8. Env. Damage8. Env. Damage
9. Health impairment9. Health impairment
10. Other10. Other
OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
10. ● Common Hazards at Shop Floor
● Risk associated with each Hazards
● Risk Assessment / Risk Maping
● Risk Management Procedure Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
11. ● Common Hazards at Shop Floor
● Risk associated with each Hazards
● Risk Assessment / Risk Maping
● Risk Management Procedure Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
OCCUPATINAL HEALTH & SAFETY RISK MANAGEMENTOCCUPATINAL HEALTH & SAFETY RISK MANAGEMENT
14. RiskRisk = Likelihood of occurrencesLikelihood of occurrences XX ImpactImpactRiskRisk = Likelihood of occurrencesLikelihood of occurrences XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Easy ExampleEasy ExampleEasy ExampleEasy Example
15. Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
RiskRisk = Likelihood of occurrencesLikelihood of occurrences XX ImpactImpactRiskRisk = Likelihood of occurrencesLikelihood of occurrences XX ImpactImpact
Score Likelihood Definition
01 Rare Existing Control Very Strong to mitigate the risk
02 Unlikely Existing Controls robust and adequate to mitigate the risk
03 Possible Existing controls reasonable to mitigate the risk but may still require
improvement
04 Likely Existing Controls inadequate to mitigate the risk and required
improvement
05 Almost certain Existing Controls unsatisfactory to mitigate the risk
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Easy ExampleEasy ExampleEasy ExampleEasy Example
16. Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
Score Impact Definition
01 Negligible 0% loss or almost negligible loss of business in terms of money
02 Low 1% to 2% loss of business in terms of money
03 Moderate Up to 10% loss of of business in terms of money
04 High Up to 25% loss of business in terms of money
05 Very High up to 50% loss of business in terms of money
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Easy ExampleEasy ExampleEasy ExampleEasy Example
17. RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
18. RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
19. RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
20. 1
2
3
4
5
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
21. 1
2
3
4
5
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Impact or
Consequence
Impact or
Consequence
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
22. 1 2 3 4 5
1
2
3
4
5
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
Impact or
Consequence
Impact or
Consequence
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
23. 1 2 3 4 5
1 1 2 3 4 5
2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 1616 2020
5 5 10 1515 2020 2525
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
Impact or
Consequence
Impact or
Consequence
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
24. 1 2 3 4 5
1 1 2 3 4 5
2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 1616 2020
5 5 10 1515 2020 2525
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
Impact or
Consequence
Impact or
Consequence
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
RISK MATRIXRISK MATRIXRISK MATRIXRISK MATRIX
BusinessBusiness
Risk AssessmenRisk Assessment
BusinessBusiness
Risk AssessmenRisk Assessment
25. SEQUENCE OF RISK MANAGEMENT
Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
1 2 3 4 5
1 1 2 3 4 5
2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 1616 2020
5 5 10 1515 2020 2525
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
Impact or
Consequence
Impact or
Consequence
Score Risk Definition
1 -31 -3 Insignificant Impact can be easily absorbed without requiring management effort
4 – 64 – 6 Minor Impact can be readily absorbed but some management effort is
required
8 – 108 – 10 Moderate Impact can not be managed under normal operating conditions,
requiring moderate level of resource and management inputs
12 – 1612 – 16 Major Impact requires a high level of management attention and resources to
rectify
20 – 2520 – 25 Catastrophic Disaster with potential to lead to business collapse and requiring
almost total management attention to rectify
26. Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
RiskRisk =
Frequency of OccurrencesFrequency of Occurrences //LikelihoodLikelihood XX Severity of Consequences /Severity of Consequences / ImpactImpact
RiskRisk =
Frequency of OccurrencesFrequency of Occurrences //LikelihoodLikelihood XX Severity of Consequences /Severity of Consequences / ImpactImpact
Scor
e
Likeliho
od
Definition
Occupational Health Occupational Safety
01 Rare Not likely to occur more than five
years
Not likely to occur more than five years
02 Unlikely Once / twice in a year Once / twice in a year
03 Possible Once / twice in a month Once / twice in a month
04 Likely Once / twice in a week Once / twice in a week
05 Almost
certain
Once / twice or more in a day Once / twice or more in a day
SAFETYSAFETY
