l

ia
e nt
id
o nf
C

Risk Management Toolkit

Overview and Approach

Created by ex-McKinsey, Deloitte & BCG

Management Consultants specialized in
Risk Management
Key Definitions

Risk management is the culture, processes, and structures that are directed towards realising potential opportunities,
whilst managing adverse effects.
A risk is a measure of the potential inability to achieve a goal or target within defined safety, cost, schedule, and
technical constraints. A risk has two components: the likelihood of failing to achieve a particular outcome, and the
consequence of failing to achieve it. A risk is a future event and can often be managed proactively.
An issue is a risk that has occurred and has become a problem. It is an undesirable event that has occurred and its
occurrence cannot be stopped or directly controlled.
Risk assessment is the qualitative and/or quantitative evaluation of the likelihood and consequence of a risk occurring.
Likelihood is the probability of a specified outcome.
A closed risk is one that no longer exists (i.e., the risk has evolved into an issue or is no longer relevant), is no longer
cost-effective to track, or has been mitigated.
A risk owner is an individual to whom a risk is assigned. The risk owner is responsible and accountable for identifying,
implementing, and tracking the risk mitigation strategy and actions.

2
Context and objectives of having a clear risk management approach

Context
Risk management is an important function in organizations today. Companies undertake increasingly
complex and ambitious initiatives, and those initiatives must be executed successfully, in an uncertain and
often risky environment.

Objectives of having a clear risk management approach

• Provide a systematic approach to the early identification and management of risks
• Provide consistent risk assessment criteria
• Make available accurate and concise risk information that informs decision making, including business
direction
• Adopt risk mitigation strategies that are cost-effective and efficient in reducing risk to an acceptable level
• Monitor and review risk levels to ensure that risk exposure remains within an acceptable level

3
Benefits of risk management

1 Increase the likelihood of achieving the organization’s strategic and business objectives

2 Encourage a high standard of accountability at all levels of the organization

3 Support more effective decision making through better understanding of risk exposure

4 Create an environment that enables the organization to deliver timely services and meet
performance objectives in an efficient and cost-effective manner

5 Safeguard the key assets of the organization: human, property, and reputation

6 Meet compliance and governance requirements

4
Content
The Risk Management Toolkit was created by ex-McKinsey, Deloitte, and BCG management
consultants specializing in risk management. It includes 7 components.

Best Practices Frameworks

Advice from
tier-1
Tools
Management What’s
Consultants
inside our
Toolkit?

Real-life Templates
Examples

Video Training
Step-by-step
Tutorials

5
Objectives
The Risk Management Toolkit includes frameworks, tools, templates, tutorials, real-life examples, video
training, and best practices to help you:
• Define and implement your risk management strategy and plan: (1) Summary of the corporate and business strategy, (2) Risk
appetite, (3) Risk management capability maturity model, (4) Risk management mission, vision, and strategic objectives, (5) Risk
management KPIs, targets, and initiatives, (6) Roadmap to reach our strategic objectives, (7) Risk management team and budget, (8)
Governance structure, (9) Guiding principles, (10) Framework to manage risk

• Easily identify, assess, and mitigate the key risks and issues of your project or company by leveraging our risk management 7-
phase approach, risk log, issue log, risk assessment matrix, and risk and issue dashboard

• Prioritize your risks based on the potential impact of the risk and the probability of the risk to happen

• Automatically calculate your number of high, medium, and low priority risks and issues with our risk and issue dashboard

• Present a robust risk management approach and risk assessment overview to your board of directors, executive committee, or
program manager

• Get a high-level view of all your risks with our 3-by-3 risk prioritization matrix and 5-by-5 risk prioritization matrix

6
Scope of the Risk Management Toolkit

Strategic Risks
Long term

Project Risks
Medium term

Operational Risks
Short Term

7
 Approach
Our Risk Management Toolkit includes a simple 7-phase approach, which can be used to manage the risks
and issues of a company or a project

1.Risk 6.Risk Closure

2.Risk 3.Risk 4.Risk 5.Risk 7. Issue
Management and Issue
Identification Assessment Prioritization Mitigation Management
Strategy & Plan Escalation

1. Summary of the 1. Risk types and 1. Probability of the risk 1. 3-by-3 risk 1. Response options 1. Risk closure 1. Simple issue log in
corporate and business examples happening prioritization matrix in PowerPoint
strategy PowerPoint and Excel 2. Examples 2. Issue escalation
2. Tools to identify risks 2. Potential impact of the 2. Comprehensive issue log
2. Risk appetite 3. Actions, deadlines,
risk 2. 5-by-5 risk in Excel
3. Risk management 3. Simple risk log in prioritization matrix in and responsibilities
capability maturity model Powerpoint 3. Risk value PowerPoint and Excel 4. Dashboard
4. Risk management 4. Comprehensive risk
mission, vision and log in Excel
strategic objectives
5. Risk management KPIs,
targets and initiatives
6. Roadmap to reach our
strategic objectives
7. Risk management team
and budget
8. Governance structure
9. Guiding principles
10.Framework to manage
risk
8
Tools and Templates
To easily implement our 7-phase approach, we have created multiple tools in PowerPoint and Excel that
can be used for both your company or a specific project

Simple Risk Log Simple Issue Log Risk Prioritization Matrix

Comprehensive Risk Log Dashboard

9
 In the next slides, you’ll see a small preview of Phase I

1.Risk 6.Risk Closure

2.Risk 3.Risk 4.Risk 5.Risk 7. Issue
Management and Issue
Identification Assessment Prioritization Mitigation Management
Strategy & Plan Escalation

1. Summary of the 1. Risk types and 1. Probability of the risk 1. 3-by-3 risk 1. Response options 1. Risk closure 1. Simple issue log in
corporate and business examples happening prioritization matrix in PowerPoint
strategy PowerPoint and Excel 2. Examples 2. Issue escalation
2. Tools to identify risks 2. Potential impact of the 2. Comprehensive issue log
2. Risk appetite 3. Actions, deadlines,
risk 2. 5-by-5 risk in Excel
3. Risk management 3. Simple risk log in prioritization matrix in and responsibilities
capability maturity model Powerpoint 3. Risk value PowerPoint and Excel
4. Risk management 4. Comprehensive risk
mission, vision, and log in Excel
strategic objectives
5. Risk management KPIs,
targets, and initiatives
6. Roadmap to reach our
strategic objectives
7. Risk management team
and budget
8. Governance structure
9. Guiding principles
10. Framework to manage
risk
10
Introduction

You can use this deliverable directly for your own purposes. You simply need to insert your logo and adjust
the slides based on the specificities of your organization.

Please note that this document also includes many slides with best practices, tutorials, and real-life
examples to help you adjust this deliverable based on the specificities of your organization. These slides
have an orange rectangle in their top-right corner. You may decide to delete these slides as they are mainly
there to help you fill in the rest of the deliverable. Before you do, copy and paste this document so you
always have the original version in case you need it.

11
What do we mean by risk appetite?

Risk appetite is the amount of risk an entity is willing to accept or retain in order to achieve its objectives. It
is a statement or series of statements that describes the entity’s attitude toward risk taking. Determining an
entity’s risk appetite occurs through the development of risk appetite statements which clearly set out what
the executives consider to be acceptable risk-taking. Risk appetite statements are usually aligned to
categories of risk (e.g., financial, people, and reputation risks).

Risk appetite statements will look and feel different according to an entity’s internal and external context. If
these are not calibrated, the resultant actions may be skewed either too lightly (e.g., no action
required) or result in an over-controlled risk response.

To help us assess our organization’s risk appetite, we decided to use a risk appetite scale (see next slide).

12
What are the benefits of defining risk appetite?

Support conscious and informed risk taking

Promote a more consistent risk management approach

Guide risk decision making

Structure the executive conversation on risk taking

Calibrate the organization risk assessment process

13
Risk appetite scale

1 - Very low appetite 2 - Low appetite 2 - Moderate appetite 4 - High appetite 5 - Very high appetite

Insert your own definition Insert your own definition Insert your own definition Insert your own definition Insert your own definition
Insert your
own text

Insert your own definition Insert your own definition Insert your own definition Insert your own definition Insert your own definition
Insert your
own text

Insert your own definition Insert your own definition Insert your own definition Insert your own definition Insert your own definition
Insert your
own text

Insert your own definition Insert your own definition Insert your own definition Insert your own definition Insert your own definition

Insert your
own text
 Real-life example from a Fortune
500 company

Risk appetite scale

1 - Very low appetite 2 - Low appetite 2 - Moderate appetite 4 - High appetite 5 - Very high appetite

The organization takes caution The organization takes a The organization takes a The organization is willing to The organization believes
and often accepts as little risk cautious approach towards balanced approach to risk take greater than normal risks aggressive risk taking is justified
Risk taking as possible taking risk taking

