Activity
A.12 Identification of residual risks
Risk Treatment
Description
Description
Residual risk is a risk that remains after Risk Management options have been identified and action plans have been implemented. It also includes all initially unidentified risks as well as all risks previously identified and evaluated but not designated for treatment at that time.
It is important for the organizations management and all other decision makers to be well informed about the nature and extent of the residual risk. For this purpose, residual risks should always be documented and subjected to regular monitor-and-review procedures.
Organisation
Responsible
Risk Owner
Accountable
Risk Manager
Consulted
Domain Expert
Informed
Senior Management
Internal Audit
Input/Output
Input data
D83 Internal stakeh. events
Output data
D78 Evaluated residual risks