Risk and uncertainty

This category contains 62 posts

The Stoic’s guide to risk management

One of the things that first got me thinking more constructively about risk management was the problem of how to best deal with risk and uncertainty. In 2014 I wrote about how to think about risk differently, which led to finding better ways to deal with it. Since then I’ve written about creating opportunities, seeking … Continue reading

An example of risk not being a point

I’ve written before about not regarding uncertainty and risk as things with a single probability and a single measure of impact. I called these “point risks”, as such a fictitious event sits at a single point on a chart. Now I’m happy to learn that a paper entitled “Cost of Data Breach Study”, by Ponemon … Continue reading

Managing the business, not the risk

There’s a subtle idea around risk management that I’ve come to understand, and which Norman Marks repeats often: “It’s not about managing risk. It’s about managing the organization for success!” I say it’s subtle because I occasionally get it wrong, and it seems well-known organisations do, too, which is what Norman is complaining about in … Continue reading

A strategy for making progress

Often in a work environment I find I’m faced with difficult problems, and while I manage to find ways to move forward, I do this without knowing exactly what the end state should look like. An example of such a problem might be agreeing the best process for something within a team, or a company. … Continue reading

Impact estimation tables (roughly)

Last week, two days in succession, I had cause to solve a problem using impact estimation tables. Unfortunately this technique is not widely known, so I thought I’d have a quick pass at explaining it. For many more details—beyond the simplicity of the description below—you really need to see the work of Tom Gilb, who … Continue reading

An example of a polarised uncertainty

This week I came across a real world example of an uncertainty that became more polarised—an event caused the outcome to be more likely to go to one extreme or the other, and less likely to be middling. I realised it when someone asked if I thought David Davis’s resignation was a good thing or … Continue reading

A plan for a plan

The other day a developer in my team asked, “So what’s your plan for…” and then described a particular organisational and technical challenge that several of us had been discussing on and off for a while. It was something that I was pushing forward, but I didn’t have all the answers yet. Of course, I … Continue reading

The (probably non-) risk management process

If you want a process for managing risk, then ISO 31000, “Risk management — Guidelines” is probably not going to help you. I’ve been looking at ISO 31000, because although I’ve been reading a lot of blogs and articles by individual people about risk, I also felt it was important to understand any “official” guidance … Continue reading

Sharing and transferring risk

When suggesting how we might deal with risk in a project or an enterprise, one of the common options that’s suggested is that we “transfer” the risk. (Other options include to accept it, reduce it, or avoid it.) And a common example of what it means to transfer the risk is taking out insurance. Then … Continue reading

Visualising uncertainty with R

I came across an article the other day by Martin Davies, explaining how important it is to visualise risk and uncertainty. A couple of weeks ago I wrote about visualising cause and effect. Martin emphasises the value of visualing uncertainty as a probability density curve, which I’ve also discussed before, and he uses the programming … Continue reading

Advertisements