Risk Management Options

Essay samples


AssociateLevel Material

Appendix C

Part I: Scenario andIdentification

A retail chain has asked anoutside security consulting team to perform a threat and riskassessment for one of its branches. The consulting team hasidentified the following threats and accompanying risk levels forthis particular store:

  1. Fire (medium)

  2. Internal theft (high)

  3. Shoplifting (medium)

  4. Burglary (high)

  5. Bomb (low)

The retail chain has decided torespond to these threats in the following manner:

For the threat#1, management hasdecided to take no further precautions because the store is currentlyup to code and the insurance policy the company carries fully coversit in the event of fire.

For threat#2, management hasdecided to implement background checks for all new applicants and allemployees must now have their bags and backpacks checked by securitybefore exiting the store.

For the threat#3, management hasdecided to add no additional security measures. Losses due toshoplifting are expected and have been included in the store’sbudget.

For threat#4, management hasinstalled a comprehensive alarm and surveillance system in allstores, with around-the-clock security monitoring. Now, break-ins atthis store cannot occur without detection.

For threat#5, management intendsto institute no countermeasures. With several other branchesthroughout the region, the company overall would suffer only minimallosses even if this threat were to materialize.

In the following table, identifythe type of risk management option the company has employed for eachthreat:


Risk Management Option

Threat #1

Transferring the risk

Threat #2

Mitigating the risk

Threat #3

Mitigating the risk

Threat #4

Eliminating the risk

Threat #5

Spreading the risk

Part II: Follow-up questions

  1. Do you agree with the company’s responses to these threats? Why or why not?

The company has effective risk-management policies as each risk is managed according to its impactthe company’s to remain in control. Risk management involves usingthe best option in the market so that a company can reduce, eliminateor share the risk. Effective risk management involves using theavailable means of managing risks to the maximum so as to ensure thatthe risk is not costly to the company (Clifford,2004). The store’srisk management is pegged on the acceptance that different risks havedifferent impacts on the company and require different ways ofmanaging them.

  1. Considering the risk-level associated with each threat, list an alternate countermeasure or response for each threat and the type of risk management option your proposed countermeasure represents:

    • Threat, #1: eliminating the risk of fire can be a good option for the company. A company can choose to locate the store in a region that has a low risk of fire, and this effectively means that the risk is eliminated. The risk management assessment is based on determining whether the company’s location is prone to fire and if this is the case, the management can choose to move to a safer area (Clifford, 2004).

    • Threat #2: The company can transfer the risk of shoplifting by employees by taking up an insurance cover that covers shoplifting. This is to be accompanied by a security camera system which monitors the actions of employees so as to ensure that the insurance cost is not too high. The purpose of transferring the risk is due to the recognition that cases of employee shoplifting cannot be eliminated and thus seeks an alternative of reducing the losses associated with the risk.

    • Threat #3: The Company can eliminate the risk of shoplifting by shoppers by making it extremely punitive if a person is found. The company has the option of introducing very punitive means of dealing with people who are caught shoplifting such as lengthy jail terms. This deters criminals and is likely to lead to a complete elimination of cases of shoplifting. Eliminating the risk leads to savings for the business in the form of low insurance premiums (Broder &amp Tucker, 2012).

    • Threat #4: The Company can transfer the risk by taking up insurance covers on burglaries. The insurance company takes up the cost of losses that are due to burglaries (Clifford, 2004). The purpose of insurance covers is to cover the cost of any losses that may occur on insured products. Transferring the risk also means that the insurance company will take joint measures with the store to ensure that cases of burglaries do not occur.

    • Threat #5: The Company can assume the risk since cases of bombing are rare and are highly unlikely to occur. Assuming the risk means that the company accepts any losses that may occur. In this case, the company recognizes that the risk of bombing is minimal, and chances of occurrence are highly unlikely. This is informed by a background check on bombing cases that have occurred and determining the likelihood of bombing (Broder &amp Tucker, 2012).


Broder, J. F., &amp Tucker, E.(2012). Risk analysisand the security survey.Waltham, MA: Butterworth-Heinemann.

Clifford, M. (2004). “APrevention System Overview: Defining the Overall Security Objective.”Identifyingand Exploring Security Essentials. NewYork: Prentice-Hall.