Every day risk management
If you're reading this blog I can assume that you, at some point recently, managed some risks. You might have arrived at work on time, having navigated the uncertainties of the public transport system. The computer you're reading this on hasn't been taken over by Russian hackers, so you can still control it well enough to visit APM's website. You even took the risk of reading this post rather than doing something else (hopefully that ends up being the right choice!).
We make these sorts of assessment every day, and generally we do them well. Most of us look both ways before crossing the road, and in the same way most of us will survey a site before we allow our projects to start digging: it's just obvious. So why on earth do we insist on turning risk managment into a specialist process, requiring risk managers and analysts and registers and QRAs when we're naturally so good at dealing with risks? There are two reasons that have always stood out to me:
I'm a smoker. I'm very aware that smoking is likely to have an impact on my future health, and yet I still do it. For some reason, I've not made a rational judgement about the relative risk and reward of smoking.
While there's a number of reasons we could propose as to why I've made this irrational decision, a big part of it is that the risk isn't staring me in the face in the same way as crossing the road in front of a car. When crossing the road my instincts kick in and I don't walk out in front of a car, but I'll light a cigarette because that one cigarette isn't the one that kills me, and even if it were the impact is somewhere in the future.
We make mistakes like this every day on our projects. We "get" physical construction risks because they're visible in front of us, but how good are our instincts when dealing with the vagaries of contractual position, stakeholder buy-in, even something as seemingly simple as the handover process? It's far too easy to let managing these areas slide just because they're not in our face every day.
Traditionally we see this most clearly in megaprojects, complex programmes, and other similar endeavours: we've always to think about the complex systemic factors that can go wrong on a multi-billion pound project. But that's starting to change. We now live in a time where the technical aspects of projects are getting more and more complex, while the contexts that projects operate in do too.
One of the key focuses for the APM Risk SIG over the next few years is to help transfer the learning and skills that our best megaprojects have built up in managing complex risk at their scale into simple and effective ways for a project manager to better manage risk every day.
If you'd like to learn more about what the best risk managers have been doing to support their projects, and engage with the wider community of risk managers, we'd love to see you at our conference on "Risk Capability for the new Victorian Age" on 25th January.