Skip to main content

Residual Risks and Secondary Risks

Residual risk is the level of risk that remains after all possible measures have been taken to mitigate or eliminate a particular risk.

It is the risk that an event will still occur despite the implementation of risk management controls or strategies.

Residual risk example in banking:

  • Inability to clear debt
  • Risk of a loan applicant losing their job
  • Guarantor's refusal or delay to pay
Here are some steps organizations can take to address residual risk:

  • Identify requirements: Determine relevant governance, risk, and compliance requirements.
  • Evaluate controls: Assess the strengths and weaknesses of the organization's control framework.
  • Acknowledge risks: Recognize existing risks.
  • Define risk appetite: Determine the organization's risk tolerance level.
  • Implement recovery strategies: Conduct recovery exercises that are realistic and rigorous.
  • Transfer risk: Shift the potential loss from an adverse outcome to a third party, such as through purchasing insurance.
  • Accept risk: Accept responsibility for any losses incurred by remaining residual risks.


What Are Secondary Risks?

The PMBOK Guide defines secondary risks as “those risks that arise as a direct outcome of implementing a risk response.” In other words, you identify risk and have a response plan in place to deal with that risk. Once this plan is implemented, the new risk that may arise from the implementation - that’s a secondary risk. 

Secondary Risk examples:
  • Manufacturing company: A company might offer a promotion to attract more customers for a new product, but this could lead to a secondary risk of running out of inventory.
  • Health insurance policy: The premium payments for a health insurance policy are a secondary risk.


Labels:

Comments

Post a Comment

Popular posts from this blog

Certified Enterprise Architect Professional (CEAP) - Module 5 - Architecture Frameworks

Architecture Frameworks: An Architecture Framework is a theoretical structure that has the purpose of developing, executing, and maintaining an Enterprise Architecture. Advantages of EA framework: Simplify Breaks down areas of the business process Organise business components and create and identify relationships between business Determine the scope Customization in the existing framework Disadvantages of EA framework: Need to follow process Provides only direction and not information It's based on goal and objective Need creativity and proactive thinking Zachman Framework: The Zachman Framework is a widely used model in Enterprise Architecture (EA) that provides a structured way to classify and organize an organization's information infrastructure by defining different perspectives from various stakeholders, allowing for a holistic view of the enterprise and facilitating alignment between business needs and technology solutions; essentially acting as a template to organize arc...
Post a Comment
Read more

Daily Agile Scrum stand-up meeting guidelines

Followers of the Scrum method of project management will typically start their day with a " stand-up meeting ". In short, this is a quick daily meeting (30 minutes or less) where the participants share the answers to the three questions with each other: • What did I accomplish yesterday?  • What will I do today?  • What obstacles are impeding my progress?  Some people are talkative and tend to wander off into Story Telling .  Some people want to engage in Problem Solving immediately after hearing a problem. Meetings that take too long tend to have low energy and participants not directly related to a long discussion will tend to be distracted. These are the minimum number of questions that satisfy the goals of daily stand-ups. Other topics of discussion (e.g., design discussions, gossip, etc.) should be deferred until after the meeting.  Here are few tips for running a smooth daily meeting:  • Everyone should literally stand-up and no one should sit down ...
Post a Comment
Read more

Certified Enterprise Architect Professional (CEAP) - Module 4 - Architecture Precursors

 Architecture Precursors: Precursors to modern Enterprise Architecture (EA) include early frameworks like IBM's Business Systems Planning (BSP), which focused on aligning business strategy with information systems, as well as other Information Systems (IS) architecture methodologies that emerged in the 1970s and 80s, emphasizing the connection between business processes and IT systems, laying the groundwork for the holistic view of an organization that EA represents today; the "Master Plan for Information Systems" by Evans and Hague is also considered a foundational concept in this area. Drivers: internal / external pressure enforce to change the system Aims & Directives: Aims:  Goals Objectives Requirements Directives: Principles (example: Principles can be associated with business, data, applications, infrastructure, or security) Policies (example: Members of the public have minimal access to data) Business Rules (example: A rule directs and restricts a procedure)
Post a Comment
Read more