Management Guide

management   »  risk management   »  how to control risk

How to Control Risk

        posted by , March 28, 2013

The fishermen know that the sea is dangerous and the storm terrible, but they have never found these dangers sufficient reason for remaining ashore.
~ Vincent van Gogh
Risk is celebrated as the audacious basis for business growth. The idea of "controlling risk" sounds conservative and careful. Something a control freak might do.

Controlling risk isn't as bad as it sounds. Risks aren't necessarily eliminated or minimized. Risk management aims to accept risks that make sense and reduce risks where possible.

The process of controlling risk begins with identifying a list of risks and assessing the probability and impact of each risk. Controls are identified and implemented for each risk.

There are 4 types of risk control:

1. Accept Risk

The stakeholders who are responsible for a risk can choose to accept a risk. For example, the risk that a project may fail may be accepted if the project is of strategic importance.

Risk management may include an approval process for risk acceptance.

2. Mitigate Risk

Actions are taken to reduce risk to an acceptable level. For example, the organization assigns a top performing project management team to a project to reduce the risk that it will fail.

The risk that remains after mitigation is known as residual risk. Residual risks are also controlled (accepted, mitigated, eliminated or transfered).

Secondary Risks

When you mitigate risks it's important to consider secondary risks. Secondary risks are the risks that are caused by your risk mitigation efforts. If you reduce a security risk by applying an update to software — there's a risk that the update itself contains security vulnerabilities. In some cases, mitigation activities are higher risk than the risk they reduce.

3. Eliminate Risk

A risk may be reduced to zero. Normally the only way to accomplish this is to cease the activity that generates the risk. For example, selling a risky investment will eliminate the risks associated with that investment.

4. Transfer Risk

A risk may be transfered to another organization or individual. For example, fire insurance transfers the risk of asset damage due to fire.

The Dark Side of Risk Transfer: Counterparty Risk

It's important to consider counterparty risks when transferring a risk. A counterparty risk is the risk you get back when you transfer a risk. This often takes the form of the risk that a counterparty will fail to meet its legal obligations to you. For example,an insurance company may go bankrupt after a major flood and fail to meet its financial obligations.

3 Shares Google Twitter Facebook

Related Articles

Risk Management
The identification, prioritization and control of business risk.

Growing, sustaining, communicating and using knowledge.

A guide to risk management.

The identification, prioritization and control of business risk.

You will respect my authority! You will read this article!

Recently on Simplicable

Corporate Language As A Strategy

posted by Anna Mar
Joining a new firm is often a bit of a language challenge.

Reverse Logistics Explained

posted by Anna Mar
How to handle returns, surpluses, trade-ins and disposals in a supply chain.

13 Examples Of The Pareto Principle

posted by Anna Mar
Why 80% of success is showing up.

Sanity As A Management Strategy

posted by Anna Mar
Think back to the last big mistake your organization made — what could have prevented it?


about     contact     sitemap     privacy     terms of service     copyright