Since the dawn of time, mankind has used myths to make sense of the uncertainty that surrounds us. More recently myths have crept into risk management and business projects. Although risk myths have some basis in truth, they fail to accurately represent reality. Here are
Myth 1 all risk is bad
“Risk? No thanks!” All risks are potential problems, and if they happen then we’re in trouble. For projects, risks mean threats to the budget and schedule, and the result of an impacted risk means overspend or delay. Even where we consider other objectives such as performance, safety or regulatory compliance,
On the other hand, starting from the idea that risk is uncertainty that matters, we arrive at a different conclusion. Some uncertainties might have helpful outcomes if they happen, saving time or money, enhancing performance or safety, helping us to achieve project objectives. Best-practice risk management
Myth 2 risk management is a waste of time
“Qué será, será” or “whatever will be, will be.” Most risks are outside our control, and we shouldn’t waste time trying to address them in advance.
But don’t forget. Risk management provides a forward-looking radar, scanning the uncertain future to reveal things that could affect us, giving us time to prepare in advance. We can develop contingency plans even for so-called uncontrollable risks and be ready to deal with likely threats or significant opportunities.
Myth 3 what you don’t know won’t hurt you
“Ignorance is bliss.” We’re so busy dealing with what we do know that we don’t have time to think about anything else.
That’s unrealistic. Hope is not a strategy! Uncertainties exist out there that can hurt us and our projects very badly. Unforeseen events can cause major delays, result in significant additional cost, or even cause accidents. Failing to spot risks will result in avoidable problems happening or benefits that could have been captured being missed. Not knowing about the risks that we face can be very costly indeed.
Myth 4 the risk manager manages risk
“The clue is in the job title!” Just as the project manager manages the project or the quality manager manages quality, so the risk manager manages risk. That means the rest of the project team don’t have to worry about risk if they have a risk manager (or risk champion or risk coordinator).
Not true. The title of
Myth 5 all risk can and should be avoided
“The only good risk is a
Myth 6 our projects aren't risky
“No risk please – we’re project managers!” The absence of risk is a sign of a successful project manager and a well-run project. Where risk rears its ugly head, it needs to be killed off as quickly as possible, so that we can return to our zero-risk nirvana (perfect bliss).
Such a naive dream!
Myth 7 risk management requires statistics
“You can’t manage risk without understanding statistics, probability theory and Monte Carlo simulation.” It’s pointless to record risks in a risk register,1
QRA is a powerful technique for analyzing the overall effect of risk on project outcomes, but it requires time, effort, specialist tools
Myth 8 risks are covered by routine processes
“We manage risk all the time – it’s part of the day job.” We know all the risks faced by our project and we have processes in place to deal with them, so we don’t need to do separate risk management.
Project processes are indeed developed to handle routine risks that arise regularly in our projects. And maybe such “business-as-usual risks” don’t belong in the risk register because they’ll be handled by existing processes. But what about
Myth 9 contingency is for wimps
Not even the best project manager can foresee the future with perfect accuracy. Unexpected things happen to good people. And all projects are risky, being unique and complex undertakings based on assumptions and dependencies, delivering change through people. We should always expect the unexpected. So, including a specific risk budget for known risks as well as a contingency amount for unforeseen risks is a sign of wisdom
Myth 10 risk management doesn’t work
“We tried risk management once...” The risks we identified never
The risk process often fails to identify the real risks to the project or business, focusing instead on the “usual suspects”.
The truth revealed
In our rationalist world where we value most what we can measure easily, it’s not surprising that unhelpful myths have grown up around risk management. In providing a structured way to address uncertainty, risk management offers important insights to project managers and their teams. Effective management of risk is positively correlated with project success, as we discover in advance the things that might drive us off track, and we implement proactive measures to avoid threats and capture opportunities.
Discover the real truth about risk management, and let it work for you and your projects! You won’t regret it!
- A risk register is a document the risk management team develops during the early stages of a risk management project. It tracks issues and
assessproblems as they arise
Copyright © 2019, David Hillson