Whether managing the technical detail of a project, or the overall project details that might affect scope, budget, timescales, or quality, you often come across risks. Typical attributes you log about risks include: what’s the Probability it will mature, and what Impact would it have, and which area it Affects. Great, but what can you do about these risks.
Here are the four broad categories of action you can take to manage risk:
Accept – brace yourself for the possibility that you will feel the impact (e.g. warn people what might happen)
Control – modify the action plan to reduce the impact or the probability (e.g. do it at night or test it better first)
Avoid – don’t go ahead with the action that could incur the risk (e.g. shelve that part of the plan)
Transfer – arrange that someone else feels the impact (e.g. sign an insurance agreement or a service delivery contract)
The most common actions are Control (we mitigate risk by reducing the probability or limiting the impact) or to simple Accept what is going to happen. In any case, I find it practical to have this list of the types of action, to avoid keep (mis-)using the word mitigate.
If you want to read a little more around the subject, you’ll find the Wikipedia Risk Management article a useful starting point.