We Accept the Risk? - WST

Risk.  The hot potato of any organization.  There are so many options of what to do with a risk potato once it’s identified;  You can throw out the oven (avoidance), you can wrap it in foil to contain the heat (mitigate), you can have someone else handle it (transference), and you may even choose to own it (acceptance).

While it may seem like a quick and easy option, your Board, auditors, and examiners may expect a more formal approach to risk acceptance beyond simply stating, “we accept the risk.”  Such a statement without any supporting justification or managerial approval is like putting a plain potato on a plate and serving it without any condiments.  A mature organizational risk appetite should be as picky as a restaurant critic’s palate, and if acceptance is the goal, presentation makes all the difference. For more insight into risk acceptance, see our blog, https://10dsecurity.com/we-accept-the-risk/ .