Section 1: Defining risks
The official definition of risk per ISO 31000 is: "The effect of uncertainty on objectives."
If I have to define it in a single word, I will define risk as "unexpected." Any unexpected event that stops you from achieving your objective.
Whether I call the risk "The effect of uncertainty on objectives" or "unexpected," it can happen in two ways: positive or negative.
Section 2: Negative Risks
Negative risks are those events that stop us or hinder the achievement of our objectives. We mainly consider these types of events as risks. For example:
- Unexpected traffic on our way to the office stops us from reaching the office in time
- Client rejecting our shipment of goods to them
- Extreme weather delaying the execution of the project
- Change in currency exchange rate making our purchases costlier
All these examples above the examples of negative risks. To deal with negative risks, we have four commonly used strategies: Avoid, Mitigate, Transfer or Accept.
Risk Management
Section 3: Positive Risks
On the other hand, positive risks are those events that do not impede our objectives and help us achieve them. These are also called opportunities. They are crucial for any business. An opportunity arises when something happens which makes your objective easier than expected. For example:
- An increase in demand for your product
- New clients coming into the market
- A change in government policy that is in favour of your organization
These are all examples of positive risks. To deal with positive risks, we have four common strategies: Exploit, Enhance, Share and Accept.
Section 4: Conclusion
In conclusion, you should always try to identify both kinds of risks and then take appropriate actions.