Skip to main content

Table 6 Threat control methods

From: Managing project risks and uncertainties






Reduces or eliminates event occurrence (likelihood). Removes cause.

Prevention is better than cure.

Some events unavoidable or beyond control.


Reduces consequence.

Focus on specific effects. Treat effects of unprevented & unpreventable events.

Treats symptoms not causes. Effects can be difficult, costly or even impossible to reduce. Usually is residual impact.


Loss of one set of resources is treated by investing in another set preferably similar in nature & extent.

Can be appropriate when avoidance & mitigation fail. Can rescue resources that otherwise would be lost without the offset intervention.

Needs economies of scale & costly even non-feasible if replacement resources in many isolated small patches. Original resource is still lost.


Responsibility for threat control formally passed from one role player to another.

Enables the role player most exposed to threat, or most liable to cause impact, to undertake control. Clarifies responsibility & helps avoid control 'falling between the cracks'.

Requires thorough threat identification & prioritization.


Spreads cost consequence of low likelihood threats to other agencies.

Can be used to fund mitigation, especially big losses to third parties.

Does not avoid events, important in possible irreversible loss of indispensable natural capital. Might reduce incentive to implement precautionary measures.


Apply no control, usually to low threats.

Cost-effective. Avoids promising to apply unaffordable control.

Danger of irresponsible, negligent & uncaring reputation. Requires carefully worked out project appetite for threat.


Structure organization to be resilient. Readiness for emergencies & capacity to control eventuating accepted threats, & unpreventable & unanticipated events.

Stay functional, protect people & assets in face of adversity.

Extra effort and expense in emergency drills, what-if & scenario analyses.