Risk management can also be thought of as handling risk. Remembering that risk management is not risk elimination is important. A business that is unwilling to take any risks doesn’t stay in business for long because the cost to eliminate all risks would consume all the profits.
The ultimate goal of risk management is to protect the organization. It helps ensure a business can continue to operate and earn a profit. Risk management includes several steps:
- Identifying risks
- Assessing risks
- Determining which risks will be handled and which risks will be accepted
- Taking steps to reduce risks to an acceptable level
A risk can be avoided, shared or transferred, mitigated, or accepted. Each of these techniques is explained ...
Get Managing Risk in Information Systems, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.