WHAT IS RISK? RESULTS FROM A SURVEY EXPLORING DEFINITIONS

Similar documents
Income Tax and Small Businesses in Scotland

Series on Advances in Project Management. Managing Risk in Projects: What s New?

The Actuarial Society of Hong Kong IFRS Insurance Contract Phase II Development

Jefferies Healthcare Temperature Check

Free Press Poll Prepared on behalf of the Free Speech Network

A Snap Shot of the LGBT Sector. #LGBTResilience

Considerations of Materiality in Financial Reporting

GLOBAL ENTERPRISE SURVEY REPORT 2009 PROVIDING A UNIQUE PICTURE OF THE OPPORTUNITIES AND CHALLENGES FACING BUSINESSES ACROSS THE GLOBE

Assessing Canada-Asia Energy Relations

Pension Real Estate Association INVESTOR REPORT

re: Comments on Discussion Paper A Review of the Conceptual Framework for Financial Reporting

New Care Models Team Department of Health Room 229 Richmond House London SW1A 2NS. 3 November Dear Sir/Madam

CPA Australia-Corporate Governance & Financial Reporting Centre Survey on Accounting for Small & Medium Entities (SMEs)

ICAEW REPRESENTATION 196/16

2. Political Party? Other 28% Democratic 36% Republican 36%

SALARY GUIDE INSURANCE EXPERTISE

The 40 th Quarterly C-Suite Survey: Federal Election, Interest Rates, Oil Prices and Trade

Proving Worth The Values of Affluent Millennials in North America

COMMENT LETTER 7 RECEIVED FROM PROPERTY INSTITUTE OF NEW ZEALAND

May 21, 2008 Document

ICAEW REPRESENTATION 96/15

ATTITUDES ABOUT SOCIAL SECURITY AND MEDICARE

Risk Management in Italy: State of the art and perspectives. PMI Rome Italy Chapter

Research Library. Treasury-Federal Reserve Study of the U. S. Government Securities Market

THE STATE OF HEALTH CARE REFORM JUST BEFORE THE CONGRESSIONAL RECESS July 24-28, 2009

Norwegian Citizen Panel

Time for a. New Deal. for Young People. Broadbent Institute poll highlights millennials precarious future and boomers worries.

Industries Financial Services. Survey on Effective Management of South African Retirement Funds* March PwC. *connectedthinking

GLOBAL INVESTMENT MANAGEMENT COST SURVEY 2009

ADVISING ON PENSION TRANSFER RESPONSE TO CP17-16

Canadian Mutual Fund Investor Survey. July,

ANTI-MONEY LAUNDERING PROCESS MATURITY

Luxembourg Business Compass

ACCOUNTING STANDARDS BOARD JULY 1998 STATEMENT STATEMENT P RELIMINARY A NNOUNCEMENTS ACCOUNTING STANDARDS BOARD

T A B L E 17.CS1 Summary Results for YoY Sales Growth Decile Analysis of All Stocks Universe, January 1, 1964 to December 31, 2009.

Consultation Paper Indirect clearing arrangements under EMIR and MiFIR

Understanding the positive investor

Establishment of Australian Financial Complaints Authority

Public anger about corporate power dominant factor in views on trade & TPP

Kingdom of Saudi Arabia Capital Market Authority. Information and its Sources

Legal Services in BC. Final Report. Nobody s Unpredictable. September 2009

By Bruce Anderson & David Coletto

Investor Behavior Survey. November 2014

Exploring the rise of self-employment in the modern economy

FINANCIAL INSTRUMENTS. The future of IFRS financial instruments accounting IFRS NEWSLETTER

2010 ASPE-SDLC, Ravenflow & IIBA Business Analyst Salary Survey

8230 Leesburg Pike, Suite 800 Tysons Corner, Virginia Phone: Fax:

The Impact of FAS 133 on the Risk Management Practices of End Users of Derivatives. Report of Survey Results

Eurostat Questionnaire on. Recording of flows and stocks relating to pension schemes in national accounts. August 12, 2003

Report of The Health Insurance Authority to the Minister for Health and Children pursuant to Article 10 of the Risk Equalisation Scheme, 2003 and for

Pensions update for universities

Few would disagree that life is risky. Indeed, for many people it is precisely the element of

SURVEY RESULTS THE IMPACT OF FAS 133 ON THE RISK MANAGEMENT PRACTICES OF END USERS OF DERIVATIVES

SUPPLEMENTARY LESSON 2 MONEY AND RISK MANAGEMENT DISCOVER HOW THE WORLD REALLY WORKS ASX Schools Sharemarket Game

WARSAW 30 SEPTEMBER 2015 JOINT OUTREACH EVENT IASB EXPOSURE DRAFT ED/2015/3 CONCEPTUAL FRAMEWORK FOR FINANCIAL REPORTING

Griffith University. Preparing strata title communities for climate change survey: On line questionnaire findings summary for survey respondents

Sample of National Poll

Underwriting Agencies Australia/New Zealand CEO Survey 2017 Business Priorities and Trends

Age Concerns response to The future of the Code for Sustainable Homes making a rating mandatory

Managing Risk in Programmes

Does ERM matter?* Enterprise risk management for the insurance industry

PORTFOLIO CONSTRUCTION

Quality Assurance Scheme for Organisations

RiskMonitor Alternatives. Allianz Global Investors. RiskMonitor. Alternatives 2017

Evaluations of President Obama Drop Amid Skepticism about ACA November 15-18, 2013

current i s s u e s i n pensions

EUROPEAN PAYMENT INDUSTRY WHITE PAPER

Reflections in the Mirror: Defined contribution plan participants

Re: Proposed Statement of Financial Accounting Standards, Disclosure of Certain Loss Contingencies

VOLUNTEERING IN RETIREMENT A study by Justin Davis Smith and Pat Gay March Ref 0115

Survey of Washington Residents Denied Health Coverage. October 2009

Credit Management in Australia Veda National Credit Managers Survey 2014

Scottish Law Commission s Discussion Paper Unincorporated Associations. Briefing Paper for Governing Bodies of Sport. Introduction

AARP SURVEY ON MEDICARE PRESCRIPTION DRUG PLAN SURVEY QUESTIONNAIRE AND RESULTS NOVEMBER 20, 2003

Americans & Health Care Reform: How Access and Affordability Are Shaping Views. Summary of Survey Findings Prepared for: Results for America

Guidance for the Preparation of a Business Review under the Hong Kong Companies Ordinance Cap. 622

Americans Say Tax Plan Helps Wealthy, Not Middle Class Republicans Expect Economic Boost, but not Personal Tax Cut December 3-5, 2017

61.0% (June: 61.7%) 41.8 (June: 42.3) 1.9% 2.1% 0.4% 0.8% 0.4% 0.8% 0.7% 1.7% 8.5% Manufacturing Outlook. Expected Growth Rate Over the Next 12 Months

What America Is Thinking On Energy Issues. Production & Infrastructure: New Jersey

What America Is Thinking On Energy Issues. Production & Infrastructure: Missouri

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Smaller Financial Institutions Weigh In: Key Findings from the Federal Reserve 2018 Quick Hit Mobile Financial Services Survey

Park Quarry. Proposed property development Public Meeting

Briefing: Developing the Scotland Rural Development Programme

Integrated Earned Value Management and Risk Management Approach in Construction Projects

Public Health England s grant to local authorities

H M Treasury: Business Rates Review

Return on values. UBS Investor Watch. Most sustainable investors expect better performance, bigger impact

FEEDBACK STATEMENT ON RESEARCH PAPER SEPTEMBER

Meeting the retirement challenge New approaches and solutions for the financial services industry

2013 Global Survey of Financial Advisors. France Individual Country Report

NFIB SMALL BUSINESS. William C. Dunkelberg Holly Wade SMALL BUSINESS OPTIMISM INDEX COMPONENTS

Risk Manage Manag ment men & the PMBOK John H. Dittmer, VI PMP, PMP CISSP CISSP ISSMP

Prudential Retirement s Fifth Annual Workplace Report on Retirement Planning

Assigned Risks Pool review

Fixed Income ESG Survey Results

The adoption of ESG criteria among hedge fund and private assets managers: a survey by Unigestion April 2015

Current Estimates under International Financial Reporting Standards

Financial Perspectives on Aging and Retirement Across the Generations

In Sight Quarterly Pension Publication February 2010/Issue 9

Transcription:

WHAT IS RISK? RESULTS FROM A SURVEY EXPLORING DEFINITIONS Dr David Hillson Director, PMProfessional Solutions INTRODUCTION There is currently an active debate among risk management practitioners about the definition of risk. Given the long history of risk management it might be surprising that this question still excites any interest at all. But risk management like all disciplines is not standing still, and the definition question is part of the ongoing development of risk management as an essential tool for the effective manager. One aspect of the definition debate centres on the question of whether the term risk should only be used to refer to uncertain events which could have an effect which is unwelcome, adverse, negative or harmful (i.e. threats ). There is little doubt that the common usage of the word is associated with these types of effect risk is bad for you. However there is another view which is held by an increasing number of risk practitioners (especially in the project risk management field) that risk management should address uncertainties with positive impacts ( opportunities ) as well as those threats traditionally covered by the process. This has led to a perspective that the term risk should include both threats and opportunities. Some risk practitioners strongly oppose this move, while others feel that it is an essential forward step. Each side of this debate claims support from the silent majority, either stating that nobody wants to change the definition from threat-only, or asserting that there is a growing appetite for change. Neither of these statements currently has any objective supporting evidence, and both are based on anecdotal data. SURVEY PROCESS The Risk Management Specific Interest Group of the Project Management Institute (PMI Risk SIG) and the Risk Management Working Group of the International Council On Systems Engineering (INCOSE RMWG) are international practitioner networks representing significant groupings of professionals active in project risk management. Leading members of these two bodies therefore decided to poll members and others to gauge international opinion on the definition question. A simple questionnaire was designed (see Appendix) to explore what definitions were currently in use by the organisations represented by respondents, as well as the personal perspectives of respondents. The questionnaire was distributed by email to members of several professional bodies to which risk management practitioners belong. This included the PMI Risk SIG, INCOSE RMWG, the Risk SIG of the UK Association for Project Management (APM), the UK Institute of Risk Management (IRM), and the Global Association of Risk Professionals (GARP). The total number of members from these groups who were invited to participate by email in the survey was approximately 2000 (note that the actual total membership of these groups is much higher, but not all could be polled by email). The survey was distributed on 1 September 2001, with a return date of 31 October 2001. Page 1

SURVEY RAW RESULTS Respondents A total of 186 responses were received, representing a response rate of about 10%. This rate is typical of surveys conducted by email, and provides some assurance that the results might be representative of the general views of risk management practitioners in the groups surveyed. Respondents came from a wide range of industries, with high representation from consultants (32% of respondents) and IT companies (29%). There were also significant numbers of responses from people working in the communications industry (9%), and government agencies (8%). Most of the respondents claimed to be members of the PMI Risk SIG (73%), and 15% stated that they belonged to an IPMA-affiliated body such as APM. Only small numbers reported membership of INCOSE RMWG, IRM or GARP, and 10% belonged to some other body. However 15% of respondents were members of more than one professional body so there is some overlap between these results. Question 1 : Organisational definition of risk Respondents were asked in the first question (Q1) to choose a definition of risk closest to that used by their organisations, with four options given, as follows : a. Risk is an uncertain event or condition which, if it occurs, would have an undefined or unknown impact on achievement of objectives. b. Risk is an uncertain event or condition which, if it occurs, would have a negative impact on achievement of objectives (threat). c. Risk is an uncertain event or condition which, if it occurs, would have a negative or positive impact on achievement of objectives (threat or opportunity). d. Some other definition. Results are shown in Figure 1 below. The results show that about half of the organisations with which respondents work (54%) use a definition of risk with exclusively negative effects, i.e. a threat-only definition. About a third (34%) use a broader definition of risk which includes both threats and opportunities. Page 2

Q1 : Organisational definition of risk 5% 8% Uncertain event w ith undefined effect 34% Uncertain event w ith negative effect Uncertain event w ith negative or positive effect 54% Other Figure 1 : Organisational definition of risk Question 2 : Organisational approach to risk management The second question (Q2) asked about the approach to risk management within respondents organisations, to determine whether a threat-only risk process was used, and how opportunities were managed (if at all). Options for this question were : a. The risk management process aims to manage potential negative impacts on objectives (i.e. threats only). There is no process for explicit handling of opportunities. b. The risk management process aims to manage potential negative impacts on objectives (i.e. threats only). Opportunities are handled via a separate process that is not an integrated part of risk management. c. The risk management process aims to manage both threats and opportunities in a common (integrated) process. d. Some other approach not covered by the above. Results are in Figure 2. Q2 : Organisational approach to risk management 38% 8% 28% 26% Only manages threats, no explicit opportunity management Manages threats, w ith separate opportunity process Integrated common process for both threats & opportunities Other Figure 2 : Organisational approach to risk management Page 3

Over half of the organisations represented (54%) use the risk management process only to manage threats. These are split almost equally between those who only have a threat-focused risk process with no explicit opportunity management (26%), and those who use a separate process for opportunity management in addition to the threatbased risk process (28%). Over a third of organisations (38%) have a common risk management process which is used to manage both threats and opportunities in an integrated fashion. Question 3 : Personal definition of risk People invited to complete this questionnaire were members of professional bodies which specialise in risk management. It is therefore possible that individual risk practitioners might hold a different view of risk from the organisations for which they work. The third question (Q3) was included to test this possibility. Individuals were asked which of the definitions of risk stated in the earlier question best reflected their own preferred definition of risk. The results are in Figure 3. Q3 : Personal definition of risk 8% 13 % Uncertain event w ith undefined effect Uncertain event w ith negative effect 46% 33% Uncertain event w ith negative or positive effect Other Figure 3 : Personal definition of risk The distribution of replies to this question is the reverse of that reported for organisations, with almost half of the respondents (46%) stating that they prefer to use a broader definition of risk which includes both threat and opportunity. A third (33%) use a threat-only definition. It is interesting to speculate on whether this difference of opinion between the individual risk practitioner and their organisation might cause any difficulties in performing the risk process. Question 4 : Support for changed risk definition One of the main purposes of the survey was to identify whether risk practitioners would support a general change to the definition of risk to include opportunities as well as threats, since this is the topic of current debate among the risk community. The fourth question (Q4) asked directly whether respondents would (or already did) support such a change. Figure 4 below shows that 60% support a move towards a broader definition, with 30% opposed to change. Page 4

Q4 : Support for inclusive definition 5% 5% 30% 60% Yes No Don't know Don't care Figure 4 : Support for changed risk definition ANALYSIS OF RESULTS The above section presents the raw data from the survey, giving answers to each question as percentages of the total response. More detailed analysis however allows further conclusions to be drawn about the current perspectives on the nature of risk and the use of risk management. These are explored in the paragraphs below. Industry-specific views of risk Comparing responses to questions 1 and 6 indicates whether particular groups of respondents hold a shared view of risk. Since a large proportion of replies were received from consultants or those working in the IT sector, it is possible to see whether these respondents tend to hold threat-only definition of risk or a broader definition. Among IT respondents, 55% replied that they defined risk only in terms of threats (Q1b), with 33% using a definition including both threat and opportunity. These proportions match closely the overall distribution from all responses (Q1b=54%, Q1c=34%). The split among consultants is rather different however, with 48% of consultants defining risk exclusively as threats and 40% using the broader definition. Although numbers of replies from these sectors were smaller, it may be significant that about 60% of those from the communications and government agency sectors saw risk as only negative. The sector with the highest percentage using a threat + opportunity definition was transportation (66%) though the number of replies was not statistically significant. Organisational vs. personal view of risk Comparing the results of Q1 and Q3 reveals an interesting juxtaposition between the definition of risk used by organisations and that used by individual respondents. Page 5

