The Risk Management Umbrella

August 11, 2012

in Manage Risk

Risk management is a process of determining what factors you control and what factors you don’t control, and then maximizing your exposure to the things you control and minimizing your exposure to the things you don’t control.

Contingency planning is a process of assessing how an event can impact functions in your life and how to prepare for the consequences of that impact. Risk management planning can be used to protect a variety of infrastructure, systems, functions, status and more. It can also be used to analyze the potential impact of positive events and attempt to maximize the gain derived from them.


  • Risk Assessment – the process of figuring out what threats exist, what weaknesses there are in your defenses against threats, and balancing these two to determine how likely they are to combine to allow damage to the functions you are trying to protect. This is your risk status.
    For positive events, analzye opportunities instead of threats, capabilities to take advantage of opportunities, and balance how they combine to maximize gain.
  • Risk Response – the process of setting up protective functions and processes (controls) that can prevent damage from being done and also protective functions and processes (controls) that will help minimize the damage and recover from the damage after the fact.
    For positive events, the controls are oriented toward allowing the maximization of gain instead of prevention of damage.
  • Risk Monitoring – the process of maintaining an awareness of the status of threats, of weaknesses, and of how effective you can expect your defensive controls to be at preventing and minimizing damage.
    For positive events, the monitoring will focus on opportunities instead of threats, your capability to maximize gains, and how effective you can expect your controls to be in aiding the maximization.

Contingency Plan
Making a Contingency Plan
Assess Risk

Previous post:

Next post: