Risk Mitigation Strategies define practical actions that reduce the likelihood, severity, exposure, or detectability gap of known risks.
Definition
Risk Mitigation Strategies are planned actions that reduce risk exposure. They can avoid the risk, reduce probability, reduce impact, improve detection, transfer responsibility, prepare contingency, or accept residual risk with informed approval.
In Lean Six Sigma, mitigation should be tied to verified risk sources, not generic action lists.
History
Risk mitigation comes from project management, safety, engineering, quality planning, and reliability practice. FMEA, control plans, project risk registers, and change management all use mitigation logic to turn risk identification into preventive action.
When to Use
Use Risk Mitigation Strategies after risk identification and prioritization in projects, launches, PFMEAs, supplier changes, process changes, compliance work, or high-impact improvement efforts.
Step-by-Step
- Define the risk event, cause, effect, and owner.
- Assess exposure using probability, impact, detectability, or urgency.
- Choose the response type: avoid, reduce, transfer, accept, or prepare contingency.
- Prefer prevention over detection when severity is high.
- Assign actions with due dates and evidence of completion.
- Define residual risk and approval requirements.
- Verify effectiveness after implementation.
- Monitor risk triggers over time.
Examples
- Launch: Add a production trial and capability study before customer shipment.
- Safety: Remove the hazard instead of adding only PPE.
- Project: Build a fallback process before a system migration.
Common Pitfalls
- Mitigations that do not address the cause.
- Overreliance on inspection or reminders.
- No residual risk review.
- Actions without owners or evidence.
- Ignoring new risks created by the mitigation.
- Not checking whether the risk actually decreased.