Treating risks

Risk treatment involves working through options to treat unacceptable risks to your business. Unacceptable risks range in severity; some require immediate treatment, others can be monitored and treated later.

Before you decide which risks to treat, you need to gather information about the:

  • method of treatment
  • people responsible for treatment
  • costs involved
  • benefits of treatment
  • likelihood of success
  • ways to measure and assess treatments.

Once you decide how to treat identified risks you will need to develop, and regularly review, your risk management plan.

The following are different options for treating risk.

Avoid the risk

You may decide not to proceed with the activity likely to generate the risk, where practical. Alternatively, you may think of another way to reach the same outcome.

Reduce the risk

You can control a risk by:

  • reducing the likelihood of the risk occurring – for example, through quality control processes, managing debtors, auditing, compliance with legislation, staff training, regular maintenance or a change in procedures
  • reducing the impact if the risk occurs – for example, through emergency procedures, off-site data backup, minimising exposure to sources of risk or public relations.

Transfer the risk

You may be able to shift some or all of the responsibility for the risk to another party through insurance, outsourcing, joint ventures or partnerships.

Accept the risk

You may accept a risk if it cannot be avoided, reduced or transferred. However, you will need to have plans for managing and funding the consequences of the risk if it occurs.

Also consider...