Main Menu
Home / IT Governance / Unmanaged risks

Unmanaged risks

What risks do you decide to not actively manage? Does the concept of not managing every identified risk make you go dizzy? Well, according to John Goodpasture, PMP, it's important to not only identify the risks you plan to address, but also the ones that are not likely to happen or have great impact if they do. Goodpasture explains how the plan of “no strategy” is still just as much a strategy as any other: 


Frankly, for many, the idea that we're going to sit back and accept risk is an uncomfortable position to take. But it happens all the time. When my risk management students lament that their organization has no risk management process or strategy and just deals with risk as they come along, I respond: “No strategy” is a strategy of sorts  in the sense  that you've embraced “accept” as your risk response plan. In that event, the need to actually do a lot of work up front to identify risks is really not too productive. If the organization is risk-seeking in attitude, this may be just fine. After all, you're just going to accept whatever comes along and deal with it. 

Goodpasture's supposition is that, if the unmanaged risk becomes an actual issue, you can then process the issue as you would any other   – assuming they are in fact low impact risks.

About Anne Grybowski

Anne is a former staff writer for CAI's Accelerating IT Success, with a degree in Media Studies from Penn State University.

Check Also

How to Kill an Undead Project

Some projects just rot out from the inside, and there are telltale signs of decay …

Leave a Reply

Your email address will not be published. Required fields are marked *

Sorry, but this content
is for our subscribers only!

But subscribing to ACCELERATING IT SUCCESS is FREE and only one click away!
Join more than 40,000 IT Professionals and get the best IT management articles to your mailbox with Accelerating IT Success!

Unsubscribe at any time