The Risk Management Guide Risk Guide RSS Feed


Identify suitable responses to risk

The actions break into broadly five types, as shown below.

  1. Prevention
    Terminate the risk − by doing things differently and thus removing the risk, where it is feasible to do so. Countermeasures are put in place that either stop the threat or problem from occurring or prevent it having any impact on the project or business.
  2. Reduction
    Treat the risk − take action to control it in some way where the actions either reduce the likelihood of the risk developing or limit the impact on the project to acceptable levels.
  3. Transference
    This is a specialist form of risk reduction where the management of the risk is passed to a third party via, for instance, an insurance policy or penalty clause, such that the impact of the risk is no longer an issue for the health of the project. Not all risks can be transferred in this way.
  4. Acceptance
    Tolerate the risk − perhaps because nothing can be done at a reasonable cost to mitigate it or the likelihood and impact of the risk occurring are at an acceptable level.
  5. Contingency
    These are actions planned and organised to come into force as and when the risk occurs.

Any given risk could have appropriate actions in any or all these categories.

There may be no cost-effective actions available to deal with a risk, in which case the risk must be accepted or the justification for the project revisited (to review whether the project is too risky), possibly resulting in the termination of the project.

The results of the risk evaluation activities are documented in the Risk Log.

If the project is part of a programme, project risks should be examined for any impact on the programme (and vice versa).

Where any cross-impact is found, the risk should be added to the other Risk Log.

© RuleWorks - All Rights Reserved - Policy - - Sitemap