A tendency towards over‑optimism?
The core principles of risk management are straightforward.
We must create an overview and consider three questions:
- What could happen?
- How important is it?
- What will we do about it?
The task seems manageable, yet we must also acknowledge that it is not easy. Many internal and external factors influence which risks are relevant and how they should be understood.
Why things go wrong
Projects fail or run into trouble for many reasons. Some risks are never identified – others are misjudged. As humans, we often display over‑optimism: we underestimate consequences and overestimate our ability to respond. We also tend to seek confirmation and follow group dynamics, meaning that if part of a group agrees on something, others often follow suit.
Many organisations have extensive data and experience with previous projects, yet these insights are rarely used consistently to anticipate what might impact upcoming projects. When data and assessments are not objective or sufficiently comprehensive, prioritisation becomes difficult.
Risk prioritisation can also be skewed. Sometimes risks are prioritised based on what individuals want to address rather than what truly matters. Traditional risk matrices rarely capture the fact that a single risk can have multiple outcomes – and can make it challenging to assess overall exposure.
How do we improve risk management?
Start by focusing clearly on project objectives. Risks must be assessed in relation to the goals they may affect. Goals might relate to outcomes, timelines, costs, environment or reputation – and a single risk may impact several goals at once.
Adopt a holistic approach to risk identification. Do not only look at risks directly linked to the project itself. As Hans Læssøe highlights, consider external conditions (legislation, technology, standards), as well as processes both before and after the project. A poorly executed prior phase can create risks for the next. Likewise, supporting processes – such as access to IT support – may also be critical.
It is equally valuable to identify opportunities, not only threats.
Data is a central pillar. Use it. Analyse it. Avoid guesswork. There are excellent tools available for simulation and modelling, which allow you to test how the project performs under different risk and opportunity scenarios. These simulations can help pinpoint where mitigation efforts will have the biggest impact and support more robust planning.
And what about the language we use?
Few people are enthusiastic about talking about “risks”. Some project managers even report that the word “risk” sounds like “excuse” to their steering committees. Yet risk handling is fundamental to project success. So why not speak in terms of “success assurance” instead? Focus on the goal – success – and view risks as insights that help us actively navigate uncertainty.
Want to know more?
Want to strengthen your approach?
If you are curious about improving your risk management practices, reach out to us at kaastrup|andersen to discuss how we can help you strengthen risk handling in your projects.
