In 2009, the ISO (International Organization for Standardization) pushed out a definition of risk which is expansive, but controversial, and not immediately intuitive for everyone.
They called risk “the effect of uncertainty on objectives” (see ISO 31000:2009 etc.). This definition was and is hotly debated partly because it is not event-centered and also partly because it is not cashed out in terms of likelihood or chance of loss, or for that matter measurable likelihood or impact.
But if we step back we can at least acknowledge some simple, real benefits of the broader concept of risk, which do not depend on using ISO, or any other large, elaborate framework.
First, it is generally advantageous to think of risk and uncertainty in terms of unexploited, undefined and potential upside, as well as potential losses. This is one of the benefits most commonly associated with the ISO 31000 definition and paradigm.
Second, if we think about risk for a moment we quickly realize that it is about more than the actuarial tables of probabilities and losses, or any other measured impacts. From an organizational and enterprise standpoint, uncertainties alter the behaviour of individuals and groups. The way incentives, authority, and blame or liability are distributed will cause different groups to respond differently to the “same” nominal risk.
This opens a wider topic of the way risk culture or style is expressed in individuals, in teams and across an enterprise, which is worthy of a separate blog entry in coming weeks.
Third, Management by Objective including Risk Management by Objective, is becoming an important trend in the risk management practices of industry leaders from several sectors.
If you are looking for surprisingly easy ways to align your objectives to the uncertainties facing your enterprise, contact us today!