Drawing of Stakeholder map

Risk Management, Risk Analysis, Templates and Advice

Collaborative Online Mind Mapping:
  • #1 Mind Mapping Tool
  • Collaborate Anywhere
  • Stunning Presentations
  • Simple Project Management
  • Innovative Project Planning
  • Creative Problem Solving

Risk Management (MoR) Dictionary of Terms

by | reviewed 2023-08-19
This is an A-Z glossary of terms, from the Management of Risk (M_o_R). See also dictionaries for Agile Projects, Managing Successful Programmes (MSP) Dictionary, Project Office Dictionary (P30), PRINCE2 and ITIL See also Project Management Dictionary.

A - D - acceptance to Dis-benefit | E - O - Enhancement to output | P - Q - Probability to Quality assurance | R - Realisation to Risk tolerance line | S - T - Senior Responsible Officer to Transfer | Risk - Acronyms

Definitions from R - Realisation to Risk tolerance line


A risk response for an opportunity. The realisation of opportunities ensures that potential improvements to an organizational activity are delivered.


A risk response for a threat. Proactive actions are taken to reduce:
  • The probability of the event occurring by performing some form of control, or
  • The impact of the threat should it occur.


A risk response for a threat. Typically involves changing an aspect of the organizational activity, i.e. changing the scope, procurement route, supplier or sequence of activities.

Residual risk

The risk remaining after the risk response has been applied.


A risk response for a threat. A conscious and deliberate decision is taken to retain the threat, having discerned that it is more economical to do so than to attempt a risk response action. The threat should continue to be monitored to ensure that it remains tolerable.


An uncertain event or set of events that, should it occur, will have an effect on the achievement of objectives. A risk is measured by a combination of the probability of a perceived threat or opportunity occurring and the magnitude of its impact on objectives.

Download a register of Common Project Risks

Download a list of Construction Project Risks

Risk actionee

Some actions may not be within the remit of the risk owner to control explicitly; in that situation there should be a nominated owner of the action to address the risk. He or she will need to keep the risk owner apprised of the situation.

Risk appetite

An organization's unique attitude towards risk taking, which in turn dictates the amount of risk that it considers acceptable.

Risk cause

A description of the source of the risk, i.e. the event or situation that gives rise to the risk.

Risk committee

A body of independent directors who are responsible for reviewing the company's internal control and risk management systems.

Risk effect

A description of the impact that the risk would have on the organizational activity should the risk materialise.

Risk estimation

The estimation of probability and impact of an individual risk, taking into account predetermined standards, target risk levels, interdependencies and other relevant factors.

Risk evaluation

The process of understanding the net effect of the identified threats and opportunities on an activity when aggregated together.

Risk event

A description of the area of uncertainty in terms of the threat or the opportunity.

Risk identification

Determination of what could pose a risk; a process to describe and list sources of risk (threats and opportunities).

Risk Log

Risk Management

Systematic application of principles, approach and processes to the tasks of identifying and assessing risks, and then planning and implementing risk responses.

Risk Management Strategy

Describes the goals of applyingrisk management to the activity, a description of the process that will be adopted, the roles and responsibilities, risk thresholds, the timing of risk management interventions, the deliverables, the tools and techniques that will be used and reporting requirements. It may also describe how the process will be coordinated with other management activities.

Risk Management Policy

A high-level statement showing how risk management will be handled throughout the organization.

Risk Management Process Guide

Describes the series of steps (from Identify through to Implement) and their respective associated activities, necessary to implement risk management.

Risk manager

A role or individual responsible for the implementation of risk management for each activity at each of the organizational levels.

Risk owner

A role or individual responsible for the management and control of all aspects of individual risks, including the implementation of the measures taken in respect of each risk.

Risk perception

The way in which a stakeholder views a risk, based on a set of values or concerns.

Risk potential assessment (RPA)

A standard set of high-level criteria against which the intrinsic characteristics and degree of difficulty of a proposed project are assessed. Used in the UK public sector to assess the criticality of projects and so determine the level of OGC Gateway Review required.

Risk profile

Describes the types of risk faced by an organization and its exposure to those risks.

Risk Register

A record of all identified risks relating to an initiative, including their status and history. Also called a Risk Log.

Download a Risk Register - Excel, Word or PDF format

Download a PRINCE2 Risk Register - Mind map, Word or PDF format

Risk response

Actions that may be taken to bring the situation to a level where the exposure to risk is acceptable to the organization. These responses fall into one of a number of risk response categories – see below.
Read more on each of the Risk Response options.

Understand the possible Risk Mitigation Strategies.

Risk response category

For threats, the individual risk response category can be reduction, removal, transfer, retention or share of one or more risks. For opportunities, the individual risk response category can be realisation, enhancement or exploitation or share of one or more risks.

Risk tolerance

The threshold levels of risk exposure, which with appropriate approvals, can be exceeded, but which when exceeded, will trigger some form of response (e.g. reporting the situation to senior management for action).

Risk tolerance line

A line drawn on the Summary Risk Profile. Risks that appear above this line cannot be accepted (lived with) without referring them to a higher authority. For a project, the Project Manager would refer these risks to the Senior responsible owner.

Copyright © AXELOS Limited 2012. All rights reserved. Material is reproduced with the permission of AXELOS