Example of risk management : A NASA model showing areas at high risk from impact for the International Space Station. Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives , whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events [ 1 ] or to maximize the realization of opportunities. Risks can come from uncertainty in financial markets, project failures (at any phase in design, development, production, or sustainment life-cycles), legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attack from an adversary, or events of uncertain or unpredictable root-cause .
By: ERM Initiative Faculty and Amy Claus, 2010 Master of Accounting Student The cover stories in the October 2009 issue of Harvard Business Review focus on the current state of risk oversight.
When you hear the word “risk”, do you run away in panic believing it’s something that should be avoided at all costs; something that if you ignore, simply goes away?