# Risk Rating & Matrix
Understanding how **Matrix Risk**, **Exposure**, **Inherent Risk**, and **Residual Risk** work together helps teams perform more accurate assessments, explain results consistently, and support audit readiness.
When managing safety on our platform, risk is not treated as a single arbitrary number. Instead, it is broken down into clear, logical layers that separate the raw hazard from the realities of your operating environment.
At a high level, the framework works like this:
1. **Matrix Risk** defines the potential threat.
2. **Exposure** scales the threat to a higher risk.
3. **Inherent Risk** becomes the baseline score for your real-world context.
4. **Residual Risk** reflects the final score after active safety controls are taken into account.
{% hint style="info" %}
[**MATRIX RISK**](#id-1.-matrix-risk) = SEVERITY + FREQUENCY
**ANALYSIS/EVALUATION** = SEVERITY + (FREQUENCY + [EXPOSURE](#id-2.-exposure))
{% endhint %}
### Risk Terminology
**A useful way to think about the framework is:**
* **Matrix Risk** asks: *How dangerous is this hazard by nature?*
* **Exposure** asks: *How much of our operation is vulnerable to it?*
* **Inherent Risk** asks: *What is the baseline risk in this environment before controls?*
* **Residual Risk** asks: *What is our actual risk level with defences in place?*
{% hint style="info" %}
Each term answers a different question, which is why all four matter.
{% endhint %}
### In Depth
#### 1. Matrix Risk
**What is Matrix Risk?**\
Matrix Risk is the direct result of plotting **Consequence Severity** against **Probability / Frequency** on the visual 2D risk matrix.
This is the platform’s representation of the **potential threat** in its rawest form.
**What does Matrix Risk capture?** \
Matrix Risk provides a quick, standardised way to classify the hazard itself using a visual category, such as:
* Critical/Catastrophic
* High/Hazardous
* Medium/Major
* Minor/Minor
* Acceptable/Negligible
**What Matrix Risk does not include**\
Matrix Risk intentionally ignores operational context (exposure). It does not account for:
* Operation size
* Assets involved
* Physical footprint
* Operational scope
* Active safeguards or controls
**Why Matrix Risk matters**\
Matrix Risk gives teams a consistent starting point for classifying hazards. Two identical hazards with the same severity and frequency should produce the same Matrix Risk regardless of where they occur.
{% hint style="info" %}
The Matrix Risk is valuable for standardisation, reporting, and early hazard review.
{% endhint %}
***
#### 2. Exposure
**What it Exposure?** \
Exposure measures how much of your operation is vulnerable to the hazard.
It represents the scale or reach of the threat within your real-world environment, from more limited conditions such as **Restricted** through to broader conditions such as **Widespread** or **Extensive**.
**Why Exposure matters** \
The same hazard can create very different operational risk depending on how broadly it can affect people, assets, or facilities.
For example, a hazard contained within a locked server room is very different from the same hazard having the potential to affect an entire offshore platform. Even if the Matrix Risk is identical, the operational impact is not.
**How Exposure works in SONAR**\
Exposure is captured through setup or questionnaire fields and applied behind the scenes to scale the risk appropriately.
{% hint style="info" %}
**Exposure does not replace Matrix Risk.** Instead, it adjusts the inherent risk into something more meaningful for your specific environment.
{% endhint %}
***
#### 3. Inherent Risk
**What is Inherent Risk?** \
Inherent Risk is the weighted baseline risk score before any controls are credited. It is calculated by taking the hazard’s **Matrix Risk** and adjusting it using **Exposure**.
**What Inherent Risk represents** \
Inherent Risk is your true unmitigated baseline for the actual operating context. While Matrix Risk tells you how dangerous the hazard is in principle, Inherent Risk tells you what that hazard means for your environment before defences are applied.
**Why Inherent Risk matters** \
Inherent Risk is often the most useful pre-control figure in the framework because it reflects real-world footprint rather than just abstract hazard classification.
Two hazards can occupy the same position on the matrix and still produce different Inherent Risk scores if their exposure differs.
For example, a hazard rated as **Catastrophic** and **Remote** may always show the same Matrix Risk tier on the visual grid, but the Inherent Risk can still change depending on whether the exposure is **Restricted** or **Widespread**.
{% hint style="info" %}
The visual classification may stay the same while the baseline score becomes more or less severe in practice.
{% endhint %}
***
#### 4. Residual Risk
**What is Residual Risk?** \
Residual Risk is the final real-world score after active safety controls are applied. It reflects the level of risk your team is actually operating with once existing protections are taken into account.
**How Residual Risk works** \
After the system calculates Inherent Risk, it evaluates active defences using the **19-point** [**Bowtie**](/sonar/safety-management/bow-ties.md) **Control Questionnaire**.
Controls such as the following can reduce the baseline score:
* engineered barriers
* training programs
* physical safeguards
* operational controls and protections
Each active and qualifying measure contributes a mathematical reduction to the Inherent Risk, resulting in the Residual Risk.
**Why Residual Risk matters** \
Residual Risk is the score most closely aligned to the current operating reality. It helps teams understand whether controls are effectively reducing risk and whether further action is needed.
{% hint style="info" %}
Residual Risk is highly valuable for audit conversations because it demonstrates not only what the underlying hazard is, but how the organisation is actively managing it.
{% endhint %}
***
### What makes SONAR's Risk structure useful
**Breaking risk into these layers helps prevent common misunderstandings.**
Without this structure, teams may:
* Confuse a visually severe hazard with a high operational risk in every setting
* Overlook the importance of the footprint and scope
* Fail to distinguish between baseline and defended risk
* Struggle to explain why controls materially change the final score
{% hint style="info" %}
By separating the raw hazard, the operational footprint, the baseline score, and the defended score, the platform creates a more transparent and auditable risk model.
{% endhint %}
***
### Summary
**SONAR's risk framework is designed to move from abstract hazard classification to real-world operational understanding.**
* **Matrix Risk** gives a visual rating for the raw hazard
* **Exposure** scales that hazard to the size and vulnerability of your operation
* **Inherent Risk** produces the baseline score before controls
* **Residual Risk** reflects the final defended state after safety measures are applied
{% hint style="info" %}
Together, these four layers provide a structured and defensible approach to risk assessment that supports both day-to-day safety management and formal audit readiness.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://everyday-digital.gitbook.io/sonar/safety-management/risk-rating-and-matrix.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.