Risk AssessmenRisk Assessment
SAFETYSAFETY
Risk AssessmenRisk Assessment
27. Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
RiskRisk =
Frequency of OccurrencesFrequency of Occurrences //LikelihoodLikelihood XX Severity of Consequences /Severity of Consequences / ImpactImpact
RiskRisk =
Frequency of OccurrencesFrequency of Occurrences //LikelihoodLikelihood XX Severity of Consequences /Severity of Consequences / ImpactImpact
Scor
e
Consequ
ences
Definition
Occupational Health Occupational Safety
05 Very High Illness causing loss of
life/permanent disease
Fatality / Permanent Disablement or
Heavy Property damage
04 High Illness causing time loss more than
10 days
Temporary disablement time lost more
than 10 days / Moderate Property
damage
03 Moderate Illness causing loss of time more
than 10 days but less than 48
hours
Temporary disablement time lost more
less than 10 days but more than 48
hours/ Low Property damage
02 Low Medical treatment & Loss of time Time lost less than 48 hours / Very low
SAFETYSAFETY
Risk AssessmenRisk Assessment
SAFETYSAFETY
Risk AssessmenRisk Assessment
28. 1 2 3 4 5
1 1 2 3 4 5
2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 1616 2020
5 5 10 1515 2020 2525
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
Impact or
Consequence
Impact or
Consequence
RiskRisk = LikelihoodLikelihood XX ImpactImpactRiskRisk = LikelihoodLikelihood XX ImpactImpact
RISK MATRIXRISK MATRIXRISK MATRIXRISK MATRIX
SAFETYSAFETY
Risk AssessmenRisk Assessment
SAFETYSAFETY
Risk AssessmenRisk Assessment
29. SEQUENCE OF RISK MANAGEMENT
Quantification
of Risk
or
Risk evaluation
Quantification
of Risk
or
Risk evaluation
1 2 3 4 5
1 1 2 3 4 5
2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 1616 2020
5 5 10 1515 2020 2525
Likelihood
or Frequency
of Occurrences
/Failure
Likelihood
or Frequency
of Occurrences
/Failure
Impact or
Consequence
Impact or
Consequence
Score Risk Definition
1 -31 -3 Insignificant Impact can be easily absorbed without requiring management effort
4 – 64 – 6 Minor Impact can be readily absorbed but some management effort is
required
8 – 108 – 10 Moderate Impact can not be managed under normal operating conditions,
requiring moderate level of resource and management inputs
12 – 1612 – 16 Major Impact requires a high level of management attention and resources to
rectify
20 – 2520 – 25 Catastrophic Disaster with potential to lead to business collapse and requiring
almost total management attention to rectify
31. LEGAL RISK ASSESSMENT AND MANAGEMENT
Risk Rating Methodology (Quantification of Risk)
PROBABILITY / LIKELIHOOD RATING
SCORE LIKELYHOOD DEFINITION
1 Rare Existing Control robust and Very Strong to mitigate the risk
2 Unlikely Existing Controls adequate to mitigate the risk
3 Possible
4 Likely Existing Controls inadequate to mitigate the risk and required improvement
5 Almost certain Existing Controls unsatisfactory to mitigate the risk
Definition of Legal Risk :
The Risk which has a Legal issue as its source and it is a set of facts that are assessd under a set
of Legal Norms
Existing controls reasonable to mitigate the risk but may still require
improvement
32. IMPACT RATING
SCORE IMPACT DEFINITION
1 Negligible Almost negligible loss / Non compliance almost Ignored by Authorities
2 Low Verbal guidance / Direction to comply with
3 Moderate
4 High
5 Very High
Written Notice to Comply without penalty / Lost time Injury /Temporary
Disablement / bad Image amongst Govt. authority
Short term cessation of any particular activity / Show Cause Notice and Normal
Penalty or short term Imprisonment / Financial loss covered by Insurance
Closure Notice / Withdrawal of License /Long term Imprisonment / Very High
Penalty / Financial Loss never covered by Insurance
34. CATEGORY OF RISK RISK SCORE DEFINITION ACTION REQUIRED
Insignificant/Very Low 1 to 5
Minor/Low 6 to 9 This Quarter
Moderate 10 to 12 This Month
Major/High 16 to 20 This week
Catastrophic 25 Immediate or today
Impact can be easily absorbed without requiring
management effort
Maintain Existing
Control
Impact can be readily absorbed but some management
effort is required
Impact can not be managed under normal operating
conditions, requiring moderate level of resource and
management inputs
Impact requires a high level of management attention and
resources to rectify
Disaster with potential to lead to business collapse and
requiring almost total management attention to rectify
Risk Matrix cum Action PlanRisk Matrix cum Action PlanRisk Matrix cum Action PlanRisk Matrix cum Action Plan
35. SEQUENCE OF RISK MANAGEMENT
● Common Hazards at Shop Floor
● Risk associated with each Hazards
● Risk Assessment / Risk Maping
● Risk Management Procedure
1. Risk Elimination1. Risk Elimination
2. Risk Reduction2. Risk Reduction
3. Risk Transfer3. Risk Transfer
4. Risk Acceptance4. Risk Acceptance
1. Risk Elimination1. Risk Elimination
2. Risk Reduction2. Risk Reduction
3. Risk Transfer3. Risk Transfer
4. Risk Acceptance4. Risk Acceptance