Rewarded and unrewarded risk can be a useful way to analyse risks.
It can indicate whether a particular risk is a legitimate risk for the organisation (and consistent with the organisation’s strategic plan) or not.
An example of a rewarded risk is a capital investment decision, such as acquiring a business or a new machine, launching a new product and so on.
Such an investment will be made because there is a reasonable expectation of an acceptable net positive return within the organisation's strategic plan, and hence an expectation of an increase in shareholders' wealth.
Examples of unrewarded risk are operational risks such as the risks of systems failure, fire, theft or human error, all of which may be costly to manage, and which there is no direct return for taking.
Clearly risk which is unrewarded is best avoided where there is no cost or lost opportunity from doing so. However, many unrewarded risks, such as the risk of fire, theft or human error, are inevitable in business, and must be managed as cost-effectively as possible.
For example by comparing insurance providers in order to get the best deal.
The cost of managing unrewarded risks must be covered by (and thus reduces) the net positive returns earned from rewarded risks.