Risk is universal, we encounter it in our lives daily, and we are constantly facing it whenever we take a decision, what makes things more interesting is that Risk is not always so easy to measure. That makes Risk Management an art.
Oceans of ink have been spent to write about Risk, and I am pretty sure I could not give any contribute to present literature, but still, I tried to create my content through the table below where I’m trying to recap the definition of risk provided by 10 different sources:
Here some brief instructions on how to read the table:
The 4th column (sign +) shows if that definition allows a positive meaning of the term risk (note that all 10 definitions allows a negative meaning of the term)
- The blue columns indicate how the % of the risk is expressed
- The green columns indicate how the subject “activating the risk” is defined (we could also call it as the risk input)
- The yellow columns indicate the output of the risk
ISO31000 provides the most synthetic and the most widely recognized definition of Risk, so, if in doubt, just use it !
Our conclusions for all this are:
- Finding a universal definition is time consuming (and maybe useless). The right definition is context dependent.
- For people preparing for a certification mind the difference between different cert-providers.
- ISO31000 is the most synthetic and seems to be the most widely recognized, so, if in doubt I suggest using the ISO Definition of Risk. while MoR seems to provide the most complete definition.
- Only 5 definitions allow a risk to be also something positive, for the others risk has only a negative meaning.