In some situations, things go better if you can explain them in plain language. In others, having lots and lots of unintelligible pseudo scientific jargon is what is needed.

If your situation is the former and someone wants to know about risk management, tell them


That is short for:

  • Plan Ahead
  • Pay Attention
  • Take Action
  • Communicate

Really, that is what is involved in risk management.  Saying it is very, very simple.  Doing it is difficult.

Plan Ahead means that you need to know in advance how much risk you expect to take and how much mor or less than that you are willing to take.  Very easy to say, but not very easy to do.  But maybe if you just say it in plain language like this, instead of calling it risk appetite and risk tolerance, folks will understand and do that.

Pay Attention means that you need to know at all times, how much risk you are actually taking and how that compares to your plan.  It means that you really do know what your risks are and what your plan is.

Take Action means that if your plan says that you active manage your risks as you go along, that you actually do that.  If your risk positions grow much faster or much slower than your plan, that you do something about that also.  Take action means that you never just sit there unless that is what you planned to do.  (See Risk Management Entertainment System)

Communicate means that everyone tells each other what is planned, what the find when they are paying attention and what they do when they are taking action.

All of the fancy words around risk management are all a long winded and complicated way to say these four simple ideas.

But if your risks are complicated, as many, many organizations’ risk are, then this is only simple to say but never simple to do.

  • If your risks produce troublesome losses infrequently, it is very difficult to tell how much risk that you can or want to take.  It is also difficult to tell what your risk actually is at any point in time.  It is difficult to know whether to do something or not.  And so it sometimes seems like there is nothing that needs to be communicated.
  • If your risks are complicated and variable, then it is also difficult.  Knowing how much risk that you have been taking is slippery.  Knowing how much you might want to take is difficult and paying attention, that is measuring, is also tricky.  Taking actions might just fix one aspect of a risk and expose you to large dose of another aspect (see Risk and Light).  So what exactly do you communicate?

So these simple words do not help too very much.  Because even if you can tell the boss that risk management is easy to describe, you will be in big trouble when it is not easy to do.

So this is perhaps another one of those posts that you might have been better of if you did not read……

Explore posts in the same categories: Enterprise Risk Management, ERM


You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: