Risk

Definition

The formal definition of Risk (adopted by ISO 31000) accepts that risk is the effect of uncertainty on objectives. In simple terms, Risk denotes the potential for developments (future states of the world) that take an unexpected, surprising turn versus somebody's objectives.

The definition builds on several concepts:

• Objectives are defined with reference to an individual (a real person) or a Legal Entity. This highlights the subjective nature of risk (it is defined from the point of view of a specific entity).
• The effect of Uncertainty on an entity's objectives manifests concretely as the deviation of the actual (realized) outcomes from the outcomes that were planned or expected by the entity before hand. Outcomes may refer to any aspect of the world that is relevant for the entity.

Risk is a very general concept that applies to a wide variety of contexts. Therefore the same term might be used to denote slightly different facets of Risk. In various domains Risk Management becomes a formal, methodological activity. Risk Measurement, the quantification of Risk through the assigment of probabilities and numerical impact to various possible scenarios is not always possible.

Examples

• In a business context Risk means, informally, the potential for monetary Loss or other adverse outcome affecting an individual or an organization.

Issues and Challenges

• The standard admits both positive and negative effects of uncertainty as being part of the Risk definition. In common usage the term Risk denotes only negative deviations (adverse outcomes). The standard is thus not aligned with the casual use of the term risk, in that a positive deviation from expectations (an unexpected but beneficial outcome) would not normally be characterized as risk in common usage.
• Frequently (and erroneously) Risk is assumed to be some combination of the probability of an event and its consequence (e.g. by constructing a product of quantitative measures such as likelihood and severity). Risk is, in general, not a number (not quantifiable). In certain cases quantitative analysis may be useful.

See Also

• Depending on the subject and context, adverse outcomes can be classified byRisk Type organized in a Risk Taxonomy
• Certain types (but not all) of risk can be isolated in the form of a defined Risk Event
• Hazard is a term that aims to characterise sources of risk (See Risk versus Hazard).
• Risk is distinct from the concept of Risk Factor (See Risk versus Risk Factor)
• Uncertainty is a more general concept (See Risk versus Uncertainty)

Further Reading

• The Shortest Possible Course on Risk Management