Risk Identification & Assessment - Change Initiative


The risk identification and assessment process is a critical part of effectively managing risks at a project level. Risks are identified, and then classified by risk category (financial, operational, strategic, compliance). Each risk is then assessed based on its impact and likelihood, and prioritized in order to direct management focus toward the most important (Deloitte & Touche LLP, 2012).

Our Risk Identification and Assessment - Change Initiative model follows the steps below:

  1. Identify potential risks that could impact your change implementation and classify each risk into categories.
  2. Combine to eliminate duplicates and move forward with only unique risks.
  3. Rate each risk based on impact and likelihood.
  4. Prioritize to ensure the right risks are managed going forward.
  5. Develop a specific action plan to address the high-priority risks.


This model is intended for change managers, transformation managers, and change agents.


Every change comes with inherent risk, affecting successful implementation or potentially bringing the change initiative to a halt (Shore, 2016). In order to minimize obstacles during change execution, and realize the expected results of your change, risks that could impact your organization must be identified and assessed.

Big or small, every change has the potential to result in different types and levels of risks. Having a comprehensive process for identification, assessment, and developing plans to address these risks goes a long way in implementing your change initiatives successfully.


1)  NOODLE & TAG: Identify and categorize the key risks that could impact your change initiative.

2)  COMBINE to eliminate duplicates and move forward with only unique risks

3)  MULTI-CRITERIA RATE each risk based on Impact and Likelihood. In the comments section, provide rationale for why each risk was rated the way it was.

4) PRIORITIZE: Identify high priority risks for management attention. 

5) ACTION PLAN: Develop an action plan to address high priority risks.


  • Prioritized list of risks to receive management attention
  • Critical thinking skills developed that enable a risk culture
  • Valuable insight into why risks were rated the way they were
  • Shared understanding and alignment on risks in the merger/acquisition


This exercise will enable:

Quality - Gain critical insight into your organization and proactively manage the risks that impact achievement of strategic goals – no surprises. Increased perspectives will reduce risk.

Efficiency - Engage busy stakeholders when it’s convenient for them to contribute – 24/7, reducing meetings and bringing the right people to the table.

Engagement - Conversation analytics allow individual stakeholders to know how they rated risks versus how others did, igniting rich discussion and deeper alignment. Provide a safe space for stakeholders to evaluate and provide candid thoughts and rationale. 

Agility - Develop a shared understanding about the organizations or departments key risks. Evaluate and focus management attention and resources on the most important risks. 


Shore, D. A. (2016). What Could Go Wrong? How to Manage Risk for Successful Change Initiatives. Harvard Professional Development. https://www.extension.harvard.edu/professional-development/blog/what-could-go-wrong-how-manage-risk-successful-change-initiatives

Deloitte & Touche LLP. (2012). Risk assessment in practice. Deloittehttps://www2.deloitte.com/content/dam/Deloitte/global/Documents/Governance-Risk-Compliance/dttl-grc-riskassessmentinpractice.pdf