About a week ago, Warren Black posted an insightful article about project risk management and the lack of it on mega projects. While I wholeheartedly agree that mega projects need to improve risk management practices and I don’t necessarily disagree with Warren’s conclusion “Until large-complex projects are held to the same levels of mandatory governance, risk and assurance scrutiny as their Fortune 500 counterparts, they will almost certainly continue to fail their investors.” I do wish the leaders of the risk profession ask themselves why is it so?
Every member of this Risk Leadership Group knows the benefit of risk management, in particular for large and complex projects. Why aren’t project managers designing great risk management processes and practices? Why aren’t project boards demanding them? Why aren’t investors walking away if not provided with sufficient evidence of the right processes and practices being in place?
The answer is because the risk profession, well and truly aided by the audit profession, have created a widely held perception that risk management is a burdensome activity that adds little value. “Of course we manage risk, that is what we are paid to as project managers, project boards and as investors.”
While I and others are seeing positive signs and the large audit and advisory firms are at least talking about risk and performance/innovation/decision making in the same breath, there is definitely a very long way to go. Risk Leaders need to be thinking much more about translating “Risk Speak to C-Suite Speak” or “Risk Speak to Project Speak” or, better still, “Risk Speak to Simple Speak”.