Cbyer Security

The most recognized risk categories in enterprise risk management are: compliance, financial, and operational.  Risk is a difficult topic for many organizational leaders to discuss because most leaders overestimate their ability to influence events, when most of the time they are determined by chance.  There is also an issue where it is difficult to forecast regardless of the risk assessments, because there is wide range of outcomes that may occur.  Leaders also have a tendency to make linear projections based on recent history of issues when risk is very uncertain and can have a variety of outcomes ("Managing Risks: A New Framework", 2018).  There are also issues with confirmation and organizational bias which can hinder the ability to discuss risk and failure.  A lot of times leaders are afraid to speak up for fear that it may hurt their careers by going against the nature of the group regardless that they are wrong.  This actually compounds the problems for these organizations, because if they have mitigated the risk when it first showed it would have been a much smaller problem.

It is difficult for leaders to think about what could go wrong because it is painful and unnatural.  The usual response from leaders is to create more rules and has a tendency to have an opposite effect ("Managing Risks: A New Framework", 2018).  The reason is that leaders need to promote open communication, and there is not a formula that works for all organizations. 

Managing Risks: A New Framework. (2018). Retrieved from https://hbr.org/2012/06/managing-risks-a-new-framework