Understanding types of risk
Risk and opportunity are two sides of the same coin. As such, it is inevitable that an organization that is looking to expand into new territories and harness the presented opportunities will encounter risks. The goal of a risk practitioner is to manage this risk so that an organization can continue to leverage these opportunities while balancing risk.
There are three types of risks that a risk practitioner should be aware of – inherent risk, residual risk, and current risk. Let us review each of these in detail:
- Inherent risk: The level of risk present without considering the actions or controls that will be implemented. This is the risk that is ever-present and is specifically not avoided.
- Residual risk: The level of risk after implementing the controls is considered residual risk. Residual risk is calculated by subtracting the effectiveness of control from the inherent risk. Residual Risk = Inherent Risk – Implemented Controls...