Let’s go back to our mouse scenario:
How do we control the good risk (will I get the cheese?):
We can put measures in place to make it easier to get the cheese (so easier to get the value for the client):
- Think about operational processes – what is there that we can change to make it better? Do we test them to see if they work? Do we regularly maintain systems to check that they operate correctly?
- Do we carry out due diligence – do we validate the facts or do we make assumptions?
- Do we have policies in place that protects our people (wearing the right safety equipment)?
- Do we have the right training for our staff?
- Do we have the right levels of approval in place?
How do we control the bad risk (will I get killed trying to get the cheese?):
We can put measures in place to make it less likely that the bad risk will crystallise (so less likely that the project will fail):
- We can add controls that will mean the impact of the risk will be less if it happens?
- Have we considered a different way of doing things – what could we change about the process?
- Have we implemented more quality and safety checks?
- Do we know the regulatory standards that are expected of us?
How much risk will you take?