Which measure involves assigning risk to a third party, such as through insurance, to reduce residual risk?

The measure that involves assigning risk to a third party, such as through insurance, to reduce residual risk is known as risk transference. This strategy involves shifting the burden of risk from one party to another, often through contracts or financial instruments like insurance policies. By doing so, the original holder of the risk can protect their assets and resources while ensuring that any potential losses are covered by the third party, thus reducing their own exposure to those risks.

In contrast, risk mitigation focuses on reducing the likelihood or impact of risks through various strategies or controls. Risk appetite refers to the level of risk that an organization is willing to accept in pursuit of its objectives, setting the context for how much risk the organization is prepared to manage in-house. Risk acceptance is the decision to accept the risk without taking any specific actions to address it, essentially acknowledging that the risk is tolerable under current circumstances. Each of these measures serves different purposes in a comprehensive risk management strategy but risk transference specifically deals with delegating responsibility for risk to another entity.