What is RISK?

I have started to get bothered by the way that the word RISK is used to mean almost anything – noun verb adjective.

It makes it almost impossible to understand what someone is trying to say about a risk or risk management topic.  I am probably even more guilty than most.  I was once told by an editor that I used the word over 100 times in an article.

One way that people misuse the word is in place of the word loss.  For the most part, people are interested in minimizing losses, not risks.  For some reason, risk seems to be a more professional word to use than loss.  But we should be honest with ourselves and be clear about when we really mean losses.  Looking forward, something can be a risk.  Looking backwards, something can no longer be a risk, it is a loss or not a loss.

In addition, many folks want to define risk to have both upside and downside.

I think that they are  being sloppy with words.

I think that they may trying to say that the concerns of risk managers are related to both the upside and downside.

Or they are trying to say that the upside part of Risk is the risk of foregone opportunities?  That at least makes a little sense to me.

But if you really mean upside and downside, then that definition of Risk seems to me to be Orwellian.  Like defining “hot” to include the temperature of ice. And your heating system to include your air conditioner.

It also seems that if you follow that line of reasoning to its logical conclusion, the only possible candidate for the CRO job is the CEO.

It seems that risk management is unhappy with only dealing with preventing bad things (losses) – it is so hard to get headlines if you are a defensive player on a sports team.  The things that do not happen do not lead to bonuses.

But making sure that bad things do not happen (with greater frequency or severity than the risk appetite) IS the job of the risk manager.

So I would define risk as “exposure to the potential for a future uncertain adverse event”.

This definition does not follow Knight, who separates Risk and Uncertainty.  Knight divides the two terms based upon the degree to which we know the distribution of outcomes.  I combine them because I do not believe that there is a set of future events with known distributions and another set with unknown distributions (putting aside dice).  I believe that there is a continuum of degrees to which we suspect that we know distributions of outcomes of future events.

So with this definition, I would suggest that there is no risk in an unknown future event where there are only positive outcomes possible.

I say this because there is more than enough to worry about on the downside regarding the management of potential losses.

Risk Limits always mean a limit in the amount of potential losses.  I have never heard of any organization anywhere ever that has put a limit on favorable deviations.

Explore posts in the same categories: Risk, Risk Management, Uncertainty


You can comment below, or link to this permanent URL from your own site.

2 Comments on “What is RISK?”

  1. Andrew Howe Says:

    Fascinating article, with view clearly expressed.

    Things I agree with:
    * Risk is used to mean many things (also the “sloppy with words” comment later in the article)
    * People get muddled between loss and risk – quite unnecessarily
    * It’s hard to get headlines if you’re connected only with the downside (unless one bank blows up while yours doesn’t due to something which is demonstrably “yours”)
    * Making sure bad things don’t happen – to the extent they are beyond risk appetite – is (partly) down to the risk manager
    * There is more than enough to worry about on the downside regarding the management of potential losses

    Things I’m not sure on:
    * “The only possible candidate for the CRO job is the CEO.” I believe that a major responsibility for risk management sits with the Board and (also) with the CEO. Having a CRO who reports to the Board or risk committee does not, in my view, decrease the CEO’s responsibility for risk or suggest that he/she is responsibile only for “non-risk” items.

    Interestingly I believe you’ve made this point yourself a couple of times recently on Riskviews(!)

    Things I disagree with:
    * risk should not include an upside

    Of course the fact that “we have more than enough to worry about” is neither here nor there when determining the scope of risk. And I don’t want to fall into the same trap by suggesting that it should include upside because most ERM definitions say so.

    Slightly more convincing (for me) is that strategic risk management is an acknowledged concept c.f. Aswath Damodaran’s writings and many others. In another article I believe you criticised ERM standards not always including strategic risk management. Of course you could contend that strategic risk management covers only the downside…

    If you take the view that risk is about uncertainty over parameters and models (and the consequent impact on our ability to make decisions) as well as “bad events” I think “upside risk management” is entirely natural and indeed fits within a risk-return optimisation framework (c.f. risk maturity model). As you say “opportunities foregone” is another way of looking at things.

    Finally to your hot and cold analogy. The critique seems to me a little circular; someone who had not come across the hot/cold concepts might talk about temperatures as high / low. Why cannot risk (and definitely uncertainty) be regarded as closer to “uncertainty over temperature” rather than “(uncertainty over) degree of coldness”. Even if you take the view that risk is about downside only, that downside must be relative to a baseline, and that baseline is not always obvious (zero, expected value, target etc)

    Thanks for a thought-provoking article.

  2. […] 16, 2009 by riskczar Originally posted by Riskview on October 12, […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: