Vulnerability Audit
Systematic assessment of organizational vulnerability to extinction by evaluating intrinsic factors (internal weaknesses) and extrinsic factors (environmental threats).
Systematic assessment of organizational vulnerability to extinction by evaluating intrinsic factors (internal weaknesses) and extrinsic factors (environmental threats). Produces risk scores and prioritized mitigation plans.
When to Use Vulnerability Audit
Conduct full audit annually, abbreviated updates quarterly, emergency audit when major environmental shifts occur.
How to Apply
Assemble Audit Team
CEO + CFO (or CEO + lead investor) + 1-2 board members for external perspective. 2-4 hours for initial audit.
Outputs
- Audit team assembled
Gather Data
Revenue breakdown by customer/product/channel, financial statements (3 years), customer concentration metrics, competitive position analysis, regulatory environment scan.
Outputs
- Data package for analysis
Score Intrinsic Vulnerabilities
Rate each factor 1-3 (Low/Moderate/High risk): Specialization (% revenue from single dependency), Leverage and liquidity (debt/equity ratio, months of cash), Adaptive capacity (ability to pivot), Size and redundancy (single points of failure).
Outputs
- Intrinsic score (max 12)
Score Extrinsic Threats
Rate each factor 1-3: Rate of environmental change (speed of competitive/regulatory/tech shifts), Substitution risk (ease of customer switching), Regulatory risk (political/regulatory exposure).
Outputs
- Extrinsic score (max 9)
Plot on Vulnerability Matrix
Combine scores to determine extinction risk level: Extreme (high intrinsic + high extrinsic), High (high on 2+ factors each), Moderate (mixed), Low (low vulnerabilities + low threats).
Outputs
- Overall extinction risk level
- Prioritized mitigation plan with 30/90/180-day actions