A company decides to purchase an insurance policy. Which of the following risk management strategies is this company implementing?

Mitigation involves taking steps to reduce the severity or likelihood of a risk occurring, such as implementing safety protocols or upgrading equipment. However, purchasing insurance does not directly reduce the risk; instead, it shifts the financial burden to another entity, making this option incorrect.

Acceptance of risk occurs when a company acknowledges a risk and chooses not to take any action to address it, often because the potential impact is deemed manageable. Buying insurance, however, indicates a proactive approach to managing risk, as the company is seeking coverage rather than merely accepting the risk.

Avoidance entails eliminating a risk altogether by not engaging in activities that introduce the risk. For example, a company might decide not to operate in a high-risk area. Purchasing insurance does not eliminate the risk; it provides a financial safety net, which makes this option inaccurate.