Get risk management right

Getting risk management right is not that complicated. Only 2 steps:

  • Step 1 – stop doing risk assessments on a schedule (quarterly, monthly, whatever) and start doing risk assessments as part of the important decision preparation, when and where decisions are taken. Do the risk assessments when preparing the decision proposal for the decision makers. There are plenty of decisions to choose from, pick whatever decision is most material, uncertain and understood by you.
  • Step 2 – stop using risk assessment techniques, that are guaranteed to produce inaccurate and deceitful results, like likelihood x consequence assessments, qualitative blah blah heat maps and so on. Use proper math and decision theory. Present results not as risk levels or colors, present information about risks as the effect on objectives or decision (XX% chance of exceeding the budget, XX% of completing the project on time or below, XX% chance of significant extra costs between X and Y, NPV between X and Y at 95% confidence interval, etc.)

That’s it. Simple :))

RISK-ACADEMY offers online courses


Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!


ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.


Advanced Risk Governance

This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.


One thought on “Get risk management right

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.