Risk Intelligence
Research to understand the risks surrounding your business. Seeks to uncover unknown unknowns.Risk Identification
The process of identifying business risk. This may involve everyone in your organization as all stakeholders in a strategy are typically given an opportunity to identify risk.Risk Analysis
Developing an understanding of identified risks including factors such as probability, impact and moment of risk.Risk Probability
An estimate of the probability that a risk will occur.Risk Impact
An estimate of the cost and other impacts if a risk does occur.Moment of Risk
An analysis of the likely timing of a risk.Risk Triggers
Conditions that cause a risk to become more probable.Risk Exposure
The probable losses associated with a risk or set of risks. Typically calculated as probability × impact.Risk Estimates
Estimates of risk probability, impact, timing and exposure for a set of risks.Calculated Risk
Taking a risk after full risk management due diligence including risk intelligence, identification, analysis and treatment.Risk Tolerance
The willingness of an organization, project or individual to accept risk. There is a relationship between risk and reward. Generally speaking, the more calculated risks you take, the more likely you are to enjoy rewards. However, risk can also lead to painful losses that may not be appropriate for an organization or individual.Risk-Reward Ratio
An estimate of both the risks and rewards of an action expressed as a ratio.Cone of Uncertainty
The tendency for uncertainty and risk to decrease as you make progress on a strategy or project. For example, the construction of a bridge may see large declines in risk exposure after its foundations are constructed on time and on budget.Probability-Impact Matrix
A common way to represent the probability and impact of a risk as a matrix.Risk Register
A database or list of risks.Risk Treatment
An action that is taken to manage an identified risk such as risk avoidance, acceptance, mitigation, transfer and sharing.Risk Avoidance
Changing your plans to avoid a risk.Risk Acceptance
The formal decision to take a risk.Risk Mitigation
Actions that reduce the probability and/or impact of a risk.Risk Transfer
Transferring a risk to a 3rd party. For example, fire insurance.Risk Sharing
Sharing a risk internally. For example, pooling resources to share the risk that a single resource will fail.Risk Contingency
A plan for how you will manage a risk that actually occurs. At this point, the risk becomes an incident or issue.Business As Usual
The process of continuing your regular business processes in a highly unstable and risky situation such as a war, disaster or acquisition of your firm.Residual Risk
The risk that remains after your efforts to treat risk.Secondary Risk
Risks that are caused by your efforts to treat risk.Positive Risk
The risk of unexpected gains. This may be managed as part of risk management. A positive risk is very different from a regular risk as they are opportunities as opposed to losses. For example, a project may manage the positive risk that a task will be completed early by making plans to reallocate resources if this occurs.Extreme Value Theory
Math that deals with unlikely probabilities. It is common to manage risks that are very low probability but very high impact such as the risk of a disaster.Risk Management Plan
A plan to treat a set of identified risks. Includes a risk analysis and risk treatment plan. Stakeholders who sign-off on a risk management plan are accepting the residual and secondary risks identified by the plan.Risk Monitoring
The process of monitoring identified risks and risk treatment efforts.Risk Communication
The process of communicating risk information such as current risk exposure levels.Resilience
The design of nations, communities, organizations, infrastructure, facilities, systems, processes, environments, machines and tools to be highly resilient to stresses. A resilient design can vastly reduce risk and simply risk management.Overview: Business Risk Management | ||
Type | ||
Definition | The ongoing process of identifying and controlling business risk | |
Related Concepts |