Let me first apologize for the risk management industry.


For years the risk management industry (consultants, software vendors, “experts”) have done an excellent job of making the topic, and function, of risk management overly-complicated. We have described the processes of managing risk in terms no one understood, using catalogs of acronyms and mind-numbing statistics to describe hugely complicated processes, all in an attempt to make people/customers believe that risk management was complicated.


Along the way most people forgot what risk management was all about, forgot what their goal was. People became enamored with the complexity, the nuance and the need to over-engineer and over-design their risk processes.


In the end, what happened was that risk management lost its value to the enterprise. Executive management found it too cumbersome and started to believe that risk management was not fulfilling its promise. Risk was de-funded, and relegated to the realms of over-hyped and over-valued.


I am here to announce that those days are over. Risk management can be simple, it can be valuable and it can help companies be more competitive. We just have to remember what risk management is all about.


Risk management is about helping companies take risk, not slowing them down or being overbearing. Risk management is about separating your company from your competitors. Risk management is about success.


To revitalize risk management we have to take a different approach to the process. We have to simplify it.


Put simply, effective risk management is about the ability to answer 3 questions everyday;

    1. What are the risks that impact my goals and objectives?
      – This is key, look at the question. It does not say what are all my risks, it is more focused. Risk management is about managing risks which actually have an impact on your business goals. Everyone manager in a business must start focusing on the risks that matter, and remove the noise.
    1. What are we doing about those risks?
      – Are you doing anything……or hoping
    1. Is what we are doing effective?
      – Is what you are doing actually helping you achieve your goals, or are we just doing things to say we are doing things?

If you can answer those question, you are managing risk at a level most companies cant even imagine. Unfortunately, most companies cant answer those questions right now, but these are the only question that matter. If you are trying to answer others, ask yourself why?


In the next Blog entry I will continue with how the risk management process, regardless of industry or type of risk is a simple 5 step process. Dont believe me…..read on.

Leave a Response


(2) Responses to “Simplify, Simplify, Simplify…Part 1”

  1. Rich Merida says:

    Love your blogs. Where is part 2 of this ??