home

Enterprise Risk Management

response

Response

The purpose of risk response is to determine how to modify or manage the risk or opportunity. Risk response is a cyclical process of assessing the response, determining whether residual risk levels (after response) are acceptable, developing a new response if necessary, and assessing the response again. There are several standard options for risk response, but they are not mutually exclusive; they can be used in combination. A decision can be to not respond to the risk or opportunity other than maintaining existing management or control activities.

Risk response typically includes one or more of the following actions:

  1. Avoiding the risk (e.g., by changing or ceasing certain behaviors, activities, or programs)
  2. Mitigating the impact or likelihood of the risk through methods such as implementation of pre-loss planning, allocation of additional resources, changes to policy or procedure, education and training, operational controls or changes, organizational changes, monitoring, executive controls, or audit controls
  3. Transferring the risk to an outside entity or mitigating through contractual transfer
  4. Accepting the risk – no action is  taken to affect the likelihood of the risk occurring or the impact of the risk because the results of a negative outcome are acceptable within existing operating parameters and the institution’s risk tolerance
  5. Financially funding the risk through commercial insurance, captive insurance, self-funded reserves, or budget contingencies.

Opportunity response typically involves one or more of the following actions:

  1. Enhancing the opportunity by seeking to increase the probability and/or the impact of the opportunity in order to maximize the benefit to the project.
  2. Exploiting the opportunity by seeking to make the opportunity definitely happen (i.e. increase probability to 100%). Aggressive measures are taken which seek to ensure that the benefits from this opportunity are realized by the project.
  3. Ignoring the opportunity by taking no active measures to deal with the opportunity; adopting a reactive approach without taking explicit actions.
  4. Sharing or transferring the opportunity by seeking a partner able to manage the opportunity that can maximize the chance of it happening and/or increase the potential benefits. This will involve sharing any upside in the same way as transfer involves passing penalties.

Last modified June 20 2012 12:52 PM

Contact UVM © 2013 The University of Vermont - Burlington, VT 05405 - (802) 656-3131