Identify suitable responses to risk

The actions break into broadly five types, as shown below.

1. Prevention
   Terminate the risk − by doing things differently and thus removing the risk, where it is feasible to do so. Countermeasures are put in place that either stop the threat or problem from occurring or prevent it having any impact on the project or business.
2. Reduction
   Treat the risk − take action to control it in some way where the actions either reduce the likelihood of the risk developing or limit the impact on the project to acceptable levels.
3. Transference
   This is a specialist form of risk reduction where the management of the risk is passed to a third party via, for instance, an insurance policy or penalty clause, such that the impact of the risk is no longer an issue for the health of the project. Not all risks can be transferred in this way.
4. Acceptance
   Tolerate the risk − perhaps because nothing can be done at a reasonable cost to mitigate it or the likelihood and impact of the risk occurring are at an acceptable level.
5. Contingency
   These are actions planned and organised to come into force as and when the risk occurs.