• Identify all possible risks and their causes;
• Evaluate each risk to determine its probability, severity and impact;
• Develop plans for managing each identified risk;
• Monitor progress against those plans;
• Review and revise as necessary.
The purpose of a risk management strategy is to help organizations identify, assess and respond to risks. This post focuses only on the negative risks.
What Are the four Common Risk Responses?
There are four typical responses to negative risks: avoid it, transfer it, mitigate it, or accept it.
1. Avoiding risk
An avoidance strategy is an effective method for removing risks from your workplace. For example, you could avoid using a piece of faulty equipment because it isn't necessary. However, if the equipment was critical to production or safety, then this might not be the best solution. In some cases, avoidance strategies aren't appropriate. Instead, companies need to evaluate different solutions to resolve underlying problems.
This approach works well when the risk has a high impact and high probability of happening.
2. Mitigating Risks
Mitigation is the most common risk response, but it's not always feasible or desirable. For example, if you're building a new factory in the earthquake-prone area of California, you would take additional precautions to prevent the structure from being damaged during an earthquake.This approach could be used to mitigate the impact of the risk or to reduce the probability of that risk event happening.
3. Transferring Risks
Transferring risks means moving them somewhere else. This can involve transferring them to another person, organization or system. For example, you might transfer a job responsibility to someone else by delegating it. Or, you might transfer risk to another department or organization by outsourcing it.
Buying insurance is another way to transfer the risk. This approach works well for risks with a low probability of occurring (rare events) but high impacts.
4. Accepting Risks
Acceptance is another option for responding to risks. Acceptance means accepting the reality of a situation. You could simply accept the fact that there are risks associated with specific situations.
If you know there will be a problem, you may decide to accept it and deal with it later. This approach works well when you don't have much time to act. You might choose to accept the risk by delaying repairs until a better time. Or you might simply ignore the issue altogether.
This approach works well when the risk impact is low, and there is no easy choice to address that.