Risk management involves protecting employees and customers from the negative effects of various risks, as well as preserving the assets of the organization. We encounter and address many types of risks, including those associated with security, resources, schedule, personally identifiable information (PII), disasters and performance.
AAC performs risk management as a standard component of our program planning and execution. Our process for identifying and managing risk is standards-based and consists of five steps:
- Identify threats or risks
- Assess vulnerability
- Determine the consequences of specific threats to assets
- Apply risk reduction techniques
- Prioritize risk management procedures
We assign a risk owner to each identified risk and maintain records in a risk database which enables us to build on and institutionalize lessons learned. Our risk management process enables us to identify, monitor and quickly mitigate risks before they affect program objectives.