Choice when Will select the lowest risk Will accept only if essential, and Will accept if limited, and heavily Will choose to put at risk, but Will choose the option with the
faced with option, always limited possibility/extent of outweighed by benefits will manage impact highest return; accept possibility
multiple failure of failure
options

Objective/ Not willing to accept any Only willing to accept a small Potential negative impact and Willing to accept some potential Willing to accept a potential
negative potential negative impact in potential negative impact in the completion of strategic negative impact to pursue large negative impact to pursue
impact order to pursue strategic order to pursue strategic objectives are given equal strategic objectives strategic objectives
objectives objectives consideration
relationship

Very low Low Limited Expect some Fully anticipated

Tolerance for
uncertainty
Following multiple interviews and workshops, we assessed that the risk
appetite of our organization was high [insert your own rating]

1 - Very low appetite 2 - Low appetite 2 - Moderate appetite 4 - High appetite 5 - Very high appetite

The organization takes caution The organization takes a The organization takes a The organization is willing to The organization believes
and often accepts as little risk cautious approach towards balanced approach to risk take greater than normal risks aggressive risk taking is justified
Risk taking as possible taking risk taking

Choice when Will select the lowest risk Will accept only if essential, and Will accept if limited, and heavily Will choose to put at risk, but Will choose the option with the
faced with option, always limited possibility/extent of out-weighted by benefits will manage impact highest return; accept possibility
multiple failure of failure
options

Objective/ Not willing to accept any Only willing to accept a small Potential negative impact and Willing to accept some potential Willing to accept a potential
negative potential negative impact in potential negative impact in the completion of strategic negative impact to pursue large negative impact to pursue
impact order to pursue strategic order to pursue strategic objectives are given equal strategic objectives strategic objectives
objectives objectives consideration
relationship

Very low Low Limited Expect some Fully anticipated

Tolerance for
uncertainty
 o ts
n sh
ee
S cr

See below 4 screenshots from Phase I.

Risk Management Capability Maturity Assessment Detailed Roadmap in Excel

Governance Structure Guiding Principles

17
 In the next slides, you’ll see a small preview of Phase II

1.Risk 6.Risk Closure

2.Risk 3.Risk 4.Risk 5.Risk 7. Issue
Management and Issue
Identification Assessment Prioritization Mitigation Management
Strategy & Plan Escalation

1. Summary of the 1. Risk types and 1. Probability of the risk 1. 3-by-3 risk 1. Response options 1. Risk closure 1. Simple issue log in
corporate and business examples happening prioritization matrix in PowerPoint
strategy PowerPoint and Excel 2. Examples 2. Issue escalation
2. Tools to identify risks 2. Potential impact of the 2. Comprehensive issue log
2. Risk appetite 3. Actions, deadlines,
risk 2. 5-by-5 risk in Excel
3. Risk management 3. Simple risk log in prioritization matrix in and responsibilities
capability maturity model Powerpoint 3. Risk value PowerPoint and Excel 4. Dashboard
4. Risk management 4. Comprehensive risk
mission, vision and log in Excel
strategic objectives
5. Risk management KPIs,
targets and initiatives
6. Roadmap to reach our
strategic objectives
7. Risk management team
and budget
8. Governance structure
9. Guiding principles
10.Framework to manage
risk
18
Simple risk log
Description

To identify our company risks and project risks, we created a simple risk log in PowerPoint.
This simple risk log will be used when our list of risks is small or if we need to make a presentation in front
of our Board of Directors, Executive Committee, or any stakeholders that do not need to know too many
details.

19
 Low priority (risk value is 1, 2, or 3)

Simple risk log Medium priority (risk value is 6)

3-level rating
High priority (risk value is 9)

Impact Probability
Risk (1=Minor; Risk Value Assigned
Risk Title Risk Description (1=Unlikely; Mitigation Strategy
# 2=Moderate;
2=Possible; 3=Likely)
(Impact X Probability) To
3=Major)

Improving the resolution of our images

Lower website will increase the size of our images, Find the sweet spot between quality
1 speed which may lower our website page
3 3 9
images and page loading time
Donald
loading time

Buy more oil than we need to build

A strong increase in oil price would create
2 High oil price
a high pressure on our profit margins
1 2 2 up our stock while the price of oil is
at an affordable price
Ralph

Insert your risk

3 title
Insert your risk description 2 3 6

Insert your risk

4 title
Insert your risk description Rate from 1 to 3 Rate from 1 to 3

Insert your risk

5 title
Insert your risk description Rate from 1 to 3 Rate from 1 to 3

Insert your risk

6 title
Insert your risk description Rate from 1 to 3 Rate from 1 to 3

Insert your risk

7 title
Insert your risk description Rate from 1 to 3 Rate from 1 to 3

20
Comprehensive risk log
Description

To identify our company risks and project risks, we created a comprehensive risk log in Excel.
This comprehensive risk log will be used when we have a long list of risks and need to provide a lot of
details for each of them.

