Defining Risk Types
Risk matters because it has the potential to affect the achievement of objectives. By linking risks to objectives, we can distinguish a variety of risks at the organizational, project and personal level, from the strategic to the technical and so on.
People sometimes ask how we should define strategic risk. Fortunately this simple question has a simple answer. And answering this question can also help us to define any other type of risk. First, let’s consider strategic risk.
One basic definition of risk is “uncertainty that matters.” We can expand this into a more formal definition such as “any uncertainty that if it occurs will affect achievement of objectives.” Or we can keep it simple, like the definition in the international risk standard ISO31000:2009, where risk is “effect of uncertainty on objectives.”
So risk always involves uncertainty. But risk matters because it has the potential to affect objectives. This means that each risk must be linked to at least one objective. Risk cannot be defined in a vacuum or without a context. Wherever we find a risk, we will also find something that is “at risk,” which is our ability to achieve our objectives.
Organizations have different types of objectives, ranging from high-level corporate objectives down to detailed technical or operational objectives. Each type
Please log in or sign up below to read the rest of the article.