BY: Aseem Kumar

Mitigation includes reduction of the likelihood that a risk event will occur and/or reduction of the effect of a risk event if it does occur. Forecasting possible problems that might arise in future and finding ways to prevent it from occurring. Ensures smooth functioning of day to day business. Makes sure process is completed by sticking to quality and compliance.

Characterize the root causes of risks that have been identified and quantified in earlier phases of the risk management process. Evaluate risk common causes. Identify alternative mitigation strategies, methods, and tools for each major risk. Assess and prioritize mitigation alternatives. Select and commit the resources required for specific risk mitigation alternatives.

Risk Assumption: To accept the potential risk and continue operating and/or to implement controls to lower the risk to an acceptable level. Risk Avoidance: To avoid the risk by eliminating the risk cause or consequence. Risk Limitation: To limit the risk by implementing controls that minimize the adverse impact of a threats exercising a vulnerability.

Risk Planning: To manage risk by developing a mitigation plan that prioritizes, implements and maintains controls. Research And Acknowledgement: To lower the risk of loss by acknowledging the vulnerability or flaw and researching controls to correct the vulnerability. Risk Transference: To transfer the risk by using other options to compensate for the loss.

If a project is determined to have a low level of uncertainty then the optimal policy is to proceed in order to increase the present value of the project by completing it as soon as possible and thereby obtaining its benefits sooner. For projects with high risks a flexible decision making approach may be more successful.

Such type of risks must be mitigated by reducing impact or likelihood or both. Both risk mitigation and planning are not cost free in such cases. To lower the likelihood of such types of risk it is necessary to identify specific risk mitigation activities.

If we wish to reduce the probability of the risk that is affecting business and wish to limit the impact of the risk if it occurs. This can be done through risk avoidance i.e. avoiding doing things that could lead to problem occurring.

There are inevitably some risks that can neither be eliminated nor reduce to an acceptable level. For these one can only mitigate those risks by accessing what might happen as a result of the problem and reducing their impact . An important part of impact reduction is the early detection of problem At this very stage risk transfer can be carried out at this very stage.

A contingency plan is a impact reduction measure. It describes in detail what action should be taken if a particular problem occurs. Plan is required when a risk of high chance of happening is identified which has high impact.

It helps management to reduce mission when feasible. It helps managers balance the operational economic costs of protective measures achieve gains in mission capability protecting the agency systems and data support their missions.

risk and and by that