Cheatography
https://cheatography.com
A quick-reference guide to risk modelling concepts