Risk Strategy (Definition)

The choice a company makes for dealing with a specific risk.

The main Risk Strategies are:

  1. Risk Avoidance. Choosing to discontinue or not undertake an operation to avoid the risks involved. (e.g. closing or not opening a branch in a dangerous location.)
  2. Risk Mitigation or Risk Reduction. Taking steps to reduce the probability or impact of a risk.
  3. Risk Transfer. Shifting the risk to another organization by taking out insurance, or sub-contracting an activity to another organziation.
  4. Risk Acceptance. Recognizing the risk but choosing not to take any specific action to control or reduce it. Self-insurance, where a company chooses to pay for losses itself rather than take out insurance, is a form of risk acceptance.

See also:

If you are an industry professional, consider subscribing to the free Risky Thinking Newsletter for articles, insights, and commentary on risk, business continuity, and security. It's low volume: we don't send out the newsletter unless there is something interesting to say!

Errors or Omissions? Contact us and let us know!