Definitions What is legal risk? A legal risk is where the event or consequences are legal in nature. Legal risk analysis requires expert judgement from professionals trained in the law. This does not mean that only lawyers can perform legal risk analysis, nor that lawyers are sufficient for legal risk analysis.
Definitions Risk measures uncertainty Risk is the effect of uncertainty on objectives. This definition of risk is deceptively simple.
Definitions What is risk? Risk is a way to understand the relationship between our uncertainty and our objectives. Risk is “the effect of uncertainty on our objectives.”
Process Risk treatment Risk treatment simply means the steps we take to manage some risk. At the end of the risk assessment process, evaluation, one of the actions we can take is to treat the risk. That is do something about the risk.
Process Risk evaluation Analysis of legal risk during the assessment process gives us a better understanding of the likelihood and consequences of an event. The question now is what to do about the risk.
Process Risk analysis The effort to understand a particular risk is called risk analysis. In risk analysis, we probe the depths of a single risk. It is an investigation of a risk that results in a rating and input for risk evaluation.
Process Risk identification To identify risks is to look for, imagine, and dig up potential problems and then put them on a list. Risk identification does not need to be more complicated.
Process Risk assessment Risk assessments are the core of the risk management process. A risk assessment goes through three phases: identification, analysis, and evaluation.
Process Risk criteria plots The risk criteria guide our recommendations about what to do with a given risk or collection of risks. We define what risk is acceptable to the organization. We can plot risks and risk criteria to see the results of our analysis.
Process Internal and External Context Context matters. It is tempting to identify risks that, while real, are not relevant to your context. There are some risks that are simply too large or too derivative to spend time analyzing.
Process Risk assessment scope Limiting the scope of a legal risk management process to the legal department is an easy way to get started. Legal risk assessments by their nature consider implications for the the broader organization.
Process Scope, context, criteria overview Before analyzing specific legal risks, we need to establish the scope and context of our analysis.
Process Communication and consultation Effective risk assessments require collaboration among domain experts and those with access to necessary information. The risk management framework should address the communication plan for risk management in general.
Process Process Introduction The risk management process is applicable to any level of the organization. You can implement the risk management process outlined here at the highest level of strategy or at the level of an individual project.
Framework Precision is not good for legal risk management Here is a hard pill to swallow: precision is not always possible or even desirable.
Framework Risk framework work product There are four tangible pieces of work product we need to product for our risk framework.
Framework Risk management heat maps - they are risky We can then show the number of rated risks in each segment of the heat map. These numbers do not include unrated risks, unidentified risks, or risks with unknown likelihood or consequences.
Framework Risk plot of qualitative risk This simple exercise begins to reveal the power of a qualitative risk model for understanding our portfolio of legal risks.
Framework Risk models At the core of the design of a risk framework is the risk model. A risk model is the technique we use to calculate or measure a particular risk.
Framework Risk framework design A risk management framework should be simple but not simplistic. If a frontline manager cannot use and understand the framework, it probably isn't much use.
Framework Risk framework integration To be effective, the risk management framework needs to be woven into the business strategy, not separated from it.
Framework Leadership and commitment Risk management can succeed or fail based on support from senior management. This does not mean that the CEO, managing director, or board of directors is the sole authority for support of a legal risk management initiative.
Framework Risk management framework introduction A framework for legal risk is a method to fold risk management into the organization, regardless of the source or cause of the risk.
Principles Risk management principles The purpose of legal risk management is to preserve and protect value of the enterprise. This is a tremendous challenge for legal professionals. We are often viewed simply as cost centers. We are also not trained to justify their work in terms of revenue and expenses.
