The Lifecycle of a Project Risk

 

Risk Doctor Briefing

SERIES ARTICLE

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 



As we manage individual project risks, they pass through a lifecycle which can be described using a set of status values. These can help us to understand where each risk is in its lifecycle, so that we can determine what we should do next. The following set of standard status values might be useful:

  • Unknown: A risk that has not yet been identified.
  • Draft: A proposed risk that has not yet been validated.
  • Rejected: A Draft risk that is not valid.
  • Escalated: A Draft risk that is outside the scope of the project and that should be managed at program level or elsewhere in the organisation.
  • Active: A valid risk with a probability of occurrence greater than zero and that will impact one or more project objective if it occurs. An Active threat can affect the project negatively, while an Active opportunity has a potential positive effect.
  • Deleted: A risk that is no longer valid, perhaps resulting from a change in the project’s strategy, environment, objectives, or scope.
  • Expired: The time window in which the risk could have occurred has passed, so the risk no longer needs to be considered.
  • Closed: A risk (threat) for which the response has been fully effective and the risk can no longer affect the project.
  • Occurred: The risk has happened and the impact is being experienced.

Using these status values, we can describe the lifecycle of a typical individual project risk:

More…

To read entire article, click here

 

How to cite this paper: Hillson, D. (2018).  The Lifecycle of a Project Risk, Risk Doctor Briefing; PM World Journal, Volume VII, Issue IX – September.  Available online at https://pmworldjournal.net/wp-content/uploads/2018/09/pmwj74-Sep2018-Hillson-lifecycle-of-project-risk-briefing-article.pdf



About the Author


Dr David Hillson, HonFAPM, PMI-Fellow, CFIRM, CMgr, FCMI

The Risk Doctor
United Kingdom

 

 

 
Known globally as The Risk Doctor, David Hillson leads The Risk Doctor Partnership (www.risk-doctor.com), a global consultancy offering specialist risk services across the world.

David has a reputation as an excellent speaker and presenter on risk. His talks blend thought-leadership with practical application, presented in an accessible style that combines clarity with humour, guided by the Risk Doctor motto: “Understand profoundly so you can explain simply”.

He also writes widely on risk, with eleven major books, and over 100 professional papers. He publishes a regular Risk Doctor Briefing blog in seven languages to 10,000 followers, and has over 4000 subscribers to the RiskDoctorVideo YouTube channel (www.youtube.com/RiskDoctorVideo).

David has advised leaders and organisations in over fifty countries around the world on how to create value from risk based on a mature approach to risk management, and his wisdom and insights are in high demand. He has also received many awards for his ground-breaking work in risk management over several decades.

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

Agile Projects Don’t Need Risk Management (?)

 

Risk Doctor Briefing

SERIES ARTICLE

Thomas Wuttke, PMP, PMI-RMP, PMI-ACP

The Risk Doctor Partnership

Munich, Germany

 



The Agile Manifesto was published as long ago as 2001, but agile is still a hot topic in project management. In theory, agile project management is supposed to reduce risks by design, so that ultimately there are no risks any more. As a result, alongside backlogs, user stories and velocity in the agile approach, there seems to be no place for risks, for example there is no risk backlog. So where are all the risks in agile projects? Have they really disappeared? Three claims of the agile approach imply that this might be true:

1. Using an agile approach massively reduces risk. Right and wrong. It is true that the agile approach reduces some risks, such as the possibility of developing products that the market does not need. Used correctly and constantly, communication and iteration make it nearly impossible to miss the market. But the risk of developing the wrong product is only one type of risk. Risk is defined as the effect of uncertainty on goals. Since all agile projects, releases and sprints have goals, there will also be risks.

2. Risks are managed through the Impediment Backlog. Wrong. The impediment backlog provides a list of current obstacles. Impediments are like issues: they are problems that need to be resolved now. Some impediment backlogs probably also contain real risks, but that isn’t their main purpose. So, if it is used properly, an impediment backlog cannot help us to manage risk.

3. Risk is avoided through close cooperation in the team. Wrong. Of course, good cooperation within a team, working in one place and without constant interruptions, is really good for successful project work. It will avoid some risks, but not all.

Effective risk management is usually correlated with project success. But if projects conducted in an agile environment need no active management of risks, then do they all succeed?

If we focus only on the risk of missing the market needs, then perhaps it is true that agile projects are more successful than traditional projects. But within agile projects it is a different story. Much of the work turns out to be redundant. Product owners neglect their duties. The agile method is misinterpreted and misused. Managers expect miracles. And the tendency to believe that agile projects don’t need documentation only makes things worse.

More…

To read entire article, click here

 

How to cite this paper: Wuttke, T. (2018).  Agile Projects Don’t Need Risk Management, Risk Doctor Briefing; PM World Journal, Volume VII, Issue VIII – August. Available online at https://pmworldjournal.net/wp-content/uploads/2018/08/pmwj73-Aug2018-Wuttke-agile-projects-dont-need-risk-management.pdf

 



About the Author


Thomas Wuttke

Munich, Germany

 

 

Thomas Wuttke PMP PMI-RMP PMI-ACP CSM has a degree in Computer Science and has worked for more than 20 years on large IT integration projects in both the public and commercial sectors. He has intensive project and program management experience, and has served several organisations as general manager, director, president, international partner and Board member. His focus is on risk management in respect of process, people, culture and maturity. Thomas is a renowned and inspirational trainer, consultant, coach and speaker with assignments across Europe, China, Korea, Japan, India, Brazil and the United States. Thomas is married, has three children and lives near Munich, Germany, where he enjoys Bavarian culture, sailing and mountaineering.

Thomas can be contacted at [email protected]

 

 

Ten Things Every Business Needs to Know

 

Risk Doctor Briefing

SERIES ARTICLE

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 



Everyone knows that “business hates uncertainty”. Uncertainty poses a clear threat to business, but it also contains significant opportunity. Sources of uncertainty must be understood so that these threats and opportunities can be effectively managed, avoiding and minimising unnecessary problems as well as capturing and maximising benefits. In the current uncertain business climate, it has never been more important for businesses to assess and manage their risks. But how do we do that when we are surrounded by uncertainty?

In The Analects of Confucius, the ancient Chinese philosopher says: “Shall I teach you about knowledge? What you know, you know; what you don’t know, you don’t know. This is true wisdom.”

(由,誨女知之乎,知之為知之,不知為不知,是知也。)

Taking our advice from Confucius, there are ten things every organisation needs to know if we are to survive and thrive in this increasingly uncertain world:

1. Know your goals. When times are uncertain you need to know where you’re heading. This includes strategic vision as well as tactical objectives, both long-term and short-term. Ensure goal congruence and alignment to focus efforts on what matters.

2. Know your market. Don’t assume you know what your customers might want – find out. Market intelligence is vital in identifying trends and opportunities that you can exploit. Reducing market uncertainty prevents wasted effort and optimises effectiveness.

3. Know your business. Review your processes, products and people, to identify and focus on the winners, and maximise return-on-investment (ROI) by increasing efficiency.

4. Know your environment. Be sure you understand the world in which you operate, including political, economic, social, technical, regulatory and legal factors that might affect you. Conduct an environmental scan to identify and challenge constraints.

5. Know yourself. Assess your organisational culture and attitudes, identify your strengths and weaknesses, and determine your risk appetite and thresholds. These have a significant influence on how you respond to uncertainty.

More…

To read entire article, click here

 

How to cite this article: Hillson, D. (2018). Ten Things Every Business Needs to Know, Risk Doctor Briefing; PM World Journal, Volume VII, Issue 6 – June. Available online at https://pmworldjournal.net/wp-content/uploads/2018/06/pmwj71-Jun2018-Hillson-ten-things-every-business-needs-to-know.pdf



About the Author


Dr. David Hillson

The Risk Doctor

 

 

 


Dr David Hillson
CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years.  David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected].

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

 

Risk Management in Developing Countries

 

SERIES ARTICLE

Risk Doctor Briefing

Rasoul Abdolmohammadi, PMP, PMI-RMP

The Risk Doctor Partnership

Iran

 



Based on experience, it seems that the majority of companies in developing countries who are implementing risk management do not get the added value that they expect. This is often because they are attempting to import risk management from a different cultural setting, from developed to developing parts of the world.

In many cases, it makes sense to begin by bringing in a system from a developed country, rather than starting from the beginning to build something new. But how can organizations in developing countries avoid the threats that come with importing a risk management approach from elsewhere? These steps will help:

  • Self-awareness. Knowing ourselves will help us to develop a more realistic approach to managing risk. We should study our history to discover how risk has been considered and managed in the past, and we should look for particular cultural influences that might affect how we perceive risk.
  • Real Needs. What exactly do we need? Organizations in developing countries often look at others elsewhere and say: “They have implemented this system, so we want it too.” But copying others can lead us to adopt systems that fail to add value for our company. We must start by understanding what we really need from risk management, and then design an approach to meet it. We can define our needs by interviewing stakeholders or analysing weaknesses in our current systems. We should not merely copy the risk approach from others without being sure that it will help us in our specific setting.
  • Preparation. We need to understand what level of infrastructure is needed to support risk management, and determine whether our people have the necessary understanding, knowledge and skills to implement it. Many companies in developing countries try to implement risk management without having the necessary infrastructure or skills in place.

More…

To read entire article, click here

 



About the Author


Rasoul Abdolmohammadi

Iran

 

 

Rasoul Abdolmohammadi is an industrial engineer with more than 15 years project management experience including risk, time and cost management. He currently works as planning and scheduling specialist in Petronas. His risk experience includes developing, implementing and training project risk processes for a range of mega-projects in the oil & gas and construction industries (for the first time in Iran), including quantitative risk analysis using Primavera Risk Analysis. Rasoul has published his experiences in the book “Practical Project Risk Management Processes“, and he has presented on risk at international conferences.

He can be contacted at [email protected]

 

 

Expanding the Risk Management Universe

 

Risk Doctor Briefing

SERIES ARTICLE

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 



Like the physical universe, the risk management universe is expanding. This is true in two distinct ways, with enhanced depth of analysis and increased breadth of application. We might describe these as the micro perspective (looking very closely at the nature of the risks we face), and the macro perspective (looking at the bigger picture to see if we are missing anything). In addition to these, we need to think about how to manage the risks that we currently cannot see.

  • First is the micro perspective, where new advances in risk analysis are providing improved insights into the nature of risk, and developing new approaches for the effective management of risk and its impacts. Risk practitioners are committed to their profession, and it is not static. The high rate of publication of research papers and case studies and the release of new techniques and support tools provide evidence of a dynamic and developing discipline. Risk management has not settled but is continuing to develop and break new ground.
  • Progress is also being made on the macro level, with discovery of new dimensions to the risk management universe. The use of a structured approach to understanding and managing significant uncertainty is proving valuable in hitherto unexpected areas. Several fields are adopting “risk-based” approaches, including auditing, remuneration, social policy, communication, etc. It may only be a matter of time before these novel applications become full disciplines in their own right, adding new dimensions to the risk management universe.

Finally we should consider the risks that are currently invisible to us. Astronomers have realised that there is more to the physical universe than meets the eye or than can be detected using current instrumentation technology. Many have suggested the existence of “dark matter” to make their equations add up…

More…

To read entire article, click here

 



About the Author


Dr. David Hillson

The Risk Doctor
United Kingdom

 

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow

of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years.  David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected]

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

Risk Leaders Need to Dance the TANGO

Risk Doctor Briefing

SERIES ARTICLE

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 



Risk practitioners seek inspiration from many different places, but not many look to the world of professional dancing to improve their leadership effectiveness. An innovative workshop has recently been developed by LeaderTango (www.leadertango.com), which uses the Argentine Tango as a metaphor for the leadership strengths and skills needed to succeed in today’s business world.

