No organisation can achieve complete elimination of risk. Residual risk for an organisation is the portion of risk that remains after three main components of risks, viz. mitigated risk, accepted risk and transferred risk have been taken care of. Managing residual risk effectively involves managing these components. An organisation should determine the level of residual risk it is willing to bear. It may be necessary to decrease one or more of these risks to reduce the overall Residual Risk to the desired level. Decreasing any of these components has a cost implication, which needs to be analysed vis-à-vis the resultant reduction in residual risk.

This service facilitates management of residual risk by drawing a balance between the three components while considering the financial and operational costs involved therein.