Hey everyone; hope you’re all doing well.

In the next few posts, we’ll be moving away from our previous discussion on business law and introducing a key topic that is often on the minds of business owners of all sizes and in all industries. This is the concept of business risk, and consequently, of risk management.

The fact is that being in business is risky. The idea is that, in exchange for dealing with those risks, business owners are compensated by some level of return. In general, the greater the risk, the greater the return (i.e. no pain, no gain). Of course, there are scenarios that offer a higher proportion of return than risk (a.k.a. great business ideas), and vice versa - but let’s set those aside for now.

My plan to tackle the concept of risk with you is to focus on one major type of risk at a time, offer various possible responses/reactions to that risk, and then conclude with the optimal choice you should make. To facilitate that, I’ll start by introducing our list of risk response options. This will serve as our ‘menu’ from which we’ll make our choices to address each risk.

Risk Response Options


This one is pretty simple. When you/your business is confronted with a risk, you change your plans so that you’re no longer faced with that risk. Example: a restaurant owner wants to open a second location but is unsure if there will be enough demand to make it profitable. He avoids this risk by simply not opening the second location.


Here, we shift the potential effects of the risk to an external party, such as an insurer. Example: The owner of a mattress factory is located next door to a fireworks manufacturer. The owner is worried about the risk of fire damaging his inventory/assets, so he purchases insurance coverage. This transfers the potential effects of the risk (inventory/asset loss due to fire) to the insurance provider in exchange for paying the insurance premium.


This means to plan & act in a way that minimizes or removes the chance of the risk’s potential effects impacting the business. Example: A software company faces the unavoidable risk that the program they release will have significant bugs and won’t function as intended. They mitigate this risk by investing resources (labour time, R&D capital, etc.) to conduct beta testing and releasing the program in modules rather than as a bundle. This beta testing reduces the chance of critical flaws and the modular approach helps ensure that the negative impact of any issues will be smaller.


Choosing to simply accept a risk is just as the name implies - to be aware of it and carry on in the normal course of business, with the plan being that the expected returns exceed the total level of risk accepted. Example: A pharmaceutical company is researching/developing a new drug. Since the risk of successfully developing and bringing the new drug to market cannot be avoided, transferred, or significantly mitigated, they are simply accepted with the premise that the potential returns will far exceed the potential costs incurred from the R&D phase.


Well, there we have it: a quick, concise list of responses to all types of risk a business will face. Of course, while the list above is short and (hopefully) easy to understand, the fallout of those responses (in terms of detailed plans, execution, associated costs, etc.) can be anything but. Nonetheless, this is our starting point. Check back soon to see how we apply these and how you can as well.