Risk mitigation

Risk mitigation is defined as taking steps to reduce adverse effects. There are four types of risk mitigation strategies that hold unique to Business Continuity and Disaster Recovery. It's important to develop a strategy that closely relates to and matches your company's profile.[1]

A systematic reduction in the extent of exposure to a risk and/or the likelihood of its occurrence. Also called risk reduction. [2]

Risk mitigation is a risk response strategy that reduces the probability of risk occurrence or its impact. Positive risks are called Opportunities. Negative risks called Threats. Data security concentrates mostly on Negative Risks, blocking opportunities through enhanced security. There are 4 strategies for Negative Risks: 1. Avoid: Eliminate the risk completely. 2. Transfer: Transfer the impact of the risk to a third party. 3. Mitigate: Reduce the probability of occurrence or impact of a risk. 4. Accept: Acknowledge the risk but not any action unless the risk occurs.

There are 4 strategies for Positive Risks: 1. Exploit: A risk with positive impact for an opportunity is realized. 2. Enhance: Increase the probability of positive impact of an opportunity. 3. Share: Allocating the ownership of an opportunity to a third party. 4. Accept: Take advantage of the Risk if it arise, but not actively pursue it [3]