Often people in the sporting, venues and events industries confuse risk management terminology. Some commonly confused terms include:
- safety with risk – risks associated with personal injury (safety risks) often get confused with risks which are threats to achieving objectives in terms of likelihood and consequence.
- hazards with risks – hazards are typically the cause of a risk. In safety they may be a form of latent energy source causing injury. They get confused with the chance (likelihood) of a particular consequence occurring.
- risk management with risk assessment – the whole process of establishing the process, risk identification, analysis, selection of controls, monitoring, consultation and communication can get confused with the assessment phase of risk management which includes only risk identification, analysis and selection of controls
- risk assessment with risk analysis –risk assessment is the identification, assessment and selection of controls being confused with only the phase that establishes the likelihood and consequence of risk and compares the result against an acceptability criteria
- inherent risks with residual risk – inherent risks reflect the level of risk before controls are finally implemented. They get confused with the level of risk after controls are implemented. Technically, there can be three levels of risk:
- inherent risk – the level of risk with no controls
- gross residual risk – the level of risk with current controls
- net residual risk – the level of risk once additional controls are implemented
- preventative controls with preparedness controls – preventative controls tend to prevent a risk from occurring, while preparedness controls tend to mitigate a risk’s impact
- most foreseeable risks with worst case scenario risks – most foreseeable risks are that are more likely to occur and that usually have lower consequences, rather than worst case risks which are, by their nature, rare events with catastrophic consequences
From our experience many of these terms get used interchangeably by different people within the same organisation. When there is no consistent agreed terminology, the subsequent confusion can detract from efforts to implement risk management across the company and negatively influence the risk culture. To address this, some organisations develop a Risk Management Framework. Such a document helps to define terms, methods, processes, policies, structures, roles and responsibilities. By doing so, this clarifies to the entire organisation how risk is to be managed and communicated effectively across the business.