Skip to content

Risk Management: What NOT to Do?

Thrive on Risk and Build Resilience with an Agile IRM Program

Other projects’ risk logs revealed a very similar approach to describing and recording risks. However, there are ways to ‘do’ risk management and ways not to do it.

Let’s look at a few examples and what we might do differently to become active risk managers.

Generic Descriptions

Therefore, describing the risk in terms that indicate the cause (the present state that gives birth to the risk), the event (the situation that could occur), and the effect (the likely impact arising from the event). This provides us with a far better awareness of the danger, as well as three separate areas in which we may be able to intervene.

Not all Risks are Negative

Describing all risks as “things that could go wrong” gives the idea that risk management is a problem-solving profession.

Risks should instead be seen as either negative threats or great possibilities. However, one useful definition of risk is “an unpredictable event that, if it occurs, will affect the achievement of objectives.” This influence can be both beneficial and bad. Using risk management approaches to find opportunities can usually result in the development of value for enterprises (as indeed can the identification of threats).

Are you tired of making costly mistakes in your risk management practices? Join APMG Change Management Foundation and Practitioner for Risk Management: What NOT to Do.

Lack of analysis and prioritization

A basic description of risk only offers us a general overview of what might happen. However, without proper analysis and prioritizing, we may become overwhelmed by the set of possible risks or stop after identifying only three.

We can begin to prioritize them by asking a set of questions, such as what is the possibility of the risk occurring, what is the potential consequence, and when might this happen.

This is significant because it helps leaders decide where to devote resources to improve the certainty surrounding each risk (whether the threat or opportunity).

Passive risk management

Simply describing a concern in a risk log or register is nothing more than a passive record of observation. Once a threat or opportunity has been recognized, characterized, analyzed, and prioritized, there are some critical steps to take to become active risk managers.

An important first step is to analyze our alternatives so that we can respond correctly. Several responses can be used to change the cause of the risk, avoid the event, or lessen the effects.

Don’t let common risk management errors threaten your success. Enroll today and protect your business at APMG Change Management Foundation and Practitioner.

Lack of accountability and responsibility

As previously stated, documenting a risk is a passive act. If we want to effectively manage our risks, we must first choose who will take action. Too many risk logs exclude this important information.

Some roles can be identified:

  • Risk author – the people who identified the concern, since they will be a valuable source of information
  • Risk owner – the person in charge of managing the risk and monitoring its status
  • Risk actionee – the individual who will carry out one or more risk-reduction measures

Many organizations will additionally have particular risk specialist jobs with broader responsibilities than a single project or program.

Now, whether we work in projects or programs, or at a strategic or operational level in our organizations, we understand that there are risks and that risk management exists.

But, now more than ever, we need to take a new look at our attitudes and practices and resolve to move away from terrible practices and build far better approaches to this important subject.


Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.

For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com