When two dancers perform the Argentine Tango, it is a very intense and passionate event. They are completely focused on each other, fusing their movements into a complex unity that tells a powerful story. One of the dancers takes the lead, with the other following closely. To dance the Argentine Tango well, five characteristics are essential:

  1. Trust. The two dancers must trust each other completely as they perform, with each one relying on the other to move in the right way at the right time, providing support where necessary.
  1. Agility. Argentine Tango involves fast moves, rapid changes of direction, and a complex series of steps, kicks and turns. These are not possible unless both dancers are highly agile.
  1. Naturalness. Although the dance is complex, when it is done well it seems simple and natural, with two people moving seamlessly in synchrony, telling a story of love and passion.
  1. Guidance. The dance relies on understanding which partner is leading, with the other following closely to create perfect harmony between the two.
  1. Ownership. Dancers show complete commitment to the dance, putting themselves whole-heartedly into each move, expressing a deep connection with each other and the dance.

These concepts can be applied to improve leadership in many different situations, including risk leaders who need to steer others towards more effective risk management.

More…

To read entire article, click here

 



About the Author


Dr. David Hillson

The Risk Doctor

 

 

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years.  David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected].

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

The Evolution of Risk

Risk Doctor Briefing

SERIES ARTICLE

By Magda Stepanyan

CEO, the Risk Society

The Risk Doctor Partnership

The Netherlands

 



The concept of risk has evolved a long way since its origin at the end of the Middle Ages, up to the way risk is understood today. Four main stages of evolutionary development can be identified:

  1. Risk as objective danger that resides in the natural world. Originating at the end of the Middle Ages, this notion of risk is similar to that of hazard, involving natural disasters, famine, earthquakes, hurricanes, plague and so on
  2. Risk as accident, which is inevitable in the quest for economic progress. Gaining momentum in the 19th Century, this idea of risk included dangers and hazards arising from industrial processes, and viewed human fault as the cause of potential losses and damages
  3. Risk as social phenomenon arising from relations between human beings. By the end of the 19th Century, risk was seen as neither an external phenomenon nor the result of misconduct. Instead, risk was perceived as socially constructed and politically loaded, coming from the decisions made by people, either deliberately or unconsciously. Such risk is hard to rationalise and accurately define in terms of probability, consequences, compensation and accountability. Risk was viewed as an integral part of human life: the multiplicity of uncertainties that surround us as individuals, organisations, or societies shape the risk landscape of threats and opportunities.
  4. Risk as a global ‘grand challenge’. Today, the concept of risk includes mega risks that could affect the whole of humanity, jeopardise sustainable development, and even endanger our existence. Mega risks include climate change, critical infrastructure disruption, etc. One of their key characteristics is that mega risks disrupt cause-effect relationships in our globalised and highly-interdependent society. This disruption can occur in various dimensions across generations, geographic areas, sectors, institutions. This can create a ‘butterfly effect’ that often escapes our attention. A prominent recent example is the global financial crisis that triggered a wave of cascading risks across geographic regions, sectors, and industries. Understanding the ‘butterfly effect’ could help us see how risk is propagated, and identify early signals of potential mega risks.

More…

 

To read entire article, click here

 



About the Author


Magda Stepanyan, MA, MSc, CIRM

Risk Society

 





Magda Stepanyan
is founder & CEO of the Risk Society consultancy (www.risk-society.com). She holds an MA in Sociology from Yerevan State University, Armenia, an MSc in Public Administration from Leiden University, the Netherlands, and the International Certificate in Risk Management from the Institute of Risk Management (IRM).

Magda’s expertise is in resilience programming, integrated risk management (IRM), risk-informed strategy planning and implementation, disaster and climate risk management, horizon scanning for strategy and policy development, monitoring and evaluation.  She has more than 15 years of management and consultancy experience, working with organizations such as the EC, UN, WB, Red Cross, and others.  In 2012 Magda authored a UNDP Technical Paper on “Risk Management for Capacity Development Facilities”.

Magda can be contacted at [email protected]

 

 

Headline Risks: Seeing the Big Picture

Risk Doctor Briefing

SERIES ARTICLE

Dr Dale Cooper

The Risk Doctor Partnership

Australia

 



Risk assessments are often undertaken in detail, or several assessments are conducted in different parts of an organisation, project or program. Detail may be appropriate for tactical decisions and specific treatment planning, but there is often too much detail to support high-level decision-making.

A headline risk makes sense of a large amount of detail by providing a summary of what might happen and what the consequences might be. It can either be developed bottom-up from a set of detailed risks that have common features, or by taking a top-down perspective to find risks that are caused by organisational-level sources or external sources that are not apparent from lower levels.

The benefits of using headline risks include:

  • The summary leads to a high-level understanding of the important risks for the organisation, supporting strategic decisions and allowing corporate risk treatment to be dealt with confidently.
  • ‘De-cluttering’ a large and sometimes messy set of risks generates a list that is more manageable, highlighting common themes that affect several parts of the organisation and facilitating clearer decisions.
  • Consolidation can detect systemic or common-cause risks that might otherwise remain hidden because individually they have moderate or low levels of risk, allowing them to be addressed coherently.
  • The high-level view of risks, and the understanding that is generated, provides managers with greater confidence as they approach and make decisions.

Developing headline risks can be particularly useful in the following circumstances:

  • Risk assessments are often undertaken for individual business units in an organisation, or individual projects in a program or portfolio. An organisation also needs to understand how uncertainty affects it as a whole, but individual risk registers are not always best suited for this.

More…

To read entire article, click here

 



About the Author


Dr. Dale Cooper

New South Wales, Australia

 

Dr Dale Cooper is a highly skilled practitioner in the field of enterprise, strategic and project risk management, with over 35 years’ experience as a senior line manager and an international consultant. He has been a Director of Broadleaf Capital International since 1991.

Dale Cooper is a member of the Standards Australia Joint Technical Committee OB-007 that developed the risk management standard AS/NZS 4360, used as the basis for the international standard ISO 31000, Risk management –- Principles and guidelines. He is a Nominated Expert for Australia on IEC Technical Committee 56, Dependability. He was the lead author of the international standard IEC 62198, Managing risk in projects — Application guidelines.

He has been the independent Chairman of two Audit and Risk Committees and an independent member of two others. He is currently an independent member of the Audit and Risk Committee for the NSW Office of Environment and Heritage.

