Glossary of Terms


An opinion based on evidence gained from the review of the College's governance, risk management and control framework


As Low As Reasonably Practicable (ALARP). Once each risk has been identified and assessed, an action plan must be devised to reduce the risk in line with ALARP taking into account the College's risk tolerance, proportionality and value for money.

College Strategic Themes Image containing Imperial College Strategic Themes which are influence, Resources, Organisation, Translation, Research and Education





The consequences that arise from the realisation of a risk.

Horizon scanning

The systematic review of internal and external activities to enable the early identification of emerging or changing risks.

Inherent risk

The exposure arising associated with a risk before action has been taken to manage it.

Residual risk

This is the exposure remaining after action has been taken to manage the risk.


The chance of something happening that has the potential to affect the achievement of our aims or objectives positively or negatively. Risk is measured in terms of the likelihood of an event occurring and the consequences of its realisation.

Risk Tolerance

The amount of risk that an organisation is prepared to accept or be exposed to at any one time

Risk assessment

The evaluation of risk in terms of the impact resulting from the risk being realised and the likelihood of the risk being realised

Risk management

The processes involved in the identifying and assessing risk, assigning ownership, mitigating the risk and monitoring progress

Risk strategy

The College's overall approach to risk management

Risk profile

The range of risks faced by the College

Internal control

Actions taken to manage risk or the impact of the risk if realised

Risk Owner

The person responsible for ensuring the risk is properly managed and monitored

Shared Risk

A risk with Impact (consequences) on more than one area of the College and/or partners and/or a risk that can be caused by another party.

Raw Risk

A risk before any control or mitigation is applied


Measures taken to control or reduce the risk


Measures taken to mitigate or reduce the risk


The consequences if the risk was realised (came about)


The probability of the risk occurring


The event or events that bring about the risk

Major Risks

Major is defined as any Red or Amber Risk or any Green risk with an impact or likelihood score of 7 or above as this implies that either rigorous controls are required to reduce the likelihood of a significant impact or there is an expectation of a significant number of minor events




Control measures or processes to reduce the risk by addressing the causes, impact and/or likelihood of the risk. Control measures must be proportionate to the risk and provide value for money.


After assessing the Impact and Likelihood of the risk and assessing the control measures required to further reduce the risk, it may be decided that the risk will be accepted without further mitigation


Some risks can be transferred to another body or organisation, e.g. insurance, outsourcing. Care needs to be taken that the risk is actually transferred. Some risks cannot be transferred e.g. reputation


Although unusual there may be occasions when the residual risk is considered unacceptable and the only acceptable course of action is to cease all or part of an activity e.g. Field trips to high risk places


A review of Political, Economic, Social (including legal, environmental and ethical) and Technical issues