Every undertaking has its own inherent risks and if not managed properly, then the
organization will suffer endlessly. This is the simplest idea of the principles of risk
management. An organization which fails to understand the basic principles of risk
management is bound to fail when it comes to deciding what to do, when to do it, and
whether they have already done everything possible in doing it.
But first thing’s first. To properly understand the principles of risk management, you
have to first understand what risk is. The dictionary lists risk as a source of danger with
the possibility of incurring loss or misfortune. This is a very appropriate definition and
the first step in understanding the principles. The second is to understand what
management is. Basically, management is the act of putting direction to something.
In view of this, the principles of risk management involve the identification, analysis and
prioritization of risks in order for the organization to take action to reduce the risk, plan
for emergencies and track the effects of the identified risks and again manage them
accordingly. You are basically putting direction on a risk in order for you to avoid, stop,
or control it.
As you can see, there are always two phases in the principles of risk management. One
would be to assess the risk (and it will usually cover the identification, analysis and
prioritizing them) and the other is controlling the risk (avoid, stop or control it, plan for
other risks, and tracking the risk for future control).