From 1984 he worked as an international consultant in the finance sector in London, as Joint Managing Director of a stockbroker in Sydney, and then as National Manager International Services at Standard Chartered Bank Australia, where he ran trade finance and priority banking and was a member of the Bank’s Executive Committee.

Previously he was a Research Fellow at the University of London and later on the academic staff at the University of Southampton. He received his PhD in operational research from the University of Adelaide. Dale Cooper is a Fellow of the Australian Institute of Company Directors, a Fellow of the Financial Services Institute of Australasia, a member of the Society of Petroleum Engineers and a member of the Society for Risk Analysis.

Dale Cooper has written many professional papers and several books on risk management. His most recent book, Project Risk Management Guidelines: Managing Risk with ISO 31000 and IEC 62198, written with colleagues from Broadleaf, was published by John Wiley & Sons in March 2014. He can be contacted at [email protected]

 

 

Prioritising Opportunities

SERIES ARTICLE

PRIORITISING OPPORTUNITIES USING RED/YELLOW/GREEN?

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 



A client recently said they were not happy using the standard red/yellow/green colour scheme in the Probability-Impact (P-I) Matrix for risk prioritisation, because it was “designed for threats”. For organisations who want to use an integrated risk process to manage opportunities alongside threats, this is a common perception – but it is wrong! First let’s think about how we prioritise threats.

The worst threats have a high chance of happening and a major negative impact, so we rate them high-priority in the red zone of P-I Matrix to ensure that they get maximum visibility and attention. Threats with a low chance of occurring and potentially only a small impact are lowest priority, so we rate them green. Intermediate threats are rated yellow to indicate that they are medium-priority, neither red nor green.

So red means bad, green means good, and yellow means something in-between. Obviously we can’t use this scheme to prioritise opportunities. The highest-priority opportunities are really good, with high probability (they are likely to happen) and high impact (if they occur they bring major benefits). If we used the standard red/yellow/green colour system, the best opportunities would appear in the red zone, which can’t be correct, because “red means bad”.

Wrong!! The key mistake is to think that “red means bad” and “green means good”. (In fact, these colours are culturally determined: in most of Asia, red means lucky or good!!) But in the risk process, the red/yellow/green colour scheme is based on a traffic light:

  • Red means “Stop”. If you get a really bad threat or a really good opportunity, you need to stop going in the current direction, consider the risk, and maybe move off in a new direction.
  • Green means “Go”. If the threat or opportunity is insignificant, then you can continue going in the same direction without stopping.
  • Yellow means “Take care”, and be ready to stop or go if the traffic lights change. Risks in the middle zone need to be monitored to ensure that we are ready to do something different if the priority level of a threat or opportunity changes.

More…

To read entire article, click here

 



About the Author


Dr. David Hillson

The Risk Doctor

 

 

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years. David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected]

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

 

The Anatomy of Risk

SERIES ARTICLE

Risk Doctor Briefing

By Magda Stepanyan

CEO, the Risk Society
The Risk Doctor Partnership

The Netherlands

 


It is clearly important for us to understand the nature of a risk properly if we are to manage it effectively. Many people only consider a limited number of risk characteristics, leading to a limited ability to manage risk. Effective risk management requires a deeper understanding.

One way to improve understanding is to explore the “anatomy of risk”. Anatomy can be defined as “separating or dividing into parts for detailed examination.” If we separate and divide risk into its constituent parts, we find seven elements. Four of these relate to the nature of the risk itself, and three are connected to people.

Risk-related elements includes:

1. Objectives: What do you want to achieve? Risks do not exist in isolation: they are always linked to objectives. Opportunities (positive risks) facilitate the achievement of objectives, and threats (negative risks) are a hindrance.

2. Change: What future events could impact your objectives? How might the external and internal environments be different from what you expect? Understanding the potential for change is the starting point for risk identification and analysis.

3. Causes: What might cause those changes? It is much harder to prevent threats or capture opportunities if you don’t know where they come from.

4. Impact: What are the consequences on your objectives if each risk materialises? Understanding consequences allows you to prepare for risk mitigation (in case of potentially negative consequences) and risk exploitation (in case of potentially positive consequences).

Many people think that these four risk-related factors are sufficient to provide a complete picture of a risk. But risks are inevitably connected with people. Risks often arise as a result of our actions, either directly or indirectly. Once a risk has been identified, the reactions of those people affected can further complicate the situation.

These reactions are formed by people’s needs and interests, as well as their moral and ethical principles. As a result, there are three additional people-related elements to the anatomy of risk:

More…

To read entire article, click here

 


 

About the Author


Magda Stepanyan, MA, MSc, CIRM

Risk Society

 




Magda Stepanyan
is founder & CEO of the Risk Society consultancy (http://www.risk-society.com/). She holds an MA in Sociology from Yerevan State University, Armenia, an MSc in Public Administration from Leiden University, the Netherlands, and the International Certificate in Risk Management from the Institute of Risk Management (IRM).

Magda’s expertise is in resilience programming, integrated risk management (IRM), risk-informed strategy planning and implementation, disaster and climate risk management, horizon scanning for strategy and policy development, monitoring and evaluation. She has more than 15 years of management and consultancy experience, working with organizations such as the EC, UN, WB, Red Cross, and others. In 2012 Magda authored a UNDP Technical Paper on “Risk Management for Capacity Development Facilities”.

Magda can be contacted at mailto:[email protected]

 

 

Addressing Risk with VUCA – Prime

SERIES ARTICLE

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 


Many risk practitioners have heard of VUCA as a way of describing an environment which gives rise to risk. VUCA stands for Volatility, Uncertainty, Complexity and Ambiguity. It was first developed in the 1990s by the US Army War College, but it has become widely used in business as a way of characterising the risky environment in which organisations operate.

  • Volatility occurs when the nature, speed and size of change are unpredictable.
  • Uncertainty arises from lack of knowledge or an inability to determine the course of future events.
  • Complexity is present when the outcome of an action cannot be predicted by simple analysis.
  • Ambiguity means that key characteristics of a situation are not clear, or they can be interpreted in different ways.

Each of the VUCA perspectives has clear parallels in the way risk is understood and managed, and it is possible to structure the identification of risks around these four dimensions. But although VUCA is useful in identifying risks, it does not help us to decide how to respond to them.

Fortunately, a complementary framework has recently been developed which we can use to shape our responses to VUCA risks. This framework was proposed by Bob Johansen in 2007 (*), and it is known as VUCA-Prime. This has four elements, and each one describes a leadership behaviour that addresses one of the VUCA dimensions. Risk practitioners can use VUCA for identifying risks, and they can also use VUCA-Prime to help them respond effectively.

  • Vision rises above Volatility. When things are changing unpredictably, it is vital to keep a clear focus on the overall vision. Knowing where we are heading will ensure that we stay on course when external circumstances are turbulent. The risk practitioner should maintain a relentless emphasis on objectives to ensure that risk responses keep the project or business on track. When things are changing unpredictably around you, keep your eyes on the goal.

More…

To read entire article, click here

 


 

About the Author


Dr. David Hillson

The Risk Doctor

 

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (http://www.risk-doctor.com/).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years. David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected]

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

Democratic Risk Management

SERIES ARTICLE

Risk Doctor Briefing

Rasoul Abdolmohammadi, PMP, PMI-RMP

The Risk Doctor Partnership

Iran


Former British Prime Minister Winston Churchill seemed to have a problem with democracy! He famously said “Democ­racy is the worst form of government, except for all those other forms that have been tried.” Greek philosopher Plato agreed, putting democracy near the bottom of his list of five types of government (Aristocracy, Timocracy, Oligarchy, Democracy, and Tyranny). Most people agree that democracy is a good thing, but does it relate to our professional lives? More specifically, is it possible to develop a democratic approach to Enterprise Risk Management (ERM)?

One key characteristic of democratic systems is decentralisation. This has been evident in government structures and policies since the nineteenth century, and it has also influenced the business world as a strategy for developing organisations and procedures. Is the same true of ERM? Many people view ERM as a centralising function in an organisation, enforcing a single “right way” to do risk management, and collecting and combining risk information to present to senior leaders in support of their overall management of the business. What would “Democratic ERM” look like? We should expect it to be characterised by decentralisation, in the following ways:

  • Organisation. ERM usually involves a central risk department with responsibility for overseeing risk management across the organisation, perhaps with a Chief Risk Officer in command. But this centralised approach can lead to non-realistic outputs, if the ERM function becomes detached from the rest of the organisation. Instead, everyone across the whole organisation should have responsibility for managing risk in their areas of responsibility. Risk practitioners should also be in place throughout the organisation to provide support and guidance to project, operational and functional teams. This more decentralised approach to managing risk is a feature of “Democratic ERM”, and will ensure that risk is managed at the right level, closest to where it affects the organisation.
  • Objectives. Risk is defined in relation to objectives. Decentralisation leads to the top-down development of a coherent hierarchy of objectives at multiple levels throughout the business, with lower-level objectives aligned to the strategic objectives of the overall organisation. It is then possible to manage risk at each level, linking risks to the objectives at that level. “Democratic ERM” coordinates the various levels of risk management, ensuring that common standards are applied, escalating risks as required. An ERM approach that only considers strategic objectives is more like dictatorship than democracy.

More…

To read entire article, click here

 


 

About the Author


Rasoul Abdolmohammadi

Ian

 

 

 Rasoul Abdolmohammadi is an industrial engineer with more than 15 years project management experience including risk, time and cost management. He currently works as planning and scheduling specialist in Petronas. His risk experience includes developing, implementing and training project risk processes for a range of mega-projects in the oil & gas and construction industries (for the first time in Iran), including quantitative risk analysis using Primavera Risk Analysis. Rasoul has published his experiences in the book “Practical Project Risk Management Processes“, and he has presented on risk at international conferences.

He can be contacted at [email protected]

 

 

Communicating Risk for Attention and Action

SERIES ARTICLE

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom


Communication is difficult, especially when we are dealing with uncertainties that matter. People need to know which uncertainties are most important, and what can be done to manage them effectively and proactively. Risk communication has two purposes:

  1. Attention. Tell people things they need to know that they do not know already.
  2. Action. Encourage people to do things they need to do that they are not doing already.

It is really important to communicate clearly about risk, and this should not be left to chance. Following a simple structured approach to risk communication will help to ensure that each person or group receives risk information that enables them to pay attention and take action. Effective risk communication requires three steps:

1. Analysis – Who needs what? Answer the following questions for each person or group:

  • How frequently will they need updates?
  • When do they need risk information to be supplied?
  • What level of detail and precision do they require?
  • What do they need it for, and how will they use it?
  • What risk information do they need?

2. Design – What shall we produce? Consider the following factors:

  • Content. Design outputs that meet the needs identified in the first step. A range of risk outputs may be required at different levels of detail, and it is more efficient to design outputs in a hierarchical manner if possible, to avoid the overhead of producing multiple versions. For example, high-level reports can be generated as summaries of low-level reports.
  • Delivery method. Alternative types of communication should be identified, allowing us to choose a method that is appropriate for each person. These might include written reports in hard-copy or electronic format (email, intranet, website, accessible databases), verbal reports (briefings, presentations, progress meetings), graphical or numerical outputs (tables, charts, posters) etc.
  • Responsibilities. For each output, identify who will be responsible for its production, and who will approve it. A RACI analysis might also be useful (Responsible, Approval, Contributor, Information).

More…

To read entire article, click here

 


 

About the Author


Dr. David Hillson

The Risk Doctor

 


Dr David Hillson
CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (http://www.risk-doctor.com/).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years. David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD). Dr Hillson can be contacted at [email protected]

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson

 

 

“WHO DARES WINS”

SERIES ARTICLE

Risk Doctor Briefing

By Rose-Hélène Humeau, PMP

The Risk Doctor Partnership

Nice, France


“Who Dares Wins” is the motto of the British SAS (Special Air Service), and it has also been adopted by another eleven elite special forces units around the world. If we applied this slogan in our organisations and projects, it could change the way we manage risk in the following four ways:

  1. Find more opportunities. Typically, about 80% of the risks recorded in Risk Registers are threats (negative risks), with only 20% opportunities (positive risks). Adopting a “Who Dares Wins” attitude will encourage the inclusion of more opportunities. Even if we don’t completely reverse the 80/20 balance, we should fundamentally change the attitudes of internal stakeholders towards risk identification. They would no longer attempt only to maximise protection against all imaginable threats, but instead they would optimise risk exposure by aiming to capture the gains offered by opportunities. To promote this approach, ask your teams to view their business or project as a bank account. Every threat corresponds to a withdrawal or an additional charge, and each opportunity is a deposit or added income. Most people understand that, to preserve and enhance the overall value of their account, it is more effective to focus on increasing gains than to put all of their effort into reducing charges.

2. Opportunity-based risk thresholds. If we want to focus on searching proactively for opportunities rather than simply protecting ourselves from threats, we need to encourage people to take risks. This raises the question of how far we can go in risk-taking. Asking people to take risks requires us to define the limits of what is acceptable. All business investments and projects are carried out to create value for stakeholders. Risk thresholds can only be determined by considering both value creation and value destruction for the organisation. The motto “Who Dares Wins” would encourage management and sponsors to define acceptable risk thresholds clearly, based on the anticipated value, and it would allow teams to concentrate on maximising value creation through controlled risk-taking within those limits.

3. Value-focused risk management. In order to follow the principle of “Who Dares Wins”, we need to know what winning means. Businesses and projects must have a clear understanding of what type of value they seek to create, what creates that value, and for whom. The International Institute of Business Analysis (IIBA, www.iiba.org) defines value as “any desirable result for a stakeholder in a [given] context.” Once the anticipated value is well-defined in a “business value model”, we can focus our risk process on enhancing the main value-creating opportunities, while at the same time addressing the principal threats that would undermine value for stakeholders. For projects, the business value model needs to be developed during project initiation, supported by the sponsor, regularly reviewed, communicated and shared with the team. The risk management process can then be aligned with the value criteria described in the model. Definitions of impact levels should cover all the value criteria identified in the model, including value for suppliers, for partners, for the teams, for client stakeholders, etc.

More…

To read entire article, click here

 


 

About the Author

161219-rhh-photo
Rose-Hélène Humeau

Nice, France

flag-france

 


Rose-Hélène Humeau
is an experienced trainer in project management, certified PMP© – Project Management Professional – from the PMI® – Project Management Institute. She is teaching regular Project Management and/or PMP® sessions for international companies like Suez, ENGIE, IMS, General Electric Energy Europe, AREVA, IBM, HP, Carrier SA, Air Liquide, DCNS … She also helps companies in implementing a “project management culture” by aligning their processes to best practices.

Rose-Hélène Humeau has more than 20 years’ experience in project management for information systems within High-technology organizations.  In this area of expertise, she has made significant contributions in project management mentoring, methodology development, training, process creation, and global deployments.

Over the last decade, as European Project Manager in a High-technology company, Mrs Humeau has managed numerous projects about conception and implementation of services and systems, for internal and international customers. She was part of an elite worldwide team as European representative. She helped in building and institutionalizing a project management culture in a large corporate environment according to PMI® best practices, guiding team members in investing in project management disciplines. She was an active member of a European Project Management Office.

Rose-Hélène Humeau is a founding member of the PMI® Côte d’Azur.  She was playing the role of President of this professional association for 3 years. She was, therefore, organizing and managing regular seminars and forums covering local, regional or international scope. In addition to professional activities, she had taught Project Management at Nice University (Project Management Master program) as well as EDHEC and SKEMA Business Schools both for European and French students.

She holds a Master Degree in Computer Sciences and a DEA in Management from UNSA University of Nice-France. From George Washington University, she received Professional’s Certificates in Project Quality Management, Project Leadership and Project Risk Management. She is certified by PMI® as a Project Management Professional (PMP©) since 1998 and is involved in this institute as expert for several initiatives.

Rose-Hélène can be contacted at [email protected]

Risk Escalation – A New Strategy

SERIES ARTICLE

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom


Risk response strategies help us to focus our risk treatment efforts. With a small number of strategy options to choose between, deciding on a preferred strategy allows us to concentrate on developing specific actions to implement that strategy and manage the risk in the desired way.

Early on, when risk management was limited to addressing threats, we had four alternative strategies: Avoid (remove the threat completely), Transfer (find a third party who can manage the threat on our behalf), Reduce (make the probability and/or impact smaller), and Accept (take no proactive action, but prepare a contingency plan in case the threat occurs).

Later, when we realised that risk includes both threats and opportunities, four matching strategies were developed for opportunities: Exploit (ensure that the opportunity definitely occurs), Share (involve a third party in managing the opportunity), Enhance (increase the probability and/or impact), and Accept (no proactive action, but a contingency plan in case the opportunity occurs).

Recently an additional risk response strategy has been defined, which we can use if we identify a risk that does not affect our objectives, but that could affect some other part of the organisation. In these cases, it is important that the risk is passed on to the right owner to ensure that it is recognised, understood and managed appropriately. The risk response strategy that achieves this aim is Escalate.

To make risk escalation work, we need clear thresholds between the different levels in the organisation, so that everyone knows where each risk belongs, without confusion or ambiguity. Regardless of where a risk is identified, it needs to be managed at the right level, and this is defined by measurable thresholds based on the objectives which would be affected if the risk occurred. These thresholds can be expressed as financial impact, safety implications, regulatory compliance etc., and a risk is escalated to a higher level if its impact exceeds a threshold value.

Risks can be escalated from any level in an organisation to a higher level, but it is perhaps most useful for risks identified in projects. In a project risk context, risk escalation is used when a project team identifies a risk that does not belong within the scope of their project, because it would not affect any project objective, but it could affect someone else. This means it is not a project risk, so they could just forget about it, and hope that the right person will also find it. Clearly this is not a good idea, as the relevant person may never find the risk. Instead, risk escalation is used to pass the risk to the person or party who would be affected if the risk happened. This is true for both threats and opportunities.

