Assigning risk score

Use auto-generated risk scores in AI Risk Essentials to consistently evaluate and prioritize risks based on their potential impact and likelihood.

Note

The risk score updates automatically only the first time you select the impact and likelihood values. If either value changes later, update the risk score manually.

What is a risk score?

A risk score is a calculated value that represents the level of threat a risk poses to your organization. It’s based on two key parameters you enter when assessing a risk:

  • Impact The potential severity of the risk

  • Likelihood The probability of the risk occurring

The system combines these values using a standard formula to generate the risk score.

Understanding the parameters

Impact

Impact measures how severe the consequences would be if the risk occurs. It helps assess the level of disruption or damage the risk could cause.

Categories include:

  • Very low Negligible effect, little to no financial loss, and no noticeable operational impact. Managed effortlessly.

  • Low Minimal effect, minor financial losses, and slight operational disruptions. Managed routinely.

  • Medium Noticeable but manageable disruptions, moderate financial losses, and temporary operational issues. Requires structured attention.

  • High Severe damage, significant financial losses, and major operational disruptions. Needs immediate attention.

  • Very high Catastrophic damage, critical financial losses, and widespread operational failures. Requires urgent and extensive action.

Likelihood

Likelihood measures how likely it is for the risk to occur. It helps estimate the probability or frequency of the event.

Categories include:

  • Very low Highly unlikely to occur, with an extremely low probability. Requires no immediate attention.

  • Low Unlikely to occur, with a low probability. Requires minimal attention.

  • Medium Moderate chance of occurring, with a reasonable probability within a foreseeable period. Requires monitoring.

  • High Likely to occur soon, with a high probability. Requires proactive measures to mitigate.

  • Very high Almost certain to occur in the near term, with an extremely high probability. Requires immediate and focused action.

Risk score

The system calculates the risk score by combining the impact and likelihood values. You can adjust the score manually, if needed. Each score falls into one of the following categories:

  • Very low The risk poses minimal concern and can be managed effortlessly without requiring intervention.

  • Low The risk presents a minor challenge and is unlikely to cause significant disruptions. Periodic monitoring is sufficient.

  • Medium The risk requires attention, as it has the potential to create noticeable but manageable issues. Proactive measures may be needed.

  • High The risk could lead to serious consequences and requires active mitigation strategies to prevent escalation.

  • Very highThe risk is critical and demands immediate, focused action to minimize severe consequences.

Using this approach helps focus on the most important risks and take action quickly where it matters most.