This report presents the business risk taxonomy developed as part of the Cambridge Risk Framework and describes the methodology used. This taxonomy describes the entire threat landscape corporates face, enabling identification of emerging risks and creating a common language for communicating risks.
Identifying these risks involved an extensive historical review of causes of social and economic disruption over the past thousand years, collating other academic and industry risk taxonomies, analysing annual reports, risk registers and corporate fillings, and developing a distress catalouge of corporate failures and near misses. This was augmented with a review of catastrophe catalogues and databases, a precedent review, a study of counter-factual theories.
The Cambridge Taxonomy of Business Risks is organised in a hierarchy of causal similarity, into 6 Primary Classes, 37 Families, and 170 Risk Types. The structure can be further subdivided into more granular types as required.
These risks are generally recognised by risk managers and analysts but they are not well understood. The field currently suffers from confusion of definition. This report summarises the wide range of terminology in use and proposes a standardisation of risk terminology in the field.