Blog >
Practical Steps in Risk Mitigation


Practical Steps in Risk Mitigation

Using COVID as a case study on the unexpected risks business leaders face, Davide Gronchi shares practical steps on risk mitigation.

Whilst in the middle of an heavy and unexpected crisis, company leaders are requested to keep looking far ahead and shape the future of their company by (re-)designing the strategy and how to implement it.

Current times are full of worries and threads, every day are more negative than positive news that capture our attention. How to concentrate on our business, sailing in calm waters and heading to a bright future? Yes, company leaders must keep this attitude! Nobody else can do this, it cannot be delegated. And recent research proves that CEOs like crafting strategy most than other task their are responsible for!

Nevertheless, we are all prone to see risks everywhere now during the COVID-19 crisis. This was a risk that nobody was really ready to mitigate. Nobody actually ever thought it could ever been real!

In our life of leaders, in our companies, many can be the risks that we might face and that need to be considered and need a mitigation plan. How to identify and prioritize risks?

I apply a good pragmatic method that derives out of FMEA. FMEA stands for Failure-Mode-and-Effects-Analysis and was invented by the US military in the late 1940s. I am not going to describe in detail what that is (there is plenty of literature around it), but I want to describe how I use this to prioritize risks. The beauty of this approach, is that it helps to put some objective criteria into an exercise that could else be very theoretical and subjective. FMEA is a semi-quantitative evaluation.

The first step for all companies should be to define a risk catalog. This can follow a structure on three main areas: strategic risks, financial risks and operational risks. Probably many would ask now “What type of risk is COVID-19?”. This affects all three areas! Our strategy is put in danger and no longer valid at least in the mid-term, company’s cash-flow and share value are depleting, employees and other resources (e.g. materials) are not available right now. The risk catalog is a good start but is also a dangerous tool: if all the risks were equally important, where should I start the mitigation from?

FMEA helps me here to prioritize by assessing each risk under 3 lenses: Severity, Occurrence, Detection. What does that mean? Let’s look one at the time.


Key points include:

  • Mitigating actions
  • Forecasting severity
  • Increasing detection


Read the full article, The Pragmatic Way For Risk Mitigation, on