Defining Risk Types

Known globally as The Risk Doctor, David has been working in risk management for about 30 years. He has worked in 48 countries on every continent except the Antarctic (too cold!), with clients in most industries.

  Risk Management   ProjectsAtWork  

Risk matters because it has the potential to affect the achievement of objectives. By linking risks to objectives, we can distinguish a variety of risks at the organizational, project and personal level, from the strategic to the technical and so on.

People sometimes ask how we should define strategic risk. Fortunately this simple question has a simple answer. And answering this question can also help us to define any other type of risk. First, let’s consider strategic risk.

One basic definition of risk is “uncertainty that matters.” We can expand this into a more formal definition such as “any uncertainty that if it occurs will affect achievement of objectives.” Or we can keep it simple, like the definition in the international risk standard ISO31000:2009, where risk is “effect of uncertainty on objectives.”

So risk always involves uncertainty. But risk matters because it has the potential to affect objectives. This means that each risk must be linked to at least one objective. Risk cannot be defined in a vacuum or without a context. Wherever we find a risk, we will also find something that is “at risk,” which is our ability to achieve our objectives.

Organizations have different types of objectives, ranging from high-level corporate objectives down to detailed technical or operational objectives. Each type…

Please log in or sign up below to read the rest of the article.