Everybody says the risk managers should speak business language. But what does it actually mean?

Well to me, this means – the results of the risk analysis has to be presented in EXACTLY the same way the decision is being discussed.

If an investment decision is made based on NPV and IRR – then risk manager has to bring to the table new calculation for NPV and IRR based on risk analysis.


If the decision is discussed in terms of schedule and budget – the risk manager needs to calculate and bring new schedule and budget with risks incorporated.


High, medium, low is not going to cut it if you are serious about integrating risk into decision making.

Join for an online debate to talk how both COSO ERM 2017 and ISO31000 2018 fail in this regard: https://go.oceg.org/iso-31000-2018-versus-coso-2017-for-enterprise-risk-management-the-great-debate

RISK-ACADEMY offers online courses


Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!


ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.


Advanced Risk Governance

This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.


2 thoughts on “Everybody says the risk managers should speak business language. But what does it actually mean?

  1. Finally, more people are asking the right question. NPV based on probability based events have solutions both in closed form and computationally. Naturally, since something is probability based, Risk computation does not result in a single score but a plausable range and sometimes even metrics to monitor for operational controls over a risk.

    I personally like the gambling approach as many — whether they favor gambling or not — can appreciate the issues at hand. How much cash would I need to set aside earning interest to be 95% confident that all possible outcomes of chance are covered? If risk treatment changed that probability, did it free up some of the money set aside at interest for the business?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.