Risk Mitigation is the effort to
reduce the risk impact and lessen the likeliness of it occurring again. Within Risk Mitigation Strategies are four
tenets that are unique to Disaster Recovery and continuity of business: Risk
Acceptance, Risk Avoidance, Risk Limitation, and Risk Transference. A company should choose one that is tailored
to their business needs and profile. This ongoing effort includes front-end
planning risk that are to be mitigated. A
Risk Mitigation plan should consist of a number of things: identify the root
cause of risks, select resources specific to risk mitigation, identify
alternatives, assess layers of mitigation alternatives, evaluate risks, and
communicate results based on findings to all parties.
of risks that on a grand scale are acceptable and on the other
intolerable. This does not reduce its
effects by one instance. Considered a
common option when matched against avoidance or limitations when it clearly
outweighs the risk itself. A company may
use risk acceptance if they are out to save company funds and the likelihood of
risks occurring again are minimal. A few
examples of risk acceptance are Investing (low level of risk), Insurance,
Derivatives, Projects, and Business Equity.
elimination of risks by altering the parameters set forth. The risk is altered
so much that the value changes to either a reduced state or somewhat acceptable
value. Be careful not to avoid one risk
and be bombarded by an unknown greater risk. Risk avoidance is quantitative in
nature. A quantitative risk assessment will
assess the change made is worth the cost differential. Considered the most expensive strategy and
underutilized because no one wants to accept certain risks.
Limitation. Most common strategy used among
businesses. This limits exposure to risks by leveraging some sort of action. It
combines both risk avoidance and acceptance. Companies that have properly
planned and evaluated for unexpected losses and have taken the steps to reduce
its impact. An example would be
identifying alternate locations for a brief that was to be given if the
original site was no longer available. Hindering the original location but not
the entire plan for the brief to be given. Risk limitation should be built in stages,
tailored to one’s own experiences. One
would never fail if he/she has multiple avenues to exhaust.
Risk Transference. Shifting risk to a willing third party. There are many companies out there who would
rather have another company deal with certain operations that is either foreign
to them or who is able to take on said risks. This can be payroll services or simply
customer service for IT needs. It also
allows the company to shift more focus on other important things.