In past few PMP® Facilitation sessions which I conduct online, a number of professionals have been asking me what is the difference between Risk Appetite, Risk Tolerance and Risk Threshold. Thus, I thought of explaining the same in my next blog post. So, today we will discuss about each term in detail and study the differences.
I believe, the primary reason behind the confusion between all these three topics comes from the fact that all of these terms reflect the attitude of organizations or stakeholder attitude towards risk. The attitude towards risk showcases the varying degrees of risk stakeholders are willing to accept.
Let’s look at these terms one by one.
Risk Appetite
PMBOK® Guide, Fifth Edition defines it as “ The degree of uncertainty an entity is willing to take on in anticipation of a reward.”
This is the high level subjective description of the degree of risk which is acceptable to an organization or to stakeholders. It’s an internal tendency like that of hunger, and impacts our risk taking behavior. It is not possible practically to measure hunger likewise it is with Risk Appetite. But, when you interview stakeholders during Risk Identification Process or Risk Planning Process you observe their risk attitude , you observe how they react to risk do they say, “We love taking risks, we were able to grow just because of our risk taking attitude.” Such people rank amongst those who have high Risk Appetite since they are willing to digest high risk. And, on the other hand, if you hear stakeholders whining, “we need to insure that project team takes on all commitments, we do not want to confront a situation where stakeholder interest is at risk, we want to play safe.” In this case we mark the risk appetite to low.
Risk Tolerance
PMBOK® Guide, Fifth Edition defines it as ”The degree, amount, or volume of risk that an organization or individual will withstand.”
Now, here you may notice that the very term ‘Risk Tolerance’ indicates the ability to measure since the definition included, “amount or volume of risk that an organization or individual will withstand.” Here we are defining the risk attitude of stakeholders in the specific, measurable acceptance level of risk for instance, I can take risks up to 100, 000 USD or I can manage schedules variance of 10-20%. Likewise, during your interaction with stakeholder you can figure out his risk appetite by asking how much is too much for you, and the answer which he gives you leads to defining the Risk Tolerance.
Risk Threshold
PMBOK® Guide, Fifth Edition defines it as “ measures along the level of uncertainty or the level of impact at which a stakeholder may have a specific interest. Below that risk threshold, the organization will accept the risk. Above that risk threshold, the organization will not tolerate the risk.”
You may notice that when we were talking about Risk Tolerance, we were primarily speaking about impact of risk in a measurable unit, however, here in case of Risk Threshold we are also including the “level of uncertainty.” This means that we are further quantifying the Risk Attitude, e.g. “Will you be willing to take risk of 100,000 USD with 50% probability of occurring?”
During Risk Management Plan, a threshold level is the one beyond which organization does not want to tolerate the risk. This threshold is applied to the risk exposure and then Risk Exposure is calculated on the basis of probability and impact. Now, it’s very important to understand that when risk exposure is crossing the threshold, project management team has to take decisive actions (plan responses) to bring back the risk exposure under the threshold limits.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