Comprehensive Risk Log in Excel (for more details, open the Excel
document “Comprehensive Risk Log”

21
 In the next slides, you’ll see a small preview of Phase III

1.Risk 6.Risk Closure

2.Risk 3.Risk 4.Risk 5.Risk 7. Issue
Management and Issue
Identification Assessment Prioritization Mitigation Management
Strategy & Plan Escalation

1. Summary of the 1. Risk types and 1. Probability of the risk 1. 3-by-3 risk 1. Response options 1. Risk closure 1. Simple issue log in
corporate and business examples happening prioritization matrix in PowerPoint
strategy PowerPoint and Excel 2. Examples 2. Issue escalation
2. Tools to identify risks 2. Potential impact of the 2. Comprehensive issue log
2. Risk appetite 3. Actions, deadlines,
risk 2. 5-by-5 risk in Excel
3. Risk management 3. Simple risk log in prioritization matrix in and responsibilities
capability maturity model PowerPoint 3. Risk value PowerPoint and Excel 4. Dashboard
4. Risk management 4. Comprehensive risk
mission, vision, and log in Excel
strategic objectives
5. Risk management KPIs,
targets, and initiatives
6. Roadmap to reach our
strategic objectives
7. Risk management team
and budget
8. Governance structure
9. Guiding principles
10. Framework to manage
risk
22
By multiplying the “Probability” dimension by the “Impact”
dimension, we will get our “Risk Value”

Probability Impact Risk Value

What is the
probability of the
risk happening
X
What is the
potential impact of
the risk = The risk value will
help you prioritize
your risks

23
To assess the probability of a risk happening, we can use a 3-level or 5-
level rating depending on our needs

Probability 3-level rating

Probability Scale Definition

3.Likely Over 60% chances of happening

2.Possible Between 20% and 60% chance of happening

1.Unlikely Less than 20% chance of happening

24
 In the next slides, you’ll see a small preview of Phase IV

1.Risk 6.Risk Closure

2.Risk 3.Risk 4.Risk 5.Risk 7. Issue
Management and Issue
Identification Assessment Prioritization Mitigation Management
Strategy & Plan Escalation

1. Summary of the 1. Risk types and 1. Probability of the risk 1. 3-by-3 risk 1. Response options 1. Risk closure 1. Simple issue log in
corporate and business examples happening prioritization matrix in PowerPoint
strategy PowerPoint and Excel 2. Examples 2. Issue escalation
2. Tools to identify risks 2. Potential impact of the 2. Comprehensive issue log
2. Risk appetite 3. Actions, deadlines,
risk 2. 5-by-5 risk in Excel
3. Risk management 3. Simple risk log in prioritization matrix in and responsibilities
capability maturity model PowerPoint 3. Risk value PowerPoint and Excel 4. Dashboard
4. Risk management 4. Comprehensive risk
mission, vision and log in Excel
strategic objectives
5. Risk management KPIs,
targets and initiatives
6. Roadmap to reach our
strategic objectives
7. Risk management team
and budget
8. Governance structure
9. Guiding principles
10.Framework to manage
risk
25
 o ts
n sh
ee
S cr

See below 1 screenshot from Phase IV

Risk Prioritization Matrix

26
 In the next slides, you’ll see a small preview of Phase V

1.Risk 6.Risk Closure

2.Risk 3.Risk 4.Risk 5.Risk 7. Issue
Management and Issue
Identification Assessment Prioritization Mitigation Management
Strategy & Plan Escalation

