Risk, as defined in ISO 31000 is "the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.
Risks can originate from various sources, such as uncertainty in financial markets, project failures (at any phase of its life-cycle), legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attack from an adversary, or events of uncertain or unpredictable root-cause.
Risks can be classified in different types, the most important being:
- Operational Risk: A major type of Risk that deals mainly with human and technical mistakes in implementing important everyday actions for organization operations.
- Financial Risk: Is the exposure of a company to market and credit risk. Only large companies with available budgets can invest on serious credit risk management.
- Project Risk: It is a Risk on processes related to projects implementation. It greatly depends on people and resources.
- Opportunity Risk: A term used for more than one purposes. However, it is strongly related to market and/or product assessment. Generally, it refers to decision taking for investing in a new opportunity. A lot of analysts use the term Market Entry Strategic Risk instead.
- Competitive Risk: Market assessment also includes knowing your competition and your abilities. Even more, young entrepreneurs need to check if they need intellectual property, before a competitor surpasses them.
