What then is risk management? Myriad definitions exist but suffice it to say it involves identifying a risk, understanding it and its implications, and doing something about it—either to lessen the likelihood of the event occurring or its impact, or making it go away altogether.
Importantly, it's not about reacting to a problem after it occurs. There's a good example of how one organization is moving from a reactionary mode to instituting risk management—perhaps surprisingly, it comes from the federal government.
In December 2010 the U.S. House of Representatives passed a bill, expected to be signed by the President, to make the nation's food supply safer. It was in reaction to illness and deaths among the American public from such foodborne diseases as salmonella from eggs and peanuts and E. coli from spinach. According to surrounding media reports, here's what the law will change: