[wiki] Regarding Risk Management

Github wiki pages do not allow comments and meta-discussion about edits. Therefore, this thread is proposed for anything related to contents of the wiki page

Regarding Risk Management

Questions, comments, feedback, thoughts, suggestions, proposals? Put it all here, and let’s talk about it.

My background is in business and investment risk management. While I don’t develop risk management systems myself, I do work closely with them and specialize in quantifying risk.

While I understand the desire to list out every risk event you can think of, and tackle each one individually, that might not be the best way to tackle RM. Might I suggest that you start by categorizing the sources of risk, broadly at first and then more specifically, such as Internal, External, & Positional risk, and then under each category listing out sources more specifically.

The reason for doing this, rather than listing out risk events and ways to solve them, are two fold. First of all you will always miss something, and figuring out how to deal with broad categories of risk will give you a huge advantage dealing with unforeseen events. Secondly once you categorize your risk sources, you will likely find huge overlap and single solutions that can deal with many different events.

Here is a list of risk source categories I have used in past projects :

  • Goal/Strategic Risk (originating from strategic decisions)
  • Path/Tactical Risk (originating from tactical decisions)
  • Financial Risk (originating from adverse financial conditions)
  • Sentiment Risks (originating from peoples sentiment)
  • Force Majeure (Risk originating from acts of god)

(Note: these are organization level and my job is focused on quantifying and hedging risk rather than mitigation and management. Also I don’t work in the IT space and if this were a project I was working on I would want an IT Risk Manager, along with an Enterprise Risk Manager to develop the system with me),


I can’t PM you, probably because I don’t have permission?

Not sure, I’ll PM you

All, @RiskyMan / @RiskyMan2 (?) has been working on DRAFT VERSIONS of risk management docs, see here:

Risky Man’s Risk Management for Grin

Risk identification

I will put these up in the agenda for discussion on Tuesday’s governance meeting.