Although this ultimate end cannot truly be achieved in our uncertain world, the success rate of project risk management is astonishing when implemented properly.. Options and futures were two of the earliest mechanisms for reducing risk for commodity buyers. The contemporary stance regarding risk management is that risk can be assessed, publicized, and effectively eliminated by revealing its root cause.
The key to navigating the uncertainty inherent in systems that are constantly metamorphosing will be cultivating a realistic understanding of what risk management is capable of. Less shocking is the initial impetus for the development, which was to win more often at gambling. It is actually quite surprising how long it took for the mathematical basis for systematic treatment of risk to emerge. Rich Pethia, director of Carnegie Mellon University’s Computer Emergency Response Team, warns against what he calls “check-the-box compliance” when it comes to implementing information security technologies. Pethia goes on to say that even measuring risk management progress in terms of benchmarks is difficult when it comes to security. From its inception the concept of risk management has centered on preventing the loss of resources.
This gradual transformation of assumptions concerning risk has produced approaches to risk management that allow project managers to prevent much of the chaos that formerly threatened projects. As these analyses became more refined, tools such as probability matrices were developed to gauge the impact of various risks. As systems grew, opinions about the inevitability of adverse risk were questioned. The determination that brought about the successful methodologies utilized today must be channeled into flexible mindsets prepared to react to changes as they occur. These foundations have evolved into many focused risk management strategies, but the underlying motives have always been increasing profit and reducing or eliminating loss. Methodologies went from simply indentifying risk factors to performing detailed risk analysis. Development of these advancements has been motivated by the belief that risk can be conquered. Modeling techniques like decision trees further expanded the discipline, allowing greater accuracy in planned risk responses. Insurance was another financial tool designed to shield people from monetary loss. Another prime example is social media. The benefits are difficult to refute, but there is a potential danger.
This progression from simple methods of increasing the odds of winning a bet and safeguarding investments to full-blown analysis for the sake of controlling risk demonstrates a steady shift in the attitude taken toward the phenomenon of uncertainty in systems. This principle will continue to govern the degree of success those responses will deliver.
The leap from games of chance to financial instruments took the concept of risk mitigation with it. Unfortunately risk management is frequently underestimated, especially in the software development industry.
As technology and organizations became increasingly complex, risk management strategies adapted to meet new challenges with varying levels of success. Methodologies currently available can reduce risk management to what essentially amounts to a checklist. Information security, especially online security, is one of several increasingly unpredictable systems that does not respond well to cookie-cutter approaches to handling risk. The attitudes that led to current risk management strategies may very well need to be reversed to avoid serious failures in systems that are changing too quickly to assess all the potential risk factors.
Information security systems are only one case of emerging technologies that have the potential to disrupt the established models of risk management. Prior to established methods of addressing project risks, chance often dictated success, and history overflows with the results of that type of planning. At present, Facebook is the king of the hill, but the brief history of online social media has demonstrated a fickleness that must occasionally terrify the project risk managers of that company. Stubborn adherence to prevailing approaches could prove to be just as detrimental to success as the now obsolete view that risk cannot be managed at all. Some aspects of risk management are certainly fundamental and thus will always apply, but in systems that are being defined on a daily basis certain traditional elements of planning for risk will surely fall short.
In many ways modern civilization is defined by its ability to understand and control risk. The goal of risk management progressively became monitoring and controlling risk factors to the extent that they could be rendered incapable of preventing the success of a project. Exceptional software solutions such as Monte Carlo simulation programs remove the guesswork by developing models and testing scenarios for risk analysis. The concept that risk could be anticipated to a certain degree took hold and became prevalent. Before risk management methodologies emerged, incertitude was considered a certainty. Over the centuries, the beliefs held about risk have shaped our responses to it