Key Elements of a Risk Management Approach
GAO-02-150T: Published: Oct 12, 2001. Publicly Released: Oct 12, 2001.
- Full Report:
Risk management is a systematic and analytical process that weighs the likelihood that a threat will endanger an asset, individual, or function and identifies actions to reduce the risk and mitigate the consequences of an attack. A good risk management approach includes the following three assessments: a threat, a vulnerability, and a criticality. After these assessments have been completed and evaluated, key steps can be taken to better prepare the United States against potential terrorist attacks. Threat assessments alone are insufficient to support the key judgments and decisions that must be made. However, along with vulnerability and criticality assessments, leaders and managers will make better decisions using this risk management approach. If the federal government were to apply this approach universally and if similar approaches were adopted by other segments of society, the United States could more effectively and efficiently prepare in-depth defenses against terrorist acts.