Process to modify risk.
Source: ISO 27000 - Information Security Standards.
Risk treatment may involve :
- terminating or avoiding the risk, by deciding not to start or continue with the activity that gives rise to the risk;
- tolerating, taking or maintainting the risk in order to pursue an opportunity;
- treating the risk by changing the likelihood or changing the consequences or the impact
- transferring or sharing the risk with another party