Risk Management Definitions

Risk Management Definitions

What is Risk Management?

Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events [1] or to maximize the realization of opportunities.  Risks can come from uncertainty in financial markets, project failures (at any phase in design, development, production, or sustainment life-cycles), legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attack from an adversary, or events of uncertain or unpredictable root-cause.  Several risk management standards have been developed including the Project Management Insititute, the National Institute of Standards and Technology, actuarial socieities, and ISO standards. [2] [3] Methods, definitions and goals vary widely according to whether the risk management method is in the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety.

The strategies to mange risk typically include transferring the risk to another party, avoiding the risk, reducing the negative effect or probability of the risk, or even accepting some or all of the potential or actual consequences of a particular risk.


Insurance is a form of risk management primarily used to hedge against the risk of a contingent, uncertain loss. Insurance is defined as the equitable transfer of the risk of a loss, from one entity to another, in exchange for payment. An insurer, or insurance carrier, is a company selling the insurance; the insured, or policyholder, is the person or entity buying the insurance policy. The amount to be charged for a ceratin amount of insurance coverage is called the premium. Risk management, the practice of appraising and controlling risk, has evolved as a discrete field of study and practice.

The transaction involves the insured assuming a guaranteed and known relatively small loss in the form of payment to the insurer in exchange for the insurer's promise to compensate (indemnify) the insured in the case of a financial (personal) loss. The insured receives a contract, called the insurance policy, which details the conditions and circumstances under which the insured will be financially compensated.

Insurance involves funds from many insured entities (known as exposures) to pay for the losses that some may incur. The insured entities are therefore protected from risk for a fee, with the fee being dependent upon the frequency and severity of the event occurring. In order to be insurable, the risk insured against must meet certain characteristics in order to be an insurable risk. Insurance is a commercial enterprise and a major part of the financial services industry, but individual entities can also self-insure through saving money for possible future losses.[1]

Office of Risk Management
502 E. Boone Ave.
Spokane, WA 99258-0069
Phone: 509.313.6445
Fax: 509.313.5199

Joe Madsen, Risk Manager

Charles Murphy, Vice President for Finance

John VanSant, Risk Management Specialist

Marcia Bertholf, Assistant to Vice President for Finance