7DIG Risk Revisited: The Problem of Risk Matrices

Filed under: Innovation,Risk — lenand @ 10:09 pm
Tags: , ,

Several years ago, project risk was high up the agenda especially in PRINCE2 projects.  But it was always viewed negatively.  People are naturally reticent about exposing risk in their area of responsibility.  Much more positive responses were achieved by reversing the questions and asking for levels of confidence.  Let’s call it Confidence Management, rather than Risk Management.  There are examples of success.

The method starts with interviews for assessing levels of confidence in achieving business targets.  Confidence levels are used to generate data in risk logs, which quantify business risk as a company wide, or even global, risk index.  It has a simple value for risk impacts that range from a few pounds to billions.

A 2X2 risk matrix is commonly used.


2X2 Risk Matrix

It does not give much information, but better than nothing.  More complicated versions with colour coding can alert senior executives.

5X5 Risk Matrix

The main problem of such matrices is that they mask the importance of very low probability, but very high or catastrophic risk impacts.  The undersea blow-out of a BP oil rig is a recent example. Some risk impacts have to be measured in billions, but such crude methods do not alert people adequately. The axes are often not given numerical values and therefore impossible to correlate projects across a programme.

The next blogs show a new way of identifying risks and a quantitative method for prioritising risks across complex programmes.



  1. […] billion; procedures were tightened.  This is the company threatening risk that is missed by using traditional risk matrices and resulted in the Risk Index to be described in the final […]

    Pingback by 7DIG: Identify Risk with Confidence « Quarkside — 19/10/2011 @ 10:35 am | Reply

  2. […] or prioritising, risk across any selected domain, large or small.   Other risk ranking methods eg a Risk Matrix, are too subjective and can miss  important […]

    Pingback by 7DIG: Ranking Risk « Quarkside — 20/10/2011 @ 9:10 am | Reply

  3. […] to achieve valuable outcomes by people using information assets in a process that considers both risk and time […]

    Pingback by IG Process: Due Diligence « Quarkside — 20/10/2011 @ 9:55 am | Reply

  4. […] Framework (7DIG).  The seven primary dimensions (Objectives, Outcomes, People, Assets, Process, Risk and Time) are intended to be MECE (Mutually Exclusive and Collectively Exhaustive).  A typical […]

    Pingback by Objectives of IG « Quarkside — 20/10/2011 @ 9:56 am | Reply

  5. […] – whether it is profit, reputation or society outcomes. This is explained more fully as the Risk dimension of the 7-Dimensional Information Governance (7DIG) […]

    Pingback by Risk Revolution. Catastrophe Killer. « Quarkside — 20/10/2011 @ 10:03 am | Reply

  6. […] 7DIG Risk Revisited: The Problem of Risk Matrices […]

    Pingback by Information Governance defined « Quarkside — 20/10/2011 @ 10:06 am | Reply

  7. […] the other six dimensions of the 7DIG framework ie Objectives, Assets, People, Outcomes, Process and Risk.  Every single sub-dimension can have the question asked […]

    Pingback by IG Time: the spatio-temporal paradigm « Quarkside — 01/12/2011 @ 11:35 am | Reply

  8. […] the Process that sets Objectives and uses Assets to achieve the desired Outcomes.  And it has a Risk […]

    Pingback by 7DIG: Time needs more than philosophy « Quarkside — 12/02/2012 @ 10:09 am | Reply

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: