Fuzzy Vocabulary (Cross-)Boundaries

When discussing Risk …
There will always at some stage turn up a discussion (or multiple, if you’re Lucky; not) about the meaning of certain key words. Which is a pity, because … no, not because it distracts. Though it does, the main issue is that the secondary, meta, discussion about vocabularies is never / rarely resolved.
At strategic levels, talk is about risk appetite and risk tolerance, and foremost about business opportunities (of which the exitement is) spoiled by “risk managers” that point out the world might not be perfect and hence one is all but certain not to achieve the objectives. Smart business leaders push forward anyway, at best keeping the risks in the back of their heads while sanding off the rough edges of progress at that goes along all quite well. When strategies turn out to fail: Well, such is life as it has been since the dawn of humanity.
At tactical levels, talk is about risk portfolios and … not much, really; mostly project and program risks. Of the Boy Cried Wolf kind.
At operational levels, quasi-(sic!) quants do their stuff and come with all sorts of fabulous fables of formulas that wouldn’t stand scrutiny at the most basic of math levels. What idi.t would translate ‘High’ to ‘5’ and then multiply it with some other ‘4.5’ to arrive at a ‘22.5’ “risk” ..!? Heat maps are the reflection of the own moronic brain functioning onto what are supposed to be Managers’ levels of understanding. Though the outcome is correct, the origin of the reflection should be kept in mind instead of forgotten.

And all talk about ‘risk’ (‘operational risk’, even worse), ‘impact’, ‘High’, as though these were somewhat the same thing for all involved, disregarding most of time- and situation-variance or rather completely -determination. Right. Wrong. Just regurgitating definitions from ISO standards demonstrates to not understand the nature of the problem…

Any theoretical science logical-AND linguistics specialists that can help? And:
[Tinguley in a picture is quite different from the message of it …; Stedelijk Amsterdam]


About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Sociological, psychological notes and tagged , , , , , . Bookmark the permalink.

Your comments are welcomed!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s