Drawing of Stakeholder map

Risk Management, Risk Analysis, Templates and Advice

Essential Microsoft Project: The 20% You Need to Know
  • Concise, focused guide that cuts through the clutter
  • Step-by-step instructions for creating a project plan in under a day
  • Master essential skills like work breakdowns and task sequencing
  • Real-world troubleshooting for 20 common scheduling challenges
  • Rapidly get up to speed if you're new to Microsoft Project
  • Includes glossary, support resources, and sample plans
The cover of the book 'Essential Microsoft Project: The 20% You Need to Know'

What is a Risk? 10 definitions from different industries and standards

by | reviewed 29/08/2024
A Venn diagram with three concentric circles illustrates three levels of risk definition: Narrow, Medium, and Broad. The inner pink circle represents a Narrow definition (Process Focus), including risks like safety hazards, equipment failure, supply issues, and physical hazards. The middle blue circle shows a Medium definition (Project Risk Focus), adding factors like budget overruns, resource availability, schedule delays, and quality issues. The outer green circle represents a Broad definition (Any Uncertainty), which includes stakeholder resistance, regulatory changes, political influences, climate change, and market opportunities. On the right side, a text box notes the blind spots of each level: Narrow misses stakeholder concerns, regulatory risks, and positive opportunities; Medium misses community projects, environmental factors, and long-term effects; Broad risks include analysis paralysis, resource dilution, and practical limits. At the bottom, the question How do you define risk? is posed in bold black text.
This diagram categorizes risk definitions into narrow, medium, and broad perspectives, showing associated examples and highlighting the blind spots that come with each approach.
Table of Contents:
  1. Three ways to define risk
  2. The Definitions
  3. Analysis of the Definitions
  4. Common Themes in Risk Definitions
  5. Download this list 10 risk definitions
  6. Risk Definition - references
  7. Read more on Risk Management

Three Ways to Define Risk

The term Risk is used in many ways and is given different definitions depending on the field and context. Common to most definitions of risk is uncertainty and undesirable outcomes. stakeholdermap.com
Definitions of risk range from narrow definitions - risks to people or machinery resulting from hazards - to wide definitions that see risk as any uncertainty of outcome.

The diagram at the top of this article shows how risk can be defined in narrow, medium, and broad ways. Each approach has its strengths but also blind spots, which means it is useful to consider more than one perspective.

Narrow Definition (Process Focus)
Focuses on risks to processes, people, or machinery.
  • Examples: physical hazards, safety hazards, supply issues, equipment failure
  • Blind spots: stakeholder concerns, regulatory risks, positive opportunities

Medium Definition (Project Risk Focus)
Expands the view to include project-level risks.
  • Examples: resource availability, schedule delays, budget overruns, quality issues
  • Blind spots: community projects, environmental factors, long-term effects

Broad Definition (Any Uncertainty)
Covers all uncertainties, including opportunities as well as threats.
  • Examples: regulatory changes, stakeholder resistance, political influences, climate change, market opportunities
  • Blind spots: analysis paralysis, resource dilution, practical limits

Key Point: Each definition highlights different risks, but also leaves gaps. Using a combination of perspectives gives a more complete picture of risk.

The table below lists ten (10) definitions of risk from different industries and standards.
A mannequin-like figure attempting to balance a stack of red blocks, each labeled with a letter that collectively spells RISK. The text What is a Risk? is on the left side of the image.

The Definitions

 Source
Business
"[Risk is] A probability or threat of damage, injury, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action."
 Business Dictionary
Engineering
[Risk is] The likelihood of variation in the occurrence of an event, which may have either positive or negative consequences.
 Risk Analysis and Management of Projects (RAMP)
General English Usage
"[Risk is] a situation involving exposure to danger: 'flouting the law was too much of a risk'
[mass noun]: 'all outdoor activities carry an element of risk'
[in singular]: The possibility that something unpleasant or unwelcome will happen: 'reduce the risk of heart disease"
 Oxford Dictionaries
  • British & World English
  • risk
Information Security
"[Risk is the] combination of the risk of exposure and the impact = combination of (likelihood of the the threat being able to expose an element(s) of the system) and impact"
 BSi - Information Security Risk Management ISO/IEC 27001
IT Service Management
[Risk is] A possible event that could cause harm or loss, or affect the ability to achieve objectives. A risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred. Risk can also be defined as uncertainty of outcome, and can be used in the context of measuring the probability of positive outcomes as well as negative outcomes.
 ITIL
Dowload this list in PDF
Dowload this list in PDF
Definition Source
Programme Management
[Risk is] An uncertain event or set of events which, should it occur, will have an effect on the achievement of objectives; a risk is measured by a combination of the probability of a perceived threat or opportunity occurring and the magnitude of its impact on objectives.
 Managing Successful Programmes (OGC)
Project Management
What all definitions [of risk] have in common is agreement that risk has two characteristics:
  • Uncertainty: An event may or may not happen.
  • Loss: An event has unwanted consequences or losses
 Idiots Guide to Project Management

[Risk is the] Combination of the probability or frequency of occurrence of a defined threat or opportunity and the magnitude of the consequences of the occurrence.
 Association of Project Management

[Risk is] An uncertain event or set of events that, should it occur, will have an effect on the achievement of objectives. A risk is measured by a combination of the probability of a perceived threat or opportunity occurring, and the magnitude of its impact on objectives.
 PRINCE2 Glossary of terms
Software Development
[Risk is] An ongoing or upcoming concern that has a significant probability of adversely affecting the success of major milestones.
 Rational Unified Process 2000

Analysis of the Definitions

Breadth of Scope

Narrow Definitions: Some industries, particularly those dealing with physical safety (e.g., construction, manufacturing), tend to focus on risks to people or machinery resulting from specific hazards.

Broad Definitions: Other fields, such as finance or strategic management, view risk as any uncertainty that could affect outcomes, whether positively or negatively.

Emphasis on Probability vs. Impact

Some definitions, like those in project management, emphasize both the probability of an event occurring and the magnitude of its impact. Others, particularly in everyday usage, focus more on the potential for negative outcomes without explicitly mentioning probability.

Inclusion of Positive Outcomes

While most definitions focus on negative consequences, some (e.g., ITIL, RAMP) acknowledge that risk can also involve the possibility of positive outcomes or opportunities.

Context-Specific Elements

Information security definitions often include elements specific to their field, such as threats and vulnerabilities. Business-oriented definitions may emphasize the potential for preemptive action to mitigate risks.

Common Themes in Risk Definitions

While definitions of risk vary, they often share some common elements:
  • Uncertainty: Most definitions acknowledge that risk involves an unknown or uncertain element.
  • Potential for Negative Outcomes: Many definitions focus on the possibility of adverse effects or losses.
  • Probability: Risk often involves the likelihood or chance of an event occurring.
  • Impact: The magnitude of the consequences is frequently considered part of risk.

Download this list 10 risk definitions

PDF download - 10 definitions of risk
 

Risk Definition - references

ITIL® glossary and abbreviations

Risk Analysis and Management of Projects (RAMP), UK, web site circa 1998

Abstracted from Association of Project Management (UK) APMP Syllabus 2nd Edition, January 2000, Abridged Glossary of Project Management Terms (Rev.4)

Baker, K and Baker, S. 2000. Idiots Guide to Project Management, alpha books.

OGC, Managing successful programmes (Office of Government Commerce), London: TSO, 2007 pg. 51. Latest edition Managing successful programmes


BSi - Information Security Risk Management ISO/IEC 27001 https://shop.bsigroup.com/upload/Standards%20&%20Publications/publications/BIP0076-Chapter1.pdf
Oxford Dictionaries https://www.oxforddictionaries.com/definition/english/risk

Business Dictionary https://www.businessdictionary.com/definition/risk.html

PRINCE2 Glossary of terms https://www.stakeholdermap.com/prince2/prince2-glossary-R-records.html

Read more on Risk Management


×

Get Instant Access

Enter your email to download this resource:

We respect your privacy and will never share your email.