ZaneMeyers/zmVault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vault backup: 2025-07-03 17:03:26

Browse Source
This commit is contained in:
Zane Meyers
2025-07-03 17:03:26 -04:00
parent de1a089fd8
commit a80b41124d
60 changed files with 24600 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files
risk.md
+17 -43
View File
@@ -9,7 +9,8 @@ tags:
Risk, in common parlance, is the chance that something "bad" will happen.
As such, it is generally understood as a binary, win/loss relationship.
This model of [[discrete-probability]] is ubiquitous of [[project-management-tm|Project Management™]],
This model of [[discrete-probability]] is ubiquitous of
[[project-management-tm|Project Management™]],
and is the sort assumed when using [[risk-registers]].
> This scope of work presents a 1 in 10 chance of significant delay.
@@ -35,51 +36,24 @@ in the most likely case of each axis of uncertainty.
"Escalation" means projecting recent pricing to a later date of purchase
based on anticipated market conditions.
### The Problem
An incongruity exists between estimators and management.
Estimators know that estimation isn't even close to 100% accurate,
however for management to admit this would require them to admit to executives
that they allowed the bid despite the potential that it would not return the expected margin.
This is an obviously immature mindset.
More competent organizations would attempt to quantify this potential as risk,
however words like "risk" and "assumption" are upsetting to management
who would maintain that a "good" estimate has no risk or assumptions,
so instead of quantifying risk we use qualitative queries and expressions.
The usual call-and-response looks something like this:
> "Are you confident in this price?"
> "Yes, I feel good about it."
The reality of estimation is that it involves approximations, assumptions, and judgment under uncertainty.
Incomplete design information, market volatility, and unforeseen site conditions inherently affect accuracy.
In contrast, management often expect deterministic results,
treating estimates as precise forecasts rather than probabilistic assessments.
This expectation can stem from a lack of understanding about the estimation process
or a desire to simplify communication with higher-level executives.
The terms "risk" and "assumption" while common in mature parlance,
require acknowledgement of [[uncertainty]], a threatening concept
when personal accountability is ignorantly placed above organizational responsibility.
Assuming a manager was interested in preserving risk analysis details,
frameworks for presenting job details usually lack the detail required to do so,
and are sometimes even incompatible with the concept of multiple possible prices due to optional scope.
## ISO 31000
ISO 31000 defines risk as the "effect of [[uncertainty]] on objectives"
therefore referring to positive consequences of uncertainty,
as well as negative ones.
The standard gives a list on how to deal with risk:
> [!aside] ISO 31000
> ISO 31000 defines risk as the "effect of [[uncertainty]] on objectives"
> therefore referring to positive consequences of uncertainty, as well as negative ones.
>
> The standard gives a list on how to deal with risk:
>
> 1. Avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk
> 2. Accepting or increasing the risk in order to pursue an opportunity
> 3. Removing the risk source
> 4. Changing the likelihood
> 5. Changing the consequences
> 6. Sharing the risk with another party or parties (including contracts and risk financing)
> 7. Retaining the risk by informed decision
> 7. Retaining the risk by informed decision
## Risk Tolerance
Determining risk tolerance is a task usually appropriated by executives,
often based on [[gut-feel]],
but that is better determined mathematically.
[Risk of ruin](https://en.wikipedia.org/wiki/Risk_of_ruin)