Updated: Feb 2
Sensitive risks don’t get a lot of press – perhaps simply because they are not easy to talk about or to manage. Perhaps also because they often concern people - for example, a lack of competence of individuals, poor behaviours, or workplace relationship problems. If they are seen and managed as 'management issues', the risk implications are unlikely to be recorded or reported as part of the risk story.
If we limit risk management thinking and reporting to “events that might happen” we deal with only some of our sources of risk. In any case, separating risks and issues into two different categories is a fools paradise. It compartmentalises them for no good reason except to make them seem easier to manage. The reality is that this leads to poorly integrated, sub-optimal responses, with negaive unintended consequences.
Risk consequences can be sensitive too. For example, a risk of project delays can be sensitive if delays are politically unacceptable or unpalatable. Leaving aside questions of integrity and transparency, people often avoid documenting or reporting risks if the possible consequences have flow-on implications that are hard to write down.
Any organisation that wishes to deal well with uncertainty, whether threats or opportunities, needs to be good at finding and managing risks that are sensitive. This is difficult precisely because of the nature of the risks. Fortunately, modern systemic risk management frameworks and approaches tackle this problem head on.
Show me an adaptive, flexible project or organisation that manages risks well in uncertain times and I will show you one or more strong, capable leaders who tackles sensitive, difficult issues that others avoid. Have a look at the RiskIQ 's Organisational Agility Framework (https://www.riskiq.com.au/copy-of-framework). The focus on Systemic Risk Leadership is no accident.