Which term describes the process of assigning risk to another enterprise, usually through insurance or outsourcing?

• A. Risk transfer
• B. Risk sharing
• C. Risk acceptance
• D. Risk mitigation

Answer: (A)

Transferring risk means shifting the potential financial impact of a risk to an external party through contracts, insurance, or outsourcing. The organization pays a premium or enters into an agreement where another party agrees to bear certain losses or handle consequences if something adverse occurs. This is different from keeping the risk and paying for its consequences out of pocket (risk acceptance), reducing the likelihood or impact without redistribution (risk mitigation), or sharing the risk more broadly but not fully transferring ownership (risk sharing).

In practice, you might purchase property or liability insurance to cover potential damages, or you might outsource a function to a service provider and rely on their controls and liability terms to manage some of the risk. It’s important to note that while risk transfer can shift financial exposure, it doesn’t eliminate the risk entirely—the organization still needs governance, ensure proper contract terms, and verify that the other party can actually meet obligations.