Explanation:
Risk management provides an approach for individuals and groups to make a decision on how to deal with potentially harmful situations. Following are the four phases involved in risk management: 1. Risk identification: The first thing we must do in risk management is to identify the areas of the project where the risks can occur. This is termed as risk identification. Listing all the possible risks is proved to be very productive for the enterprise as we can cure them before it can occur. In risk identification both threats and opportunities are considered, as both carry some level of risk with them.
2. Risk Assessment and Evaluation: Risk assessment use quantitative and qualitative analysis approaches to evaluate each significant risk identified.
3. Risk Prioritization and Response: As many risks are being identified in an enterprise, it is best to give each risk a score based on its likelihood and significance in form of ranking. This concludes whether the risk with high likelihood and high significance must be given greater attention as compared to similar risk with low likelihood and low significance. Hence, risks can be prioritized and appropriate responses to those risks are created.
4. Risk Monitoring: Risk monitoring is an activity which oversees the changes in risk assessment. Over time, the likelihood or significance originally attributed to a risk may change. This is especially true when certain responses, such as mitigation, have been made.