About half of the organisations use a threat-only definition (Q1b) and a third use a broader definition of threat + opportunity (Q1c). However for individual risk practitioners, about half define risk to include both threat and opportunity (Q3c), while a third use risk to refer only to a threat (Q3b). There are a number of possible explanations for this finding, and the available data cannot determine between them. Perhaps individual risk practitioners hold a more current view of risk than organisations, since it is their area of speciality. This might lead them to have adopted the wider definition including opportunity ahead of their organisations who are still using the older more traditional negative definition. Another possibility is that those individuals responding to this survey were a self-selecting non-representative group who felt more strongly about including opportunity in the risk definition than people or organisations at large. The predominance of project risk management practitioners may also have skewed the survey result, since other groups of risk specialists may prefer to regard risk as only covering threats (e.g. those working in financial risk, insurance, actuarial risk, health & safety risk etc.). Data quality must be considered when interpreting these (and other) results, since it is possible that respondents may be misrepresenting their organisation s approach to risk management, whether consciously or not. Lastly, it is possible that the difference between organisational and individual views may represent a time-lag effect, since individuals can respond more quickly than organisations to changes in definitions, standards, best-practice or leading-edge. Organisational consistency Replies to Q1 and Q2 indicate a high degree of internal consistency in organisations in their approach to risk management. Q1 describes the definition of risk used in the organisation, with Q2 detailing the approach to risk management. A third of organisations (62 replies to Q1c, 34%) use an inclusive definition including both threats and opportunities, and about a third (71 replies to Q2c, 38%) have an integrated common process for managing both threats and opportunities together. Analysis indicates that these are largely the same organisations (with 50 responses in common), revealing a welcome consistency of approach. In other words, most (80%) of the organisations which use an inclusive risk definition also have an integrated risk process. Organisations which define risk exclusively in terms of threats (i.e. 99 replies or 54% answering Q1b) are also consistent, tending to reserve their risk management process for threat management. These are almost equally split between those who have no explicit opportunity management process (39 also answered Q2a), and those who use a separate process for managing opportunities (42 answered Q2b). Only 20 respondents answered either Q2a or Q2b who did not also answer Q1b. In other words, most (80%) of the organisations with a negative risk definition also have a threat-focused risk process. Page 6

Appetite for change Q3 reveals that 13% of individuals use a definition of risk with a neutral (i.e. undefined or unknown) impact (Q3a), while 33% use a threat-only definition (Q3b), and 46% use a broader definition including opportunity (Q3c). Q4 shows that 60% of respondents would support a general change in the definition of risk to include both threats and opportunities (Q4a), with 30% opposed to change (Q4b). Analysis indicates that those respondents supporting change are largely the ones who already use either a wider risk definition or a neutral definition. Of the 112 individuals supporting change, 71% already define risk to include both threat and opportunity, and a further 16% use a neutral definition. On the other hand, people whose personal definition of risk is exclusively negative tend to oppose change. 72% of those with a threat-only definition of risk oppose change, and 82% of those opposed to a broader definition hold a threat-only definition. This might indicate division of the risk community into traditionalists who hold and wish to preserve the view that risk is synonymous with threat, and progressives who already take a non-traditional view and wish to see it more widely accepted. Organisational membership Analysis of organisational membership reveals that members of the PMI Risk SIG hold mixed views on the definition question, with 59% supporting change and 32% opposing it. PMI Risk SIG members might be expected to have been influenced by the new risk chapter in the 2000 edition of the PMI s Guide to the Project Management Body of Knowledge (PMBoK ), which uses a broader definition of risk including both threat and opportunity. The other main group of respondents (15%) belonged to IPMA-affiliated bodies (largely the UK Association for Project Management), and these strongly supported change, with 82% in support of a wider risk definition and only 14% opposed. The overwhelming majority of responses came from the project risk management community (88% belong to PMI and/or APM), and this may have skewed the results of the survey, since it is possible that they may not be representative of the body of risk practitioners as a whole. CONCLUSIONS AND FURTHER WORK This short limited survey has produced some interesting and significant data relevant to the current debate over the meaning that should be given to the term risk. Survey data shows that over half of organisations and a third of individuals currently use a definition of risk which is just negative, compared to a third of organisations and nearly half of individuals who use a wider definition including both threats and opportunities. But the survey also indicates that the majority of respondents (60%) support changing the definition to be more inclusive. The results also suggest that many organisations do in fact use a common process to manage both threats and opportunities (38%), Page 7