Here are some examples of risk escalation in practice:

More…

To read entire article, click here

 


 

About the Author

pmwj33-Apr2015-Hillson-PHOTO1
Dr. David Hillson

The Risk Doctor
United Kingdom

 flag-uk

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years. David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected]tor.com.

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

 

Risk Communication Through Storytelling

SERIES ARTICLE

Risk Doctor Briefing

By Joachim Adebayo Adenusi, CFIRM

The Risk Doctor Partnership

UK and Nigeria


Albert Einstein is reported as saying “Logic will get you from A to B. Imagination will take you everywhere.” A lot of our risk communication is very logical but not very imaginative. Experience shows that people listen better if the message is presented attractively, and storytelling is one powerful way to achieve that goal. An expressively-told story grabs the attention of the listener and creates vivid images in their minds which aid understanding and retention of the underlying message, especially when we’re dealing with concepts of uncertainty and risk.

What makes storytelling unique as a communication method?

  • Stories translate difficult concepts into a concrete form that can be handed down verbally or in written form, helping to shape and preserve culture.
  • Storytelling is interactive and flexible, causing the listeners to engage with the story and the storyteller.
  • A strong connection is formed between the storyteller and the listener, allowing the message to penetrate to the listener’s subconscious mind.
  • Stories engage reluctant or unbelieving listeners who would not listen to the same message if it was communicated in a more traditional form.
  • A well-told story stimulates creative thinking, and allows listeners to use their own imagination to put themselves in the story.
  • Hearing a story together creates a positive group identity.

The use of stories to communicate key messages has been part of the African heritage for many years. In pre-colonial times, many villages faced huge challenges that could only be overcome by careful planning and strong leadership. For example, when facing enemy invasion, the community leader would develop a detailed plan to defend the village and defeat the invaders. But then he had to encourage and motivate the community to implement the plan.

More…

To read entire article, click here

 


 

About the Author

160921-adenusi
Joachim Adenusi, CFIRM, ACII, MSc

Nigeria & UK

flag-nigeriaflag-uk

 


Joachim Adebayo Adenusi
is an expert risk management consultant and an Associate with The Risk Doctor Partnership (www.risk-doctor.com), offering specialist risk management consultancy and training. He is Director of Inspirational Risk Management Services Limited, a risk management business based in the UK, providing a wide range of risk consultancy, training and audit services. He is also Director of Conrad Clark, a risk consultancy with businesses in both the UK and Nigeria.

Joachim is a passionate and inspirational risk professional with over 22 years’ work experience across different sectors. He is a keen promoter of performance-based Enterprise Risk Management, and he has developed a unique approach to ERM based on these principles.

Joachim currently advises major UK financial services and underwriters on implementing and embedding Basel ll and Solvency II requirements. His main focus is on adding value to organisations and demonstrating efficiency, savings, performance improvement, profitability and waste reduction through effective management of risk.

Joachim won the UK Public Sector Risk Manager of the Year award in 2009-10, and was highly commended in the European Strategic Management Awards in 2007 and 2008. He is a risk certified trainer and a chartered insurer (ACII), and a Chartered Fellow (CFIRM) and former Director of the UK Institute of Risk Management (IRM).

He is also the founder and chairman of the Nigerian Risk Awards, which exists to promote and recognise excellence in risk management in Nigeria. The awards have been running successfully since 2013, with categories across all major sectors, and they have gained a reputation as a highlight of the risk calendar in the country.

Email: [email protected]

 

Defining and Using Risk Appetite

SERIES ARTICLE

Risk Doctor Briefing

Dr. Ruth Murray-Webster

United Kingdom


There is a growing recognition that a proper understanding of risk appetite is a vital influence on organisational performance. This is supported by regulators who expect boards to understand and express their risk appetite, and some senior executives in a range of public and private sector organisations are already taking a lead in this area.

This is a good start, but there is still confusion about how to define risk appetite and then use it to ensure that the organisation doesn’t take on too much risk (or too little).

Our book “A Short Guide to Risk Appetite” * (Hillson & Murray-Webster, 2012) attempts to dispel that confusion and provide clear advice on the topic.

There are four important factors to consider when defining risk appetite:

1  Conversation. This must be two-way, listening as well as talking, building respect for alternative perspectives. Different views on risk appetite are inevitable, driven by people’s inherent propensities for taking risk, and by their previous experiences of risk-taking that influence their perceptions of risk. This diversity is valuable, and open and honest conversation will enable differing perspectives to be aired and discussed.

2  Challenge. Diversity of views on risk appetite is normal, unless group dynamics such as groupthink are affecting the way people perceive risk, or if the group has worked together for so long that they have unconsciously adopted a cohesive approach. Challenge from a neutral facilitator will help decision-makers to consider alternative scenarios, and support open discussion of how much risk would be too much in the situation.

3  Cascade. Once senior decision-makers have a shared understanding of risk appetite for the whole organisation, this can be translated into measurable risk thresholds at the level of strategic objectives, as well as for operations, programmes and projects. Some advisors think that risk thresholds at lower levels in an organisation can be derived automatically using a formula, but this is rarely the right approach. Open conversation and neutral challenge will still be needed during the cascade process.

4  Controls. Finally, leading indicators are needed, not just lagging ones, to enable managers to know when current levels of risk exposure might breach risk thresholds. This might occur if risk exposure reaches a level where the outcome could not be tolerated, or risk exposure might get to a point where investing additional resources is no longer warranted. Where upper or lower risk thresholds are in danger of being breached, senior decision-makers will need to adopt a different risk attitude to ensure that risk exposure remains within acceptable limits. This will require the same level of conversation, challenge and cascade as the initial definition of risk appetite.

More…

To read entire article, click here

 


 

About the Author


pmwj49-Aug2016-Murray-Webster-PHOTO2

Dr. Ruth Murray-Webster

United Kingdom

 

 UK small flag 2


Dr Ruth Murray-Webster
is Director of the Change Portfolio for Associated British Ports Ltd. Prior to taking up this role in 2015, Ruth has 30 years of experience in a series of roles to enable organisations in most sectors to deliver change objectives including as Director of the Risk in the Boardroom practice for KPMG LLP in the UK and 10 years as a Director of Lucidus Consulting Ltd.

Along this journey, Ruth researched organisational change from the perspective of the recipients of change for an Executive Doctorate at Cranfield School of Management. She has also taken a keen interest in risk management along the way, co-authoring four books on the people aspects of risk management with David Hillson (Understanding and Managing Risk Attitude, 2007; Managing Group Risk Attitude, 2008; A Short Guide to Risk Appetite, 2012), and with Penny Pullan (A Short Guide to Facilitating Risk Management, 2011).

Ruth was awarded an Honorary Fellowship of the Association for Project Management in 2013 for her services to risk and change.

Dr Ruth Murray-Webster can be contacted at [email protected]

 

 

Effective Risk Facilitation: Handing Difficult People

SERIES ARTICLE

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom


In addition to being able to flex their facilitation style to meet the varying challenges of the risk workshop and different risk identification techniques, the risk facilitator also needs to handle the people who participate in the risk workshop. Unfortunately, it is common to find at least some participants in every risk workshop who are not fully committed to its success, or who are not willing to contribute freely. There are seven types of workshop blockers, and risk facilitators need to know how to handle them appropriately.

  • Aggressive. These people do not want to be in the workshop, think it is a waste of time, and actively oppose what the facilitator is trying to achieve. They are often loud, argumentative and critical, and their behaviour distracts others from contributing.
    • Defuse. Give them time to make their point, and do not argue with them, listen patiently, and use conciliatory language. If necessary speak to them outside the meeting during a break, asking for more tolerance, seeking their active support.
  • Complainer. Everything is wrong for a complainer, from the room size or temperature to the meeting time and duration, the list of participants, the type of coffee and biscuits, the agenda and scope of the workshop, and so on.
    • Delay. Listen to their complaints, and acknowledge anything which is valid. Then agree to address concerns outside the meeting. Deal with immediate matters during a break, and take up other issues later.
  • Know-it-all. Some people delight in expressing their opinion and demonstrating their expert knowledge of a topic, even when they are not real experts. They have strong opinions and voice them confidently. They are the first to answer every question, often dismissing the views of others as uninformed or naïve.

More…

To read entire article (click here)

 


 

About the Author

david-hillson
Dr. David Hillson

The Risk Doctor

 flag-uk

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years.  David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected].

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

Effective Risk Facilitation: Matching Style to Technique

SERIES ARTICLE

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom


There are many techniques for identifying risks, and a skilled facilitator can help to make these more effective. The previous Risk Doctor Briefing outlined three main styles that a risk facilitator can adopt: Directive (where the facilitator controls the workshop from the front) Collaborative (where facilitator and group work together as partners), and Supportive (allowing the group to run the workshop, with the facilitator offering advice and guidance as required). Different facilitation styles work best for various risk identification techniques, as follows:

  • Brainstorming. This technique requires a strong Directive style from the facilitator, in order to set up and enforce the ground rules, to manage group dynamics, to encourage quiet individuals to contribute, to channel dominant individuals, to prevent distractions and diversions, to maintain the schedule, to reach consensus on outputs, and to record identified risks properly.
  • Assumptions & Constraints Analysis. Examination of assumptions and constraints as potential sources of risk requires a disciplined and structured approach that is best supported by a Directive facilitation style. Each assumption or constraint is tested in two dimensions, for its stability and its sensitivity, and those assessed as both unstable and sensitive are converted into risk statements. The facilitator needs to keep the group focused on following this analytical process in order to ensure the quality of the output.
  • SWOT Analysis. This technique requires the group to start with known facts about the organisation (Strengths and Weaknesses), then to use these factors as prompts to consider how they might lead to Opportunities or Threats. Since the base information comes from the group, the facilitator needs a Collaborative style to draw on their knowledge and experience while working with them to transform strengths into opportunities and explore how weaknesses generate threats.
  • Influence diagram. A Collaborative style works well when the group is building an influence diagram to model the key relationships and dependencies in order to determine areas of maximum uncertainty. Group members bring detailed knowledge of the characteristics and parameters of the situation, while the facilitator has knowledge of how to structure this information into an influence diagram. The technique can only work if both facilitator and group work together alongside each other.

More…

To read entire article, click here

 


 

About the Author

david-hillson
Dr. David Hillson

The Risk Doctor

 flag-uk

 

 Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (http://www.risk-doctor.com/).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years. David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected].

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/

 

Effective Risk Facilitation: Understanding Styles

SERIES ARTICLE

Risk Doctor Briefing

Dr David Hillson, PMI Fellow, HonFAPM, FIRM

The Risk Doctor Partnership

United Kingdom

 


When a facilitator is leading a group in a facilitated workshop or meeting, he or she can adopt a range of facilitation styles. These vary by the amount of control exercised by the facilitator compared with the degree of control allowed for the group. On one extreme, the facilitator has almost complete control over what happens in the workshop or meeting. By contrast, at the other extreme the group has near-total control of proceedings. Between these extremes lie various shared positions in which the balance of control differs between facilitator and group.

Although the range of possible facilitation styles is continuous, we can distinguish three zones:

  • Directive/Reactive. The facilitator takes the lead to direct the workshop, while the group follows the facilitator reactively. In Directive mode, the facilitator is in charge, leading from the front, telling people what to do.
  • Collaborative. Facilitator and group work together to achieve the best outcomes from the workshop or meeting. In this mode they act as partners, with the facilitator standing alongside others and acting as a member of the group.
  • Supportive/Proactive. The group takes the lead proactively, setting the agenda and driving the workshop, with the facilitator in a supportive role. Here the facilitator is more like a helpful friend, standing behind the group, advising and helping them when necessary.

The risk facilitator can use a range of different styles, but when is each style appropriate in a facilitated risk workshop?

More…

To read entire article (click here)

 


 

About the Author

pmwj33-Apr2015-Hillson-PHOTO1
Dr. David Hillson

The Risk Doctor
United Kingdom

 UK small flag

 

Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years. David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected].

To see other works previously published in the PM World Journal by Dr David Hillson, visit his author showcase at http://pmworldlibrary.net/authors/dr-david-hillson/