Login with Netlify Identity

Risk treatment

A risk treatment is any action taken to prevent or respond to a risk or an opportunity. Following the risk assessment, a key step of the risk management process is the identification of specific treatment actions.

UNDP’s Enterprise Risk Management (ERM) policy has identified 4 types of response:

  • Terminate - eliminate the activity that triggers such a risk
  • Transfer - passing ownership and/or liability to a third party
  • Mitigate - reducing the likelihood and/or impact of the risk below the threshold of acceptability
  • Tolerate - accepting the risk level, usually for low (impact/likelihood) risks

Practical examples of treatment actions along the 3 risk categories are provided below.

Practical examples of treatment actions along the 3 risk categories

*The ability of development actors to influence contextual risks (inflation, change in government leadership, natural disasters, conflicts, etc.) is often very limited. This means that the ability to treat contextual risks is often limited to developing contingency plans or accepting the risks, if low-risk and / or within UNDP’s risk appetite.

For each risk, UNDP assigns a Risk Owner and a Risk Treatment owner.

  • Risk Owner – the person with the ultimate accountability and authority to manage the risk. At the project level, this is often the project manager.
  • Risk Treatment Owner – the person assigned with the responsibility to ensure that a specific risk treatment is implemented.

Loading resources