1. Summary of the 1. Risk types and 1. Probability of the risk 1. 3-by-3 risk 1. Response options 1. Risk closure 1. Simple issue log in
corporate and business examples happening prioritization matrix in PowerPoint
strategy PowerPoint and Excel 2. Examples 2. Issue escalation
2. Tools to identify risks 2. Potential impact of the 2. Comprehensive issue log
2. Risk appetite 3. Actions, deadlines
risk 2. 5-by-5 risk in Excel
3. Risk management 3. Simple risk log in prioritization matrix in and responsibilities
capability maturity model PowerPoint 3. Risk value PowerPoint and Excel 4. Dashboard
4. Risk management 4. Comprehensive risk
mission, vision and log in Excel
strategic objectives
5. Risk management KPIs,
targets and initiatives
6. Roadmap to reach our
strategic objectives
7. Risk management team
and budget
8. Governance structure
9. Guiding principles
10.Framework to manage
risk
27
We identified 6 types of mitigation strategies

This option is about making the uncertain situation certain by removing the risk, often by removing the
Avoid a threat
cause of the threat

Reduce a threat This option is about taking action now to change the probability and/or impact of a threat

Transfer the risk This option is about transferring part of the risk to a third party(e.g., taking out an insurance policy)

This option is about sharing the risk with another entity or multiple entities in order to minimize the
Share the risk
potential impact on one single entity

This option means that the organisation decides to accept that a risk may occur and to take no action,
Accept the risk
exposing itself to the full possible impact

Prepare a contingency This option means that the organisation decides to accept that a risk may occur and to take no
plan immediate action, but puts in place a series of contingencies to deal with the potential impact

28
We will define and implement our mitigation strategies by using our
comprehensive risk log in Excel

29
We will monitor the implementation of our mitigation strategies by
leveraging our dashboard in Excel, which will automatically be updated
based on the input we make in the risk log

30
Structure of the Toolkit
The Risk Management Toolkit includes 100 PowerPoint slides and 10 Excel sheets that you can download
on your device immediately after your purchase.

+
100 editable PowerPoint slides* 10 editable Excel sheets*

1. Risk 6. Risk
Management 2. Risk 3. Risk 4. Risk 5. Risk Closure and 7. Issue
Strategy and Identification Assessment Prioritization Mitigation Issue Management
Plan Escalation

*Please note that the number of PowerPoint slides and Excel sheets listed is the number of unique slides and sheets. For example, a PowerPoint slide
that has been duplicated to facilitate our clients’ understanding only counts for 1 slide.

31
Key Benefits of our Management Consulting Toolkits

Improve the growth &

Make a great investment for
efficiency of your Get a competitive advantage.
your career & organization. It
organization by leveraging It’s like hiring Management
cost us US$8M+ over the
Management Consulting Consultants to create all the
past 10 years to create all
Toolkits created by ex- practical Frameworks, Tools
our Toolkits. Get them for a
McKinsey, Deloitte & BCG & Templates you need.
fraction of this cost.
Consultants.

Get the job done quicker and

never start from scratch Don't reinvent the wheel. We
Improve the capabilities of
again with our ready-made have already worked 30,000+
your organization by learning
and fully editable hours over the past 10 years
how the Fortune 100 and
Frameworks, Tools & to create all the Management
Global Consulting Firms do it.
Templates in Powerpoint & Consulting Toolkits you need.
Excel.

Become your organization’s

Decrease your costs. Hiring
Get free support and advice subject matter expert and
tier-1 Consultants for a
from our ex-McKinsey, impress your stakeholders
project would cost you
Deloitte & BCG Management with world-class approaches
$300k+. Way more expensive
Consultants. to resolve common business
than our Toolkits, which will
problems.
last you a lifetime!

32
What our clients say about our Toolkits
Reviews imported from Facebooks, Amazon and Klaviyo

See more reviews >

33
Join the 200,000+ Executives, Consultants & Entrepreneurs already leveraging our
Business & Consulting Toolkits to improve the performance of their organization and
boost their own career.

Trusted by small and large organizations Customer satisfaction

4.8
Number of countries leveraging our Business & Consulting Toolkits Number of professionals
leveraging our Business &
160+ Consulting Toolkits
200,000+

Daily rate of our ex-McKinsey,

Deloitte and BCG Management
Consultants
$3k-$4k

34
Interested in more than 1 Toolkit?
Access all our Toolkits for half the price with our Gold Access

Gold Access
Click here to learn more

35
Need additional help on top of our Management Consulting Toolkits?
Send us a brief and we’ll find you the right talent from our network of 500 tier-1 Management
Consultants (the average daily rate is $3k)

Click here to send us a Project Brief

Thank you for your attention.

www.domontconsulting.com

37