Understanding Risk is a Matter of Perception
Looking at all the discussions regarding the definition of risk on various platforms and by different groups, I am still surprised by the way some people look at the concept ‘Risk’. This limited and outdated view on risk by some of these people also saddens me, despite all the arguments presented by those who have a more modern view on the matter. This often leads to unproductive discussions on semantics instead of a discussion about the concept and about how to understand risk itself.
Before I continue writing about my understanding of risk and to avoid any future misunderstanding, first let me say this: I respect everyone’s opinion and view on this subject. I am writing this to give you an idea of why (in my humble opinion) everybody’s perception matters. Every person is entitled to his or her own opinion about whatever possible subject. From one’s own perspective, things always seem to be as they are being perceived. Therefore they also seem totally correct, totally true. However, while this may seem correct, this might not always be the case. Having a limited view on matters means you do not have all the information. As such, it is often the cause of a limited quality of perception, causing people to not perceive the things as they really are. This is also true for myself.
Are You Sure Your Risk Really is a Risk?
When studying the concept of risk, it immediately appears that risk has three basic elements. First risk has to do with uncertainty. Secondly, risk is related to an effect. And last, but not least, risk has to do with things that matter to us. It is unavoidably linked to one’s objectives. When one of those three elements is missing, it is difficult to talk of risk. Certainly when considered from a personal perspective. Sure, climbing a mountain, skydiving or space travel are risky endeavors, but they are not risky when the outcome of such activities are one hundred per cent certain. Nor will they be risky when there is absolutely no effect on the objectives that matter to the persons taking part in these endeavors.
Do You Understand Risk and Uncertainty?
Let us focus on uncertainty first. Unless we invent a time machine, everything that is part of the future will always be uncertain. So, risk is mainly an element of the future and it will be everywhere. The moment the uncertainty on a particular objective or subject is gone, the associated risk will also be gone. This is the case for both a positive and a negative outcome. Risk Management will always try to determine the level of uncertainty regarding events and their consequences. It provides a first element to determine the level of risk.
Do You Understand Risk and Effect?
The second element to determine the level of risk is the effect that affects the objectives involved. Often this effect is referred to as consequences. These consequences can be small or big and they can be positive or negative. Combined with levels of uncertainty, they provide the level of risk. High uncertainty and huge consequences represent a high level of risk, and, on the other hand, a low uncertainty and minor consequences represent a low level of risk.
Do You Understand Risk and Objectives?
Traditionally, Risk Management, and more precisely Risk Assessment, focuses on determining the levels of risk and then prioritise options. However, the most important and often forgotten part of Risk Management is in knowing and understanding the objectives that are involved. Because it is only due to the fact that people have objectives that risk will materialise. As such, having no objectives at all, equals to having no risks at all. Likewise, different objectives will be associated with different risks. Developing a clear view on the objectives involved in one’s daily activities, projects or strategic plans, is therefore crucial in understanding and managing risk.
And ultimately: Do You Understand Risk?
In understanding risk, it is necessary to understand the objectives that matter. Due to the fact that risk is linked to objectives, risk can only be perceived in the eye of the beholder. People have different objectives and attach different values to them. So it is obvious that the level of importance of the same objectives can be completely different from one person to another.
This means for example that a huge risk for one person is absolutely no risk for someone else; even in completely the same circumstances, one person could consider an objective extremely important, while the other person cannot see the value of that objective and will dismiss it. When this objective is affected, the first person will suffer or triumph, depending on the effect, while the other person does not care at all.
How Do You Manage Risks?
ISO 31000 is the ISO standard on managing risk from a holistic perspective. This ISO standard is destined to harmonise Risk Management in all the other ISO Management Standards. As such, it is also a standard that allows to introduce and develop ‘Risk Based Thinking‘ in organisations.
This standard proposes a vocabulary, to harmonise the use and the meaning of words in Risk Management. It provides a set of principles that are at the heart of Risk Management. It also proposes a framework on how to implement and develop Risk Management in the entire organisation. And finally, it proposes a process to manage risk. Anyone can use this process in the organisation. Use it from the top management down to the lowest executing levels and it will ensure the integration of Risk Based Thinking.
Want to Know More about ISO 31000?
Click on the links in the text above, or follow one of our training events on this Risk Management standard.
Since September 2014, Peter is also employed at TUDelft, working as a PhD researcher for the Safety Sciences section of the Technology Policy and Management faculty.
As the managing director of G31000 Europe he is now a trainer and consultant using the ISO 31000 Risk Management Standard.
Some of his articles can be read on LinkedIn