What is Risk Management?

Risk management is a method for identifying risks, for developing and implementing programs to first, prevent an accident, loss, or injury and second, to protect the organization. A good risk management program is comprised of four stages:

  1. Assess - identify known risks and anticipate potential risks. Evaluate the situation from all angles. Measure the impact that a given risk will have on the well-being of an individual.

  2. Plan - choose how you will control the risk. Learn more about risk control later in this guide.

  3. Act - implement your plan and see it through.

  4. Monitor - did your plan work? Re-Evaluate your plan’s effectiveness, determine how you can improve it for next time.

Risk control measures involve either preventing losses from happening or reducing the adverse effects of risk. There are essentially three classifications of risk control:

  1. Avoidance - the simplest method of controlling risk. Basically, if there is a known risk of loss involved in an activity, attempt to limit or eliminate that activity. Obviously, using this method of risk control exclusively would severely limit your organization’s operations. Therefore, many times avoidance is not a practical method. It is, however, important to utilize this technique in those circumstances where continuing with the activity presents too many unnecessary high risks.

  2. Reduction - involves practicing either loss prevention or implementing measure to reduce the chance or degree of loss. For example, having strict controls on the number of people who are permitted to attend a dance, limiting the amount of alcohol each person can consume, providing adequate security, etc. The success of this type of process depends upon the willingness of the organization to take on this “policing” role and the willingness of the patrons to accept the types of controls being implemented.

  3. Transfer - refers to contractually transferring legal and financial responsibility for a loss to another party. This transfer is generally accomplished through the use of hold harmless and indemnification clauses or through the use of waivers, releases or disclaimers. Again, the success of this type of control depends upon the willingness of the parties on either side to submit to and accept the process.

Risk financing involves finding ways to deal with paying for those losses that inevitably do occur. There are really only two classifications of risk financing techniques:

  1. Retention - involves all means of generating funds internally to pay for losses (for example, creating a “contingency fund” within a project budget to allow for unforeseen risks).

  2. Transfer - should not be confused with risk control transfer discussed previously and involves all means of generating the funds from an outside organization to pay for losses. The most common and perhaps the most important example of a risk financing transfer is the purchase of insurance.

Regardless of the risk management techniques chosen at any one time, you should be aware that risk management is an ongoing and evolving process. Thus, your risk management program should be monitored and improved to adapt to changes as they occur over time. As you plan and schedule events and activities for your organization, planning ahead and executing your risk management plans will help protect you and your participants, even as new risks arise. Thorough preparation and documentation of your plan is the best defense against negligence.