Establishing risk acceptance criteria, risk reduction, and risk acceptance. Risk control involves making decisions to reduce and/or accept risks. The goal of risk control is to lower the risk to an acceptable level. The effort for risk control should be proportional to the significance of the risk.
Risk control might focus on the following questions:
- Is the risk above an acceptable level?
- What can be done to reduce or eliminate risks?
- What is the appropriate balance between benefits, risks, and resources?
- Are new risks being introduced as identified risks controlled?