Dynamic Risk: How to Assess Changing Threats With a Free Template

In November 2018, a massive 7.1 earthquake struck Anchorage, Alaska, followed shortly by a second earthquake almost as big. Everything changed in a matter of minutes as workers across the region grappled with sudden, unplanned disruptions to critical infrastructure. As a busy freight hub, Anchorage Airport was particularly affected.

With a line of aircraft waiting to land, the air traffic control team attempted to evacuate their crumbling control tower—only to find their backup building was also damaged. Brendan Monahan recalls the incident on a recent episode of The Employee Safety Podcast.

“Their plan is up in smoke,” says Monahan, Head of U.S. Resilience and Crisis Management for a major global pharmaceutical company. “So what do they do? They grabbed their radios, some binoculars, and they hopped in the back of a pickup truck and drove to the runway. And from there, they were able to get all the planes that were in the queue safely on the ground…”

Neither the U.S. Geological Society nor other scientists have predicted a major earthquake. Yet the air traffic control team’s ability to think—and act—on the fly allowed them to save the day literally.

The story of Anchorage underlines why understanding (and accounting for) dynamic risk is key to keeping people, assets, and operations safe in the face of new dangers. Dynamic risk is the possibility that a threat will change quickly as conditions evolve, requiring teams to reassess hazards, adjust control measures, and coordinate a response in real time. A dynamic risk template gives teams a repeatable way to document what changed, who or what may be impacted, what actions were taken, and what should happen next.

What Is Dynamic Risk?

Dynamic risks are difficult to predict ahead of time. They are associated with unexpected, unknown, and rapidly changing situations. Dynamic risks often arise suddenly and without warning, such as earthquakes, explosions, or an active shooter appearing out of nowhere.

Other times, a dynamic risk emerges as a side effect or unintended consequence of a known threat. For example, warnings began a few days before Winter Storm Uri in February 2021. Families and businesses braced for low temperatures, but they weren’t prepared for the ripple effect of related dangers, which included frozen equipment, power grid outages, and gas shortages.

Human, environmental, operational, and external factors may all contribute to dynamic risk, including:

• Organizational changes
• Physical danger resulting from fatigue, stress, aggression, or emotional sensitivity
• Outbreaks of disease or infection
• Criminal activities
• Violent outbursts by employees or customers
• Active shooter incidents
• Extreme weather or natural disasters
• Geopolitical upset
• Economic shifts
• Equipment or system malfunctions
• Terrorism
• Supply chain disruptions

Any of these potential risks could arise instantly and present new dangers to your people’s health and safety and your business’s ongoing operation.

Real-world examples of dynamic risk in the workplace

• A severe weather event changes direction and puts a facility inside the impact radius.
• A protest near an office escalates and affects employee commute routes.
• A cybersecurity incident creates operational downtime or physical access issues.
• A delivery driver or lone worker encounters an aggressive customer or unsafe on-site condition.
• A power outage disrupts business operations and triggers secondary risks.
• A supply chain disruption creates safety, staffing, or continuity challenges.

Why Should Businesses Conduct Dynamic Risk Planning?

We’re living in times of uncertainty and instability. Rising geopolitical tensions, inflation, wars, climate change, partial deglobalization, AI, and stressed supply chains are among the many concerns that could affect your organization’s well-being, productivity, and safety.

Planning ahead may seem paradoxical when the crystal ball looks cloudy and a company’s greatest exposures are off the map. But dynamic risk planning brings several benefits for both employers and individuals, such as:

• Illuminating previously unseen or unarticulated risks
• Revealing whether safety measures can be put in place to minimize the potential for damage
• Reducing fear of the unknown by strengthening workers’ ability to adapt to rapidly changing environments
• Encouraging teamwork and empowering workers to protect themselves, those around them, and their work environment
• Improving workplace safety by equipping people with skills to assess and control high-risk situations quickly
• Strengthening overall business resilience by training your organization to think on its feet in real time

What Is a Dynamic Risk Assessment?

A dynamic risk assessment helps teams identify hazards, evaluate potential impact, select appropriate control measures, and reassess the situation as new information becomes available. Organizations are used to planning for known risks, like tornadoes, hurricanes, or potential break-ins. But what about the threats you can’t easily predict?

Dynamic risk management goes beyond the two-dimensional threat assessment, which grades individual risks on likelihood and severity. It also recognizes that risks are interconnected and ever-evolving. A dynamic risk assessment (DRA) is a process for identifying and handling unexpected threats and uncertainties in quickly changing situations. Instead of occurring before an event, a DRA takes place in real time as a situation unfolds.

Because dynamic risk assessments happen quickly, many teams need a simple template, checklist, or other risk assessment tools they can use in the field, in a security operations center, or during an incident response meeting to simplify and automate the assessment process.

A DRA identifies and quantitatively measures:

• Most probable risk scenarios
• Severe but less likely scenarios
• Cumulative effects on the organization
• Most effective risk mitigation strategies based on the threats identified
• Expected risk velocity or time to impact

Preview of AlertMedia’s Threat Assessment Template

What to Include in a Dynamic Risk Assessment Template

A dynamic risk template should be simple enough to use during fast-moving situations but detailed enough to support informed decisions, corrective actions, and post-incident review.

• Situation summary—What is happening, where, and when?
• People, locations, and assets at risk—Which employees, facilities, travelers, customers, or business operations could be affected?
• Hazards identified—What workplace risks, safety concerns, environmental threats, cybersecurity issues, or operational disruptions are present?
• Likelihood, severity, and potential impact—What is the probability of harm, how severe could the consequences be, and how quickly could conditions change?
• Existing control measures—What safeguards, PPE, procedures, workflows, or response plans are already in place?
• Additional control measures needed—What actions should be taken to mitigate risks?
• Owner and response workflow—Who is responsible for each action, and what is the expected response time?
• Communication plan—Who needs to be notified, through which channels, and how will updates be shared?
• Reassessment trigger—What change in conditions should prompt the team to reassess?
• Corrective actions and lessons learned—What should be documented for future planning, safety management, compliance, or training?

How to Perform a Dynamic Risk Assessment: Step-by-Step

A standard risk assessment isn’t always enough to manage today’s safety risks. Dynamic strategies focus on constantly finding new risks, figuring out how severe they are, taking action to stop them, and monitoring them. This way, your organization can quickly adjust to changing situations, seize opportunities, and avoid problems.

1. Orient

Step one of the dynamic risk assessment process involves getting a clear picture of the situation. You’ll assess the environment, tasks, people involved, and any potential hazards. This can begin even before entering an environment, such as at the doorway or parking lot.

2. Identify

Here’s where you pinpoint the specific risks involved. Analyze the likelihood and severity of potential incidents. For example, you might encounter loose wires in an older building or a client who is aggressive or under the influence in their home.

3. Evaluate

Not all risks are equal. This step involves ranking risk factors based on their severity, urgency, likelihood, and potential outcomes. For example, is there a risk of injury or even fatality, such as electrocution from loose wires? Or is the risk more of an inconvenience, like a splinter?

4. Act

If possible, take action to lessen or eliminate the identified risks. You can implement control measures, such as cleaning up a spill or putting up warning signage. Action may involve changing procedures or delaying the activity until the risks are addressed.

5. Repeat

Since situations can change quickly, regularly looping back and repeating the entire DRA process is essential. This ongoing process ensures you stay aware of new risks and can adjust your risk mitigation approach as needed. Again, like driving, dynamic risk management is a vigilance and decision-making.

Dynamic Risk Management Strategies & Tips

All-hazards preparedness

Be ready for anything—that’s the mindset behind all-hazards preparedness. Instead of planning for specific threats, the all-hazards approach encourages you to consider a wide range of possibilities, from fires and floods to cyberattacks and power outages.

At a minimum, this means stocking up on essential supplies like first-aid kits, flashlights, fire extinguishers, and bottled water. Even better, you’ll have an emergency response plan in place—one that’s general and flexible enough to adapt your response to whatever comes your way. While the “best response” won’t be the same for every emergency, an all-hazards approach gives you the tools and training to react quickly and effectively in various situations.

Integrated approach

An integrated approach is the secret to managing dynamic risks in your business. It’s like having a well-oiled machine where all the parts work together seamlessly. By integrating enterprise risk management across people, processes, and platforms, you avoid blind spots. Everyone contributes their expertise to identify and address risks from all angles.

Here are some ways to integrate preparedness across your organization:

• Big-picture thinking: Train teams to be aware of common examples of operational risk and build an organizational risk profile encompassing the full range of potential threats (environmental, human, intentional, unintentional, internal, external, etc.).
• Cross-functional teams: Establish teams with representatives from various departments to brainstorm risks and develop response plans.
• Ongoing communication: Hold regular safety talks and training sessions to inform everyone about risks and procedures.
• Shared risk management platform: Consider using a central platform to document risks, track progress on mitigation efforts, and share information across departments.
• Incentivize collaboration: Recognize and reward teams that work together effectively to identify and address risks.
• Track your success: Collect metrics (such as number of incidents, cost of incidents, downtime, customer satisfaction during disruptions, and industry benchmarks) to measure how well your initiatives reduce risk.

Technology for proactive monitoring and response

Technology can be a game-changer for proactive monitoring and response in dynamic risk assessment. By sharing information during a crisis, you can avoid duplication of effort, optimize your resources, and keep everyone safe and calm when it matters most.

Communication is vital for every organization, especially when employees are dispersed or often in the field. Consider the major bus company Greyhound Lines, for example. They use a two-way messaging platform with multi-channel message delivery—including voice calls, SMS text messages, emails, and more— to instantly reach all employees, whether a driver in Tulsa or a ticketing agent in Seattle.

In dynamic situations where things change by the second, you need a technology that enables a quick response—such as with alerts, real-time data, and automated responses.

• Real-time monitoring: Use AI-vetted signals and analyst-verified alerts to detect emerging risks faster.
• Impact assessment: Visualize which people, locations, and assets are in harm’s way.
• Response workflows: Assign ownership, track status, and document actions.
• Integrated communication: Notify impacted teams instantly through built-in communication tools.
• Historical insights: Review past events to inform future planning and improve risk management practices.

Building a More Proactive, Risk-Informed Organization

In some situations, static risk management plans simply aren’t enough. You need a more proactive and adaptable approach for unforeseen events that erupt at a moment’s notice.

By embracing dynamic risk management, you equip your workforce with the skills to assess situations in real time, identify potential dangers, and take decisive action. This approach fosters a safer work environment and promotes a culture of preparedness.

Imagine adapting to unexpected disruptions and navigating uncertainty with confidence. A dynamic risk assessment empowers you to do just that. It’s the key to protecting your people, managing risk levels, minimizing downtime, and getting your business back on track faster.