The Risk Definition Debate

David Hillson - April 7, 2010

Known globally as The Risk Doctor, David has been working in risk management for about 30 years. He has worked in 48 countries on every continent except the Antarctic (too cold!), with clients in most industries.

Risk Management ProjectsAtWork

A new international risk management standard reignites a debate over how to define risk.

Most of us had hoped that the debate about how to define a risk was settled. This was a “hot topic” around the turn of the century, particularly focused on the question of whether the concept of risk should include opportunity as well as threat, or whether risk was exclusively negative. The majority consensus now seems to be agreed that risk is double-sided and covers both upside and downside.

Now the issue of the ISO31000 “Risk management – Principles and guidelines” standard (published in November 2009) looks likely to reignite the definition debate, and this time the issue is equally fundamental. At first sight the definition of risk in ISO31000 appears to be clear and unambiguous, with just five words:

Risk is “effect of uncertainty on objectives.”

This contains all three vital words that any definition of risk must include:

Risk is about uncertainty and it may never happen.
Risk matters and must be managed because it has an effect.
We measure that effect against defined objectives.

So far so good. But looking more closely at the ISO31000 definition, a problem appears. The ISO risk standard clearly states that “Risk is effect…” If we…

Please log in or sign up below to read the rest of the article.

The Risk Definition Debate

Continue reading...

Sponsors

Vendor Events

Guessing is not a strategy: How to build decision velocity with AI and real-time data

Newsletters