The Nature of Risk Treatments
Here are several levels of expenditure to consider when implementing treatments:
Sunk costs – funds that have already been irrevocably committed.
Compliance costs – costs of doing business (legally) or essentially, the ‘license to operate’.
Base (or Prudent) costs – basic costs to provide essential basic risk management.
Best Practice – investments that achieve an appropriate return on investment (ROI) to reduce risk to As Low as Reasonably Practicable (ALARP)
Discretionary–items which may or may not achieve a required ROI but are likely to reduce risk even further.
