Talk:Risk management

From Wikipedia, the free encyclopedia
Jump to: navigation, search


Lack of rigour in use of terminology here. A risk cannot "occur". Risk is an attribute of an event - only the event can occur. Risk is a metric describing the likelhood and potential consequences of an occurence of the event. As risk is the primary term of reference for the whole subject under discussion, it seems advisable not to misuse it. (talk) 09:23, 19 September 2012 (UTC)

Also, in the introduction, the article makes a claim that "Widely used vocabulary for risk management is defined by ISO Guide 73, "Risk Management Vocabulary," with a footnote. First of all, ISO Guide 73 (2004 and 2009 versions) were not based on what was previously "widely used". 2nd, the referenced ISO Guide does not itself make such claim, (which would have been difficult for the 1st edition, and for many changes of the 2nd edition). So, the adjective "widely used" either needs a source, or is original research. Suggest changing the sentence to read that "It aims to encourage a mutual and consistent understanding of, and a coherent approach to, the description of activities relating to the management of risk, and the use of uniform risk management terminology in processes and frameworks dealing with the management of risk" or "that it is intended to be used by: those engaged in managing risks; those who are involved in activities of ISO and IEC; and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk". If a source says that it actually is widely used, then perhaps the date when that fact became true (for the 2004/2009 publications) should be noted. Encouragement and intent are not the same as that which actually is. — Preceding unsigned comment added by (talk) 18:30, 31 August 2015 (UTC)


This section contains useful formulae, but some of the symbols (notably, S) are not defined.

Industrial Process link[edit]

The Wikipedia link for "Industrial Processes" within this article goes instead to "Individual Psychological Assessment". Please fix, thanks much. — Preceding unsigned comment added by (talk) 18:07, 31 August 2015 (UTC)


Project Management[edit]

The Project Management Body of Knowledge[1] (PMBOK) from the Project Management International (PMI) organization talks about risk responses using a different set of terminology. Given the 1.5 million certified project managers from that organization there may be value in including them: Avoid, Transfer, Mitigate, and Accept. Likewise, a "positive" risk aka an opportunity is not well addressed either: Explot, Enhance, Share, Accept.


  1. ^ Project Management Body of Knowledge (5th ed.). Project Management International. pp. 343,344,345,346. 

--Uncleharpoon (talk) 20:18, 4 February 2017 (UTC)


What's the use of all these ISO references? Advertising? — Preceding unsigned comment added by (talk) 22:03, 21 November 2015 (UTC)

ISO is an organization which defines standards, thus ISO references help to clarify definitions. Not usually to be seen as advertising. User:Hamburg-1982


I do not think Megaprojects are sufficiently distinct from "project risk managment" to merit its own section. I will delete unless there are objections.GESICC (talk) 02:47, 15 July 2016 (UTC)

Agree, go ahead.Hamburg-1982 (talk) 18:22, 7 November 2016 (UTC)

Merge with Risk[edit]

Should this be merged with Risk? GESICC (talk) 00:38, 19 July 2016 (UTC)

I'm inclined to say no. IMHO risk and risk management are different concepts, and particularly the psychological aspects of risk have little to do with risk management, which is more of a management/finance/engineering thing. Instead, I think many of the linked articles under See also should be integrated in the articles Risk and Risk managementHamburg-1982 (talk) 18:59, 7 November 2016 (UTC)
  • Oppose. Do not merge. A controlled property is not always the subject of a control or management system; Speed is not merged with Cruise control, Temperature is not merged with Thermostat or Thermal management. That said, we may consider (and differentiate) that there are forms of risk that are more closely associated with risk management (and some that are not), yet there are different Practice areas and they are concerned with different forms of risk. IveGoneAway (talk) 01:35, 10 November 2016 (UTC); edited 15:18, 15 November 2016 (UTC)

See also vs. Category:Risk management[edit]

The whole See also section was removed with the remark that Category:Risk management includes all and more. One issue is that that is not true: some of the entries in See also are - as of yet - not in the category. I have recovered some of them, which I see as "tangential" to the article and potentially of interest.

While the list as it was , was way too long, I don't think removing everything is the right solution. Is someone aware of a policy, guideline or rule of thumb of how to keep See also section compact yet reasonably rich/extensive? Hamburg-1982 (talk) 23:07, 7 November 2016 (UTC)

Hamburg-1982, as I generally understand it, categories and "see also" sections (as well as the broader concept of the list article) are complementary, meaning one does not replace the other. So articles being listed in a category does not preclude their inclusion in a see-also list and vice versa. James Hare (NIOSH) (talk) 15:46, 8 November 2016 (UTC)
In general I would agree, but the article article at hand is on a general subject. Therefore everything in the category is "complementary" in the sense they give more details of each separate sub-subject. And therefore formally the whole category must be listed in "See also", which is pointless. Staszek Lem (talk) 20:36, 14 November 2016 (UTC)

Merger proposal: Risk analysis to Risk management[edit]

I propose that Risk analysis be merged into Risk management. I think that the content in the Risk analysis article can easily be explained in the context of Risk management, and the latter article is of a reasonable size that the merging of Risk analysis will not cause any problems as far as article size or undue weight is concerned. Hamburg-1982 (talk) 20:01, 14 November 2016 (UTC)

  • Support. Analysis is an integral part of management. Merging would eliminate content forking and I agree later the article may be split if becomes necessary. Staszek Lem (talk) 20:31, 14 November 2016 (UTC)
  • Support. I see no reason to object. bd2412 T 20:38, 14 November 2016 (UTC)
  • Concerned. I haven't the time to fully assess this, but I am concerned about how to merge it. How much does Risk analysis overlap Identification ("Identification" itself being Practice area-specific)? At present, Method and Process appear both partially overlapping and partially inconsistent. Again, I think this is an effect of multiple use areas/vocabularies contributing to a single article. IveGoneAway (talk) 15:44, 15 November 2016 (UTC)
  • Strongly Oppose. Some people define risk management as the process of risk analysis (identifying and measuring risks) and risk mitigation. Others define risk analysis as the process of risk assessment and risk management. For example, see Society for Risk Analysis's page on how risk analysis is defined Since there is no consensus on which is the broader term, these pages should NOT be combined. They can be different concepts. There should be links between the two pages, so that interested people can see the different perspectives on risk analysis vs risk management. mackca01

Medical Device[edit]

Interpretations of the EN ISO 14971:2012 revision that interpret it to require reduction of risk to 0 or to prohibit the use of Information for Safety exhibit a common failure (even among those within the Medical Device Industry) to actually read the words of the relevant documents. When the MDD, ISO 14971:2007, and EN ISO 14971:2012 are actually read and understood, neither of these interpretations are valid. I have made several edits that have included very specific references into these documents with clear and detailed explanations of their language and intent. I have also referenced the Consensus Paper for the Interpretation and Application of Annexes Z in EN ISO 14971: 2012, version 1.1 (dated October 13th, 2014) from the Notified Bodies Recommendation Group. My corrections continue to be reverted without what I understand to be an appropriate justification. I am not sure how to contact or message the person doing the reversion to inquire with them what there counter arguments are. John Walters (talk) 21:42, 9 March 2017 (UTC)

Thanks for posting! As I noted your edits contained a bunch of interpretation of the various ISOs and their differences. Those interpretations are what we call WP:OR. Please read WP:OR. If you still don't understand, please ask. I also posted an explanation of how to edit, on your Talk page. Jytdog (talk) 23:08, 9 March 2017 (UTC)

I understand the assertion that my "edits contained a bunch of interpretation of the various ISOs and their differences" but I disagree. I also understand the concept of WP:OR but until someone can provide the explanation/justification/rationale as to how the existing content does not represent a greater example of WP:OR than the content I have proposed, I have to disagree with this as well.John Walters (talk) 01:02, 10 March 2017 (UTC); edited 16:02, 27 March 2017 (UTC)

It does not matter that the text was bad. You cannot continue editing in a bad way. This article became very horrible because of the attitude you suggested. In November I simply deleted big chunks of unreferenced and poorly referenced stuff. It looks like it deserves more decimation. Staszek Lem (talk) 02:29, 10 March 2017 (UTC)
I summarized (directly quoted or referenced) the actual text of the sources. Any remaining significant interpretation is being done by either the sources themselves or by the unsupported prejudices that some may bring to these sources or the topic generally, with or without realizing it. The act of editing an article (which includes both making edits and rejecting/deleting the edits of others) is itself an example of where Risk Management can be applied. In this context, the reduction of risk (risk in this case being the inaccuracy of the "summarizing" of relevant sources) is better than not reducing the risk. The "perfect" should not be the enemy of the "good", let alone the "better". If it is, then perhaps there is indeed much more content (by many more editors) that is edited "in a bad way" or in a manner that makes content "very horrible", and perhaps all of this content should be "decimated".John Walters (talk) 16:02, 27 March 2017 (UTC)

Replied to your comments on my user talk page. Not sure how you get notified of my responses on various pages. John Walters (talk) 02:19, 10 March 2017 (UTC)

Please see template:ping. Staszek Lem (talk) 02:29, 10 March 2017 (UTC)
Support of MDD interpretation corrections from clarifications in the MDR (an additional source):[edit]

Changes in the text of the final European Medical Device Regulation (MDR) clarify that the intent of "as far as possible" is not to reduce risk to 0 (which is impossible), but to "reduce it as far as possible without adversely affecting the benefit-risk ratio." Reference MDR, Annex I, Chapter 1, Section 2.
Changes in the text of the final European Medical Device Regulation (MDR) also clarify the intent of the requirements relative to Information for Safety and Information on Residual Risk. Information for Safety (a specific type of labeling content) can indeed be used (and is required to be used) as the lowest order risk reduction solution. Separately (and not as a risk reduction solution), manufacturers "shall inform users of any residual risks." Reference MDR, Annex I, Chapter 1, Section 4, Subsection (c) and text immediately below Subsection (c).John Walters (talk) 16:02, 27 March 2017 (UTC)

Citation search for Identification section[edit]

I spent a little time searching for citation for "Source analysis" and "Problem analysis" (also coming across "Objectives-based risk analysis" and "Common-risk Checking"). My interpretation is that the person placing the tags did not recognize the terms from their practice and wanted the terms cited.

On the Way I noted that circa 2008 content of Risk Management appears to have been lifted in toto here, illustrating how hard it can be to be certain you are avoid citing sources that were influenced by WP.

Much of the present WP wording for "Source analysis" and "Problem analysis" is found in a 2008 publication, but the relevant WP content of 2007 is also the same. This same source goes on to list Objectives-based risk / Scenario-based risk analysis, Taxonomy-based risk analysis, Common-risk Checking. So, I think much of the original content for this section was potentially lifted from some authoritative source, but unfortunately not cited at the time. I have stolen too much time for this already, so please forgive if I do not complete this task personally at this time. IveGoneAway (talk) 14:13, 5 April 2017 (UTC)

  • Objectives-based risk analysis: FWIW, I would suggest AS9100 as an example of Objectives-based risk analysis and management, insomuch as establishing quality objectives is a basis of the QMS that embodies a risk management process.
  • Common-risk Checking: FWIW, the FAA Job Aid Conducting Software Reviews prior to Certification embodies lists of common project and software safety risks (for 1990's software) that are checked at stages in a project to minimize hazards and risk of delays in Type certification. IveGoneAway (talk) 15:06, 5 April 2017 (UTC)
  • re: the person placing the tags did not recognize - this has nothing to do whether an editor "recognize" or not something. This is the major rule of wikipedia: information in articles must be verifiable by an average person, not by experts in the field. Staszek Lem (talk) 17:33, 5 April 2017 (UTC)
I think you misrepresent me. I was not questioning the need to tag the article, I was trying to figure out why certain items were tagged but not the whole section. For example I should think the tag on the phrase objective-based analysis should be on the whole paragraph rather than just the phrase. Why didn't the original author place citations on every paragraph? Why didn't the original reviewers place citation tags (or copyright tags ) on every paragraph? Why didn't the later tagger only tag specific terms and not all of the terms or paragraphs? I wonder if the original reviewers were from the same practice and too familiar to the subject and did not sense a need to cite reference. It is unclear to me whether the later tagger had issue with just the terms or the associated text as well; but perhaps that really doesn't matter anyway. But then my underlying thesis with respect to this article is that we have multiple practices trying to use a single article. ("That's not my taxonomy!")
(the history of this is muddled. The tags have come and gone, but were first applied on 2009.)
I am also suggesting that this smells like there is a single source out there for most of that section that predates the article, but I don't have to be the one that finds it just now.
BTW Good edit on the ISS caption. I wonder what a good RM image would be? Any modern aircraft? IveGoneAway (talk) 19:24, 5 April 2017 (UTC)
Tagging often depends on the level of attention and expertise of the tagger. There is no hard rules. First of all, the article has citation tag at the very top. However quite often it is ignored, therefore people may put more tags inside at their likes. Personally, I tag things it three cases: (a) highly specialized pieces of info, even if I have no doubts; (b) moderately specialized pieces written sloppily or smelling original research or bias, so that later I can come back and verify (c) dubious pieces which I am almost sure is nonsense, but still give a benefit of doubt, so that if nobody cares for a couple of weeks, I come back and chop it out. Staszek Lem (talk) 21:58, 5 April 2017 (UTC)