What are the four responses to risk?
Management can choose to either accept risk, reduce it, or share it, or avoid it all together subsequent to risk assessment.
Risk acceptance – If the organization elects to assume all of the risk (i.e. they choose not to do anything).
Risk reduction – If the organization implements controls that mitigate the risk of a specific activity.
Risk sharing – If the organization shares the risk with another organization (e.g. insurance).
Risk avoidance – If the organization elects not to engage in an activity at all (i.e. they exist the business altogether).
Back To All Questions