Categorizing is a way for us to make sense of large amounts of information or some other item or “thing.”
Take Pokémon card collecting – a hobby my son has grown into over the last few years. Categorizing cards by energy type (fire, grass, water, etc.), or by set (Paldean Fates, Prismatic Evolution, etc) provides some order in what would otherwise be chaos.
Categorizing risks may seem like a trivial matter, but as I have mentioned previously, neglecting to use risk categories well can lead organizations to either over-manage minor risks or neglect the important ones. Of course, this leads to wasted resources at best, and at worst, a full-blown crisis that could take the company down.
I was delighted to speak with Graeme Keith recently on the importance of risk categories and what practitioners and company leaders should be keeping in mind as they establish those risk categories. Our entire conversation is provided below. I highly recommend taking 30 minutes to watch the full conversation, or jump to specific sections for actionable insights.
- Introducing Graeme, his background, and his current venture, Stochastic ApS (0:00).
- Why we’re calling it risk categories instead of taxonomy (2:05).
- The ultimate purpose of risk categories and what companies need to consider when setting them up (3:05).
- The one key to avoiding analysis paralysis and putting the focus where it belongs (7:20).
- The importance of only attaching risk to one place in a decision structure (9:40).
- What to do when risks have multiple consequences or multiple root causes affecting multiple objectives (11:35).
- How deep should risk categories go and where should you stop (16:35)?
- Grounding questions and how they keep practitioners from getting lost in the weeds, BUT… (20:00).
- The danger of being too broad by assessing risk categories without going deeper (23:55).
- Wrapping up and where you can connect with Graeme for more (27:10).
Despite the time difference (i.e. Denmark vs. the U.S.), I always enjoy speaking with Graeme. To see supporting articles for today’s topic, plus our previous interview and other insights from Graeme, check out the following:
- 4 Questions for Properly Categorizing Risks
- Yet Another Take and Surprising Twist on the Quantitative vs. Qualitative Debate
- Harness the Visual Bow-tie to Better Communicate Risks and Controls
- Another Baby Step in the Qualitative to Quantitative Risk Assessment Journey
- 8 Possible Consequences of Not Being Proactive in Risk Management
- Graeme Keith LinkedIn
- Stochastic ApS LinkedIn
Thank you again to Graeme for taking time out of his busy schedule to help us learn more about risk categories, especially considering it was late evening time for him in Denmark.
How does your company use risk categories? Do you see room for improvement after watching this conversation?
Please feel free to share your thoughts below or join the conversation on LinkedIn.
Risk categories is one of those areas where striking the wrong balance can create even more headaches. If your company is struggling to find the right balance, reach out to discuss specific goals and potential avenues for helping you achieve them.
