Activity
A.13 Risk acceptance
Risk Acceptance
Description
Description
Acceptance of residual risks that result from with Risk Treatment has to take place at the level of the executive management of the organization. To this extent, Risk Acceptance concerns the communication of residual risks to the decision makers.
Once accepted, residual risks are considered as risks that the management of the organization knowingly takes. The level and extent of accepted risks comprise one of the major parameters of the Risk Management process. In other words, the higher the accepted residual risks, the less the work involved in managing risks (and inversely).
Risk Acceptance is considered as being an optional process, positioned between Risk Treatment and Risk Communication, since it can be covered by both Risk Treatment and Risk Communication processes.
Organisation
Responsible
Risk Manager
Accountable
Senior Management
Consulted
Risk Owner
Domain Expert
Input/Output
Input data
D78 Evaluated residual risks
D28 Risk treatment decision
Output data
D41 Past risk treatment dec.