Among the different natural hazards, rockfall has an important place even though other natural hazards could affect more people or have greater consequences. The phenomenon may be further classified according to the size of the largest blocks and the total rock mass involved. The risk management procedure can be divided into (i) hazard identification and description, (ii) hazard assessment and (iii) risk management and treatment. Initiation zones of rockfall are identified and characterized by using geodetic, geomorphic, geotechnical and historical data. Trajectories are analyzed and boulder impacts are modeled to identify endangered areas. A variety of methods exist to estimate the frequency of rockfall events. Finally, hazard maps are produced that indicate the hazard level based on the intensity and probability of rockfall events. Together with indications on the occupancy and vulnerability of buildings and infrastructure, risks can be calculated and compared with acceptable values for new projects and tolerable ones for existing assets. The most effective countermeasure is land-use planning to avoid dangerous areas. If this is not possible or existing assets have to be protected, geotechnical and structural mitigation measures are justified. They cover measures in the initiation zone, along the propagation path and in the deposit zone. The types of structure used are flexible barriers, galleries, embankments and dams, depending on the position of the protective measure and the available space, the energy to be absorbed and other functions the structures should fulfill. Structures are dimensioned to withstand the impact of a design block, taking into account the damping effect of a possible cushion layer and the dynamic response of the structure itself.