It's hard to give a complete answer to this question without knowing what type of risk you are trying to assess. Are you talking about quantitative risk, health risk, operational risk?
In general, a risk assessment follows these steps:
1) Identify the potential risks that you might face. Brainstorm about the issues and problems that you could face, and make a list.
2) Determine the potential impact of these risks (i.e. how much would you lose if this happened?). These risks or negative outcomes are sometimes referred to as "loss statements."
3) Assign a probability rating to each risk. How likely it is to occur? What information do you have (or not) on each risk? How much can each risk impact you (or your business or whatever entity you are assessing)?
4) How can you mitigate or manage these risks? Make sure you understand how each risk will impact you and what you can do to minimize the likelihood of this happening and the impact.
5) Implement your plan and review regularly.
I hope this helps. A lot will depend on your goals and what type of risk you are trying to manage.