Definition[]
Risk treatment
| “ | can involve: (i) avoiding the risk by deciding not to start or continue with the activity that gave rise to the risk; (ii) taking or increasing risk in order to pursue an opportunity; (iii) removing the risk source; (iv) changing the likelihood; (v) changing the consequences; (vi) sharing the risk with another party or parties (including contracts and risk financing); and (vii) retaining the risks by informed decision.[1] | ” |
Overview[]
Risk treatments that deal with negative consequences are sometime referred to as risk mitigation, risk elimination, risk prevention, or risk reduction. Risk treatment can create new risks or modify existing risks.[2]
References[]
- ↑ NIST Special Publication 800-160, at B-9.
- ↑ Id.