The short answer is NO! Hear me out…

Over the last FIVE years I have had the opportunity to immerse myself with Risk Management, from both a Project and Operational lens, across SIX different organisations. What I found really interesting was the maturity level of risk management within each organisation as well as the level of understanding people have of it.

The most common observations being:

  • Risks were recorded according to the consequence of the risk event (without understanding what a risk event is or what the likely cause was, and
  • Issues were recorded as risks, albeit the risk having already materialised and having negative impact on a project or business operations.

So, let’s have a look at Risks and Issues separately:

Definition Example
Risk

An uncertain event or condition that, if met, will have a positive or negative impact on a person or a business’ objectives.

“There is a risk that someone may hurt themselves as a result of slipping over because of the slippery floor tiles.”

Issue

An event or condition that has already happened, which has or is currently having impact on a person or a business’ objectives.

“Someone has slipped over and hurt themselves on the slippery floor.”

So how should each be managed, and how do we manage them in a project environment?

Risks – risks are quantified. That is, if the event occurs or the condition is met, what is the impact to the cost / schedule / scope of the project? Will it prevent success? What ‘controls’ can we put in place to ensure that the event or condition is avoided, or that impact to the project is minimal? A project’s schedule and scope is not altered by identifying a new risk, but considered should a risk materialise.

Issues – issues have an immediate effect on a project’s cost / schedule / scope. Resolution must occur immediately to ensure impact to a project is minimised or avoided. Some issues can be ignored.

It is important to note that Risk Management is not as simple as it sounds, especially when mixing the project world with Operational Risk. We’ll leave that for next time…

Thanks for reading!