3 . Managed : Area where the risk is neither negligible nor unacceptable . This is where effort is taken to make the risk “ as low as reasonably practical ” ( ALARP ), aligning the risk reduction costs with the benefits .
Negligible risks can simply be accepted . Unacceptable risks are to be avoided at all costs , though in some cases it is decided they can never happen , so when they do it is a surprise . This is one area where resilience and systems theory come into play .
Managed risks are those which are expected to occur and for which techniques can be used to mitigate , transfer or eliminate them .
Organizations often use a risk matrix to categorize risks and to prioritize which managed risks to address . This can be based on quantitative or qualitative evaluations of frequency and consequence . The matrix generally looks like the following ( with varying numbers of rows and columns , and sometimes quantitative measures on the axes ):
Probability
Harm severity
Negligible Marginal Critical Catastrophic
Certain High High
Very high
Very high
Likely Medium High High Very high
Possible Low Medium High Very high
Unlikely Low Medium Medium High
Rare Low Low Medium Medium
Eliminated
Eliminated
Figure 2-2 : Risk matrix . ( Source : Wikipedia . 13 )
13
Image : Wikipedia contributors ( 2021 , November 5 ). In Wikipedia , The Free Encyclopedia . Retrieved 14:13 , April 25 , 2022 .
22 July 2022