Risk Mitigation

Risk Management Process

Establishing Context: This includes an understanding of the current conditions in which the organization operates on an internal, external and risk management context. 

Identifying Risks: This includes the documentation of the material threats to the organization's achievement of its objectives and the representation of areas that the organization may exploit for competitive advantage. 

Analysing/Quantifying Risks: This includes the calibration and, if possible, creation of probability distributions of outcomes for each material risk. 

Integrating Risks: This includes the aggregation of all risk distributions, reflecting correlations and portfolio effects, and the formulation of the results in terms of impact on the organization's key performance metrics.

Assessing/Prioritizing Risks: This includes the determination of the contribution of each risk to the aggregate risk profile, and appropriate prioritization 

Treating/Exploiting Risks: This includes the developm strategies for controlling and exploiting the various risks. 

Monitoring and Reviewing: This includes the continual measurement and monitoring of the risk environment and the performance of the risk management strategies.

Source: BCAS Publication

Types of business risks

Understanding Types of Risks