Risk is relative. What one person perceives is a significant risk may be observed simply as irritation to another. Others may not see it as a threat at all. However, the ability to recognize a risk when it appears and appropriately address it to reduce the danger of damage that it poses is perhaps the essential job of today’s CEOs and CISOs. Having a well-informed and trained organization that demonstrates ‘risk literacy’ in all its sectors makes that job easier.
What is ‘Risk,’ and How Do You Manage It?
A risk emerges when something or someone is threatened with harm or a loss of some kind. A ‘risk’ can be many things, depending on the situation in which it arises. Different industries assess risks differently:
- The insurance industry measures ‘risk’ to determine the price of a policy or the potential cost of a payout when damages do occur.
- The financial industry measures risk in terms of the value of possible financial returns or losses based on the circumstances of a financial transaction.
- The business industry balances a risk of investment losses with the potential for significant economic gains that might flow from a new product or process. …