| Description (HTML) |
The following rules can be applied to risks according to risk's significance and likelihood to occur.
Prevent at Source: Risks are both significant in consequence and likely to occur. They should be reduced or eliminated with preventative controls and should be subject to control evaluation and testing.
Detect and Monitor: Detective controls should be put into place to ensure that these high significance risks will be detected before they occur. They need to monitored on a rotational basis.
Monitor: These risks should be monitored to ensure that they are being appropriately managed and that their significance has not changed due to changing conditions.
Low Control: Require minimal monitoring and control unless subsequent risk assessments show a substantial change, prompting a move to another risk category. |
Approach Item: Risk Handling Approach