Risk management is the detection, evaluation and assigning priorities to risk prior to organized and cost-effective implementation of resources to lessen, track and regulate the possibility and/or affect of untoward incidents. Risks can be generated by project failures, credit risk, legal obligations, insecurity in financial markets, mishaps, natural calamities and intentional attacks from an opponent. Various risk management benchmarks have been formulated such as the National Institute of Science and Technology, the Project Management Institute, ISO standards and actuarial societies. The explanations, techniques and objectives differ broadly in relation to whether the risk management technique is in the perspective of security, project management, industrial procedures, engineering, actuarial evaluations, financial portfolios and public health and safety.
Primarily, these tactics comprise the following factors, carried out, essentially in the following sequence:
* Detect, typify and evaluate risks
* Evaluate the susceptibility of vital assets to particular risks
* Ascertain the risk (the anticipated outcomes of particular forms of attacks on particular assets)
* Recognize means to minimize those risks
* Assign a priority to the risk minimization steps on the basis of a plan
The plans to handle risk consist of the process of transfer of risk to another party, risk avoidance, minimizing the harmful impact of the risk and acknowledging some or all the effects of a specific risk.
Methods of Risk Treatment
Following are the methods of risk treatment:
* Risk avoidance (elimination)
* Risk reduction (mitigation)
* Risk transfer (outsourcing or insuring)
* Risk retention (acknowledge and budget)
Domains of Risk Management
Following are the prominent areas of risk management:
* Enterprise risk management (ERM)
* Project management
Check : http://en.wikipedia.org/wiki/Risk_management
Comments