The Risk Assessment is a structured methodology for risk assessment that allows you to:

• identify the risks that restrict or impede the achievement of corporate objectives;
• determine the level of risk;
• develop appropriate control strategies to ensure greater coverage of areas where there are significant risks;
• define the business model of reference in terms of primary and secondary processes;
• analyze business processes and identify those most sensitive;
• identify and assess, for each process, the risks and controls;
• develop and maintain an innovative approach to managing business risks.

The risk assessment is a policy in which different strategies are assessed and decisions on the risks deemed acceptable are taken. These strategies have different effects on risk, including reducing, removing and redefining themselves. Eventually, it led to an acceptable level of risk and therefore a strategy is adopted. In this process are involved: the cost-benefit calculation, the estimate of risk tolerance and the quantification of preferences.
The business risk is a component in every business activity and represents a potential event that reduces the likelihood of achieving the objectives of corporate business.
The business risk can be classified into:

INTERNAL

• strategic (ie market share, image);
• operational (eg budget production, quality);
• funded (eg fraud, budget funded);
• compliance (eg compliance with laws, codes of conduct).

EXTERNAL

• laws and regulations;
• competition;
• economic trends