There are four key terms to consider to develop an organizational risk profile before writing your risk management plan. Only three are in the PMBOK® Guide – Sixth Edition, and you need to read the entire Risk Management chapter to find them. The fourth (do you know which one this is?) is not likely to appear in the Seventh Edition either. But all four are essential and in regular use. Using the fourth will help expand your risk methodology beyond projects and programs and encourage systemic thinking.
The terms are:
1. Appetite: The amount of risk stakeholders are willing to bear to achieve goals. Example: A risk-averse environment has a low appetite for risk.
2. Capacity: The amount of risk stakeholders are able to take. Example: A low budget may define what risks need to be avoided due to a limited capacity to lose from an impact.
3. Threshold: The amount of risk stakeholders are willing to accept per individual risk. Example: the employees may purchase up to $500 of office supplies without formal authorization.
4. Tolerance: The amount of variance from risk appetite stakeholders are willing to accept. Example: A risk-averse organization, in addition to having a low appetite, may want to stick close to that low appetite and not venture into higher amounts of risk.
For more information on risk management, see 4 Important Principles for Risk Management,
Subscribe for Our Project Management Resources, Best Practices, and Tips
Confirm your subscription to receive an email with immediate download access to Project Manager's Resources, a valuable list of books and web sites.
Get the latest tips and updates sent directly to your inbox monthly.
We hate SPAM. We will never sell your information, for any reason.