Is risk management about threats and opportunities, a debate!

This article is a response to an interesting debate on an article we had posted in the past on risk management. This is a link to the LinkedIn post:


You can refer to the above link to see the discussion but in case you decided not to, here are the main points of the debate,

There are two leading schools of thoughts; one that says risks are always threats and opportunities are independent. The other school says risks are ANY uncertain events if they happen could have negative or positive impact (hence threat and opportunity).

Here is a comment from a reader:  “but the thought of the second school is just ridiculous, nonsense, is wrong, is dangerous, and should be ignored.”

What do we think?

Our personal views (as SUKAD and myself – Mounir Ajam) is different from the opinion of the earlier comment. I will explain, and offer examples.

Traditional Thinking

Traditional thinking – even dictionary definition of risk is that risk is bad, danger, threat. From projects perspective, most have this view and think of risk as threats to project objectives. The project team job is to manage these threats, avoid, mitigate, accept … This view is fine if the project team can work with both – risks and opportunities. However, in practice, it is common that project teams focus on the threats and ignore the opportunities.

Business Thinking

Let us look at this from a different perspective – business.

Simplistically, we learn that launching any new business is risky, or a risk. So if risk is always bad, they why entrepreneurs launch businesses? Why corporations launch new products?

Every decision we make in life or business has risks – meaning there are things that could have positive impact and things that will have negative impact. An entrepreneur recognizes these risks and work toward lowering the threats and maximizing the opportunities.

How do we do that? Long discussion.

Another example. Organizations pursue projects typically for one of the following reasons:

  1. Responding to a competitive threat
  2. Responding to regulations, laws, or similar things
  3. Responding to security, environmental, or safety risks

In other words, responding to external threats.

However, organizations also launch new project as an opportunity to serve the community, generate profit, taking a market lead, etc. Then what is happening here?

The project is an opportunity.

Then how do we deal with such an opportunity?

Like any risk, we have to assess it and find ways to deliver a successful project. In other words, we conduct feasibility study, which is nothing more than the first risk management (opportunity management) exercise. A feasibility study will help an organization understand its SWOT and identify success criteria. This is necessary in order for the organization to decide if the opportunities are more than the threats or vice versa. If opportunities outweigh threats, we go ahead and exploit the opportunity. On the other hands, if threats are more than opportunities we cancel the project; we do not exploit the opportunity.

This is the business perspective – from a Project Owner perspective.

The bottom line

The bottom line is that there is no need to impose one school of thought over another. What is important is to determine if we can agree on the following: a project team must manage both threats and opportunities. Can we agree to this?

If we can agree, then whether we call our approach as Risk Management, Risk and Opportunity Management, Uncertainty Management, or anything else, it does not matter!