Improve Risk Management With These Simple Tips


Every single one of us manages risk on a daily basis, most people just don’t realize it. For
example, one of the riskiest things we can do is something that millions of people do every
day – drive a car. It’s something that we do so much that our brains process the risks without
us even realizing it.

There are dozens of risks that you manage to take a simple trip across town. Is your car in
working order to make the trip? Do you have enough gas to get you there and back? Are
your tires able to handle slippery road conditions? Are you comfortable driving at night?
Depending on the conditions, these are a few of the risks that our brains manage before we
even get into the car.

Developing the skills to effectively manage risk is important to your success. No matter
what field they are in, successful people are great at managing risk. The good news is, risk
management is a skill that you can learn and develop.

There are 4 steps to risk management: Identify Risk, Evaluate Risk, Response Plan and
Execution. Let’s take a closer look at each one.

1. Identify Risk
The very first thing that you have to do is identify your risks. A risk is anything that could
have an effect, positive or negative, on your desired outcome. I often start by looking for my
vulnerabilities in a project or situation.

This step is the most important step when it comes to managing risk. The goal in this stage
is to identify as many risks as possible. It doesn’t matter how ridiculous it may sound. If it
can impact your desired outcome – write it down.

2. Evaluate Risk
This is where you go through the list of risks that you identified and begin to assign a value
to them. Risk evaluation allows you to separate and prioritize the risks you’ve identified.
This way you can focus your attention on the risks that will have the greatest impact.

I evaluate each risk and assign a high, medium, or low value based on two factors – Impact
and Probability. If the identified risk would drastically alter my desired outcome, then I
would label it as high. However, if there’s a slim chance that it would actually happen, them
I would label the probability as low.

So going back to our driving example. A risk for driving across town could be that I hit a
deer along the way. That would have a critical impact on my desired outcome as it would
likely total my car. But because of the time of day, I’ll be traveling, it’s not likely to happen.
Therefore, that risk would be categorized as a High Impact-Low Probability (High-Low).

3. Response Plan
Congratulations, you have evaluated the level of impact and probability of each risk. Now is
the time to determine how you will respond to them. Whether in life or in a project, you
should already know what you are going to do before a risk occurs. Here are the 4 ways you
can respond to risks:
 Accept: You accept that this risk may occur. These are the risks that you gave a Low
evaluation. No need in doing anything with them because if they do happen, the
impact isn’t severe or it’s easy to overcome. When the benefits of success outweigh
the cost of failure, accept the risk, and move on.
 Avoid: If the risk is significant (High-High), the best solution may be to avoid it altogether. Determine everything you can do to prevent this risk from occurring. If you can’t find a viable solution, don’t take on the task or start the project at all. This is the safest option, but it should also be your last option.
 Transfer: You look for ways to transfer the risk to someone else. If you’re not skilled
at doing something that you need done, then you hire an expert. By doing so you
have transferred the risk of failure over to them. In our driving example, a way to
transfer the risk would be to have someone else take you across town.
 Reduce: This is what you do when the impact of the risk is too much to accept and
you can’t avoid it or transfer it. You try to find a way to minimize the impact of that
risk. So, in our driving example, your risk is that your car isn’t in the best shape.
You’re worried that it may breakdown, but you must drive across town to get to work
or you’ll be fired. A way to reduce the risk would be to leave earlier and avoid
driving on the expressway. You reduce the amount of stress you put on your car by
not driving at higher speeds. Thus, reducing the chances that your car will
 **Bonus** Exploit: This applies more to projects. In some cases, you can actually
exploit the risk to bring about a benefit. Another way to put this is to find the
opportunity that exists within the risk. For example, let’s say that you sell software.
A company wants to use your software, but their old equipment can’t run your
program. You can provide them with new hardware or make margin by bringing in
another company to do it.

4. Execute
This is where the rubber meets the road. You proceed towards whatever your desired
outcome is monitoring for risks. If one occurs, you execute the response that you created for
that risk.


5. Document and Learn
During and after the execution of your risk response plan, you should take note of the outcome.
Did your response work? What could you have done better? After going through it, did you
see things you could have avoided or opportunities that you could have exploited? By
asking yourself questions like these, you will be better equipped to handle risks in the
future. The better you get at managing risk, the more comfortable you will be with taking on
more risks.

Risk does not exist in a vacuum. As technology progresses and changes, so do your risks.
Therefore, you should constantly be looking at how these changes add or eliminate risk for
you. Over time and through many “lessons learned”, your risk management skills will
improve. The more that you go through this process, the easier it gets and the faster you
become and recognizing and evaluating risk.

Remember that even though risk is always present, and the consequences can be destructive,
you can create a plan. There are ways to insure against them, to prevent them, and to
minimize their effect if and when they occur.

One way to do that is to hire a certified Project Management Professional (PMP). These
professionals have the proven track record to not only assist with Risk Management but to
help you organize and complete a successful project.

If you have concerns about the vulnerability of your business or have a project coming up
that you’re just not sure about, we encourage you to give us a call. At Simple Plan IT, our
certified PMP’s can help you achieve the outcome you desire.

Schedule a call with one of our project managers to discuss your needs today.

Thank you for your time and we look forward to helping you in the future.

Follow Us on Social Media

Subscribe to our Blog

Most Recent Blog Posts

Don’t Stop Here

More Useful Security Information

Top 10 IT Security Myths — Debunked


Thanks to the recent COVID-19 pandemic, there has been a historic shift in the way people work. Remote work or work-from-home (WFH) policies were set

Cybersecurity Policies That Bridge Generations


Cybersecurity policies are necessary for any business to avoid becoming cybercrime victims. Cybercrimes continue to rise as cybercriminals get more creative- it’s imperative every business