Why are many project managers confused about project risk management?
Why do some project managers include positive risks in risk management and others do not?
Why do project managers talk about risk management in different terms, as though they are speaking in different languages?
Let’s take a look at how risk is defined and why project managers need to clarify the definition and concepts of risk management with their project teams.
Risk is a Choice
Merriam-Webster defines risk as “the possibility of loss or injury: peril.” Most people think of risk as pure risk, as a possibility of loss. However, risk management has evolved to include a more holistic view that includes the potential for positive outcomes.
In his book Against the Gods: The Remarkable Story of Risk, author Peter Bernstein says, “The word ‘risk’ derives from the early Italian risicare, which means ‘to dare.’ In this sense, risk is a choice rather than a fate.” A modern definition of risk sees risk as “uncertainty about outcomes that can be negative or positive.”
The project manager’s job is to meet the project’s objectives through the management of risks, both positive and negative. The project manager’s choices drive their success or failure.
“When we take a risk, we are betting on an outcome that will result from a decision we have made, though we do not know for certain what the outcome will be.” -Peter Bernstein
Why So Much Confusion?
Ever wonder why there is so much confusion on the definitions of risk and risk management? There are several risk management standards that differ in purpose, definitions, and process. Within the world of project management, we also have different definitions and processes.
Sample of Risk and Risk Management Definitions
|Source||Definition of Risk||Definition of Risk Management|
|COSO Integrated Framework(Standard)||The possibility that an event will occur and adversely affect the achievement of objectives.||The identification, assessment, and response to risk to a specific objective.|
|RIMS||An uncertain future outcome that can either improve or worsen your position.||Strategic risk management is a business discipline that drives deliberation and action regarding uncertainties and untapped opportunities that affect an organization’s strategy and strategy execution.|
|PMBOK (ANSI Standard)||An uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives such as scope, schedule, cost, and quality.|
|PRINCE2 (Methodology)||An uncertain event or set of events, that if they occur, will have an effect on the project objectives.|
Cutting Through the Babel of Voices
With so many definitions, how can a project manager eliminate the noise and provide a practical foundation for managing risks?
PMs should determine whether their organization has standard definitions for risk and risk management. If so, adopt the definitions to ensure integration with the management principles of the governing organization.
If your organization lacks standard definitions, work to define definitions for your organization that align with the organizational objectives.
Include your definitions in the glossary of your Risk Management Plan. Also include your risk response categories (e.g., accept, avoid, mitigate, transfer) that align with your definitions.
Review the definitions with your project team. Provide examples. As you identify and monitor risks, review the definitions. Repetition reinforces the principles.
Question: In your experience, what are the most common misunderstandings about risk and risk management?
Join the 21 Day Challenge
Receive daily emails--learn to identify, evaluate, respond to, and control project risks.
Spend five minutes per day for 21 days--discover practical risk management techniques that can help you turn uncertainty into success!