compared to 26% whose risk process only manages threats, and 28% who have two separate processes for threat-risks and opportunities. These results can be interpreted to mean that there is some pressure towards an expanded definition of risk, and that such a change would reflect current practice. However further data is required to test this tentative preliminary conclusion, drawing on the opinions of a wider constituency of risk practitioners. In particular, the general applicability of the results may be compromised by the concentration of responses from members of the project risk management community, and from the consultancy and IT sectors. It is therefore recommended that other practitioner bodies and other industry sectors should be encouraged to contribute to this or a similar survey, supplementing the current data and allowing stronger conclusions to be drawn. Nevertheless, the preliminary findings from this simple questionnaire show that a significant proportion of organisations and individuals recognise both upside and downside risk, and that there is support for a change in the definition of risk to include both threats and opportunities. SURVEY PROJECT LEADERS NAME COMPANY CONTACT RISK ORGANISATION(S) Dr David Hillson PMProfessional Solutions dhillson@pmprofessional.com PMI Risk SIG, APM, IRM, INCOSE RMWG David Hall SRS Information dhall5@earthlink.net INCOSE RMWG Services Dr David Hulett Hulett and Associates dthulett@lainet.com PMI Risk SIG, INCOSE RMWG Barney Roberts Futron broberts@futron.com INCOSE RMWG Corporation William Seeger SAIC william.r.seeger.jr@saic.com INCOSE RMWG Page 8

APPENDIX : INCOSE RMWG/PMI Risk SIG Risk Definition Survey There is currently an active debate in the international risk management community about the definition of risk. Some feel that risk includes threats (downside risk or uncertainties with negative impact) and opportunities (upside risk or uncertainties with positive impacts); others feel that the definition should include only threats (uncertainties with negative impacts). The INCOSE Risk Management Working Group and PMI Risk SIG wishes to assess the body of opinion amongst active risk management practitioners by conducting a short survey through the main professional bodies and mail lists, and welcomes your participation. Please indicate if you would like a summary of results by placing your name and email address at the bottom of this survey note that individual responses will not be identified. Responses to this survey should be sent by 31 October 2001. Thank you for your help. Complete each question by putting an x in front of the appropriate answer or inputting your answer after the question. 1. Which of the following definitions of risk is closest to that used by your organization? a. Risk is an uncertain event or condition which, if it occurs, would have an undefined or unknown impact on achievement of objectives. b. Risk is an uncertain event or condition which, if it occurs, would have a negative impact on achievement of objectives (threat). c. Risk is an uncertain event or condition which, if it occurs, would have a negative or positive impact on achievement of objectives (threat or opportunity). d. Some other definition (please state) 2. Which of the following best describes your organization s approach to risk management? a. The risk management process aims to manage potential negative impacts on objectives (i.e. threats only). There is no process for explicit handling of opportunities. b. The risk management process aims to manage potential negative impacts on objectives (i.e. threats only). Opportunities are handled via a separate process that is not an integrated part of risk management. c. The risk management process aims to manage both threats and opportunities in a common (integrated) process. d. Some other approach not covered by the above (please state). Appendix Page 1

3. Which of the definitions in Question 1 above (reproduced below) best reflect your own preferred definition of risk? a. Risk is an uncertain event or condition which, if it occurs, would have an undefined or unknown impact on achievement of objectives. b. Risk is an uncertain event or condition which, if it occurs, would have a negative impact on achievement of objectives (threat). c. Risk is an uncertain event or condition which, if it occurs, would have a negative or positive impact on achievement of objectives (threat or opportunity). d. Some other definition (please state) 4. Would you (or do you) support a general change in the definition of risk to include both threats and opportunities? a. Yes b. No c. Don't know d. Don't care 5. Would you like to receive a summary of the survey results? a. Yes : my email address is b. No 6. Indicate the industry sector/organization type in which you work. a. Manufacturing b. Research & Development c. Aerospace d. Defense e. Information Technology f. Construction g. Transportation h. Finance i. Government or Public Agency j. Consulting k. Energy l. Not-For-Profit m. Environmental n. Communications o. Agriculture p. Medical q. Other (please state) Appendix Page 2

7. Comments (optional) 8. Personal Details (optional) a. Name (optional) b. Organization (optional) c. Membership in Risk Management-related professional bodies (check all that apply) 1. Project Management Institute (PMI) 2. International Council On Systems Engineering (INCOSE) 3. IPMA-affiliated body (e.g. UK APM) 4. UK Institute of Risk Management (IRM) 5. Global Association of Risk Professional (GARP) 6. Other (please state) Appendix Page 3

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback