Executive Summary
The ability to collect adverse events and make decisions to foster improvement is the cornerstone of any Compliance Management system. Whether you are recording complaints, adverse events, audit data, or nonconformances, the process of collecting data, investigating the root cause, and taking steps to correct it is consistent.

As organizations grow in size and complexity, the concept of maintaining an acceptable level of compliance becomes strained. Companies are looking for new ways to benchmark their compliance and keep up with the pace of business. Risk Management is becoming that benchmark; it is a systematic means by which companies are able to identify hazards, assess and measure the risk of those hazards, and take proportionate action based on the risk. Risk is so powerful in that it provides a common method for measuring all types of adverse events and hazards within your organization. You are able to perform risk assessments on the adverse events, and make more consistent and informed decisions based on the risk.

However, what if your organization does encounter that many adverse events, or events that warrant the level of criticality that would be considered high risk? Most Risk tools work best when you have adverse events occurring frequently, so that you are able to use historical reference to calculate where your top risks are. But what if your business has significant potential for undesired events, but little or no data to support how you would handle the risk of that event?