A comprehensive appraisal within an organization that should be defined clearly and completely within the policy documents is the project of risk management. Virtually every enterprise should be performing a risk assessment and following it up with management of the identified risks. Because risk management has become identified as a standard of due care, any company that is not performing these functions is essentially negligent and faces increased exposure to negligence-related and liability-related litigation.

To manage risks, one must first become aware of and knowledgeable about the risks to be managed. The risk assessment is the development of knowledge and awareness of all the risks to all the assets of the ...