Even after risks have been identified, costed, examined for sensitivity and significance, and allocated to one or other party, Authorities still cannot ignore the issue of risk. They must manage retained risks to ensure that they are minimised and mitigated. This is an important part of the process of minimising procurement costs.
Many procurement risks have traditionally been borne by the public sector with the intention that they should be minimised through the development of a risk management strategy. However, even without NPD, some risks may be transferred by, for example, using an exemption clause on a contract, or by taking out insurance. Remaining risks should be monitored and minimised through the lifetime of the risk, generally that of the project or its particular phases (e.g., construction).
Risk mitigation involves taking actions which control risks in practice. Mitigation can control either or both impact and likelihood. Note that some mitigation practices can produce new risks, or can affect others, and can be costly. Generally, obtaining information and therefore reducing uncertainty is an important means of lowering risk.