Perhaps an obvious Golden Rule for Risk Assessments, but too often overlooked.

In this article I want to share with you my Golden Rule when it comes to doing risk assessments. I suspect it’s one that many folks use and nothing new. Without getting into the details of defining risk and hazards, let’s just with defining “risk assessment”. ISO 31000 defines risk assessment as:

Overall process of risk identification, risk analysis and risk evaluation
For now, let’s just keep in mind those 3 important descriptors:
  • Identification;
  • Analysis; and
  • Evaluation
Each of those 3 descriptors above will have their own unique processes or methodologies for doing that particular task. However, there is one common theme throughout all three of them and that is “PEOPLE“.
People are involved with all 3 descriptors.
When people are involved, we have 2 potential options in the process of risk assessments and that is people can either presume or assume.

Presumptions & Assumptions

  • When we presume, we have some ideas of probability and some evidence which supports that presumption.
  • When we assume we have really no reason or evidence it’s just an assumption.

In conclusion

I suspect you’re going to say well I knew this anyway. But, I guarantee you that if you start every risk assessment with this “Golden Rule” being mentioned and also mention it now and then during the course of your risk assessment, it will really add a lot of gravitas to the whole process.
As one of my mentors once said to me and I don’t think he invented it:
When you assume, you make an ass out of you and me.
Keep that in mind: My Golden Rule for risk assessment is “never assume”.

Liked the Post?

Share with your network...