Organizational Risk 101

Andy Jordan is President of Roffensian Consulting S.A., a Roatan, Honduras-based management consulting firm with a comprehensive project management practice. Andy always appreciates feedback and discussion on the issues raised in his articles and can be reached at [email protected]. Andy's new book Risk Management for Project Driven Organizations is now available.

  Risk Management   ProjectsAtWork  

What exactly is organizational risk management, how does it differ from project risk management, and why should project managers care? In this new series, we will explore these questions and introduce some important related concepts, starting with the constraints hierarchy.

Organizations exist within an environment that is full of risk. There are any number of external risks that impact the organization: regulators, competitors, consumers and social expectations, among many others. There may not be much that organizations can do to actively manage most of those risks, but we have to be aware of them, and we have to recognize that they have the ability to impact the work that the organization does — including projects. In addition there are a number of high-level internal risks that aren’t specific to a particular project but that collectively impact the portfolio of projects — risks around compliance, technology, finance, and other areas.

When an organization approves the portfolio of projects that are going to be undertaken during the next period, they are also effectively committing the organization to varying levels of exposure for all of these organization wide risks. The problem is that most organizations are doing so unconsciously — they don’t appreciate how a different selection of projects will result in different risk exposures. As…

Please log in or sign up below to read the rest of the article.