Here is a simple way to understand the terms used in risk management. Forget about the textbook, standards and jargon. If you can get this, you're ready to go and manage risks.
The Elements of Risk
Politics - mass influences on policy shifts.
Economics - competition for wealth.
Social - way of life and equality.
Technology - new tools and methods.
Environment - biosphere. Nature's living and non-living things.
Legal - boundaries of allowable actions.
The Components of Risk
Risk - future results that you might not like.
Sources of Risk - any object or action that can cause distress.
Causes of Risk - when your control mechanisms fail to make your sources of risk behave properly.
Risk Event - a happening you can detect with your five senses or what the computer sensors tell you. And you don't like it.
Risk Consequence - the final happening that carry dollar losses.
Risk Causality - chain of risk events.
Possibility - any event that can happen.
Probability - chances of an event happening.
Impact - dollar losses itself.
Risk Appetite - how aggressive you are in pursuing risk.
Risk Tolerance - how strong is your defense and resilience.
Risk Severity - how bad is the situation relative to your tolerance.
Risk Identification - hunting down and sorting risks by component.
Risk Analysis - measuring the identified risks.
Risk Evaluation - deciding what to do with risk
Risk Assessment = Risk Identification + Risk Analysis + Risk Evaluation
Risk Treatment - finding ways to reduce risk.
Innovation - exercising creative ways to treat risk. Solution must be generally accepted by stakeholders.
How do Risks Manifest
Things are created to serve a purpose. People design tools, systems and structures to make them functional. Being functional means meeting their purpose without breaking down. But man-made products suffer wear and tear. They are exposed to external consequences. Eventually, a cause of risk would activate. A control fail to control. At this stage we may not realise it yet. This is because sensors are not placed at every process checkpoint and events. It is impractical to do so.
Soon, one part stops to function properly and the problem spreads through the system. A person or machine detects the failure. What you have just detected is the manifestation of risk event.
Through causality principles, risk events undergo chain reactions to affect other areas. That is why we see a problem that started with a small device on a plane eventually caused the entire plane to crash.
The Most Important Features in Risk Management
For an effective risk management, you must have 5 key features in your risk model:
causality map - to allow you to chain events and visualize their spread.
probability measures - you need real statistics.
their impact - this helps you measure your risk management performance.
risk movement - you must know how your risks evolve. This allows you to predict problems.
innovation - you need a more formal concept and tool to solve problems, not figure things out of thin air. Brainstorming help in creative ideas. You need more than creativity to innovate.
This sums up the basic concept of risk management. Knowing the terms help you model your risk better.