24. Risk Treatment

Risk Treatment

Risk treatment involves making decisions about the best actions to take regarding the identified and prioritized risk.

Avoidance

Risk avoidance is the attempt to eliminate the risk entirely.

This could include ceasing operation for some or all of the activities of the organization that leave it exposed to a particular risk.

Leadership may choose risk avoidance if the potential impact of a given risk is too high or if the likelihood of the risk being realized is simply too great.

Acceptance

Risk acceptance is taking no action to reduce the likelihood of a risk occurring.

Management may opt to conduct the business function associated with the risk without any further action on the part of the organization, either because the impact or likelihood of occurrence is negligible or because the benefit is more than enough to offset that risk.

Mitigation

Risk mitigation involves taking proactive steps to either stop a problem from happening or to make it less painful if it does.

Using tools like rules, locks, and safety checks, you are lowering the stakes.

Since you can never eliminate every single danger in life or business, mitigation is about being as prepared as possible so that a bad day does not turn into a total disaster.

Transfer

Risk transference is the practice of passing the risk to another party who will accept the financial impact of the harm resulting from a risk being realized in exchange for payment.

Typically, this is done through an insurance policy.