"The #RiskMatrix has emerged in time like many myths and symbols that get adopted in the #risk industry. One thing is for sure despite its origins, it is not something that is likely to be ever eliminated from #RiskManagement mythology. The Risk Matrix is testimony to the power of semiotics in anchoring and influencing belief. It also demonstrates that once a ritual, icon, relic or symbol is adopted with religious salvic significance just how difficult it is to get rid of it, despite the fact that it doesn’t demonstrate what people attribute to it " "The Matrix by design creates a mythology just as any other semiotic. In reality it gives obscure value to a subjective ranking which is then changed according to a subjective control introduced by the risk assessor. Whatever that ranking it cannot be verified or agreed upon in common. Yet, a numerical value is attributed and then agreed upon as theatre associated with managing risk. " "A semiotic study of the Matrix demonstrates that the colours and language promote confusion and ambiguity in understanding. For example, an understanding of semantics, semiology, discourse and language demonstrates that the risk matix by design requires significant interpolation, guessing, interpretation, meaning making and reductionism " - Long, R. (2018). Fallibility and Risk. p.79 https://buff.ly/3XgdlWt #risk #risks #enterpriserisk #enterprisesecurityriskmanagement #intelligence #threatlintelligence #riskmanagement #riskanalysis #riskassessment #riskmanagementframework #operationalriskmanagement #projectriskmanagement #projectrisk #operationalresilience #resilience #operationalrisk #riskintelligence #governance #security #securityriskmanagement #securitymanagement #securityrisks #enterprisesecurity #cybersecurity #physicalsecurity #informationsecurity #digitalsecurity #securityoperations #enterprisesecurityriskmanagement #securityassessment #intelligence #threatlintelligence #risk #riskmanagement
Some big words - Long, R. (2018). Fallibility and Risk. p.79 like the matrix, keep it simple and understandable so all benefit!!!
Thanks for sharing
Absolutely agree. Even with likelihood and impact descriptors to reduce ambiguity, it’s not great. But try and introduce a more suitable system and you’re likely to be met with blank stares..
This is spot on.
Director at MinExp Ltd and MinTrain Ltd, Dir. of Health and Safety, British Aggregates Association
2 年I’m no fan of risk matrices. You have a hazard, you apply control measures to reduce the risk to an acceptable level. The result is binary, The resultant risk is either acceptable or it isn’t, there is no amber at this point and the only reason for introducing it earlier is to asign priority and surely the numbers do that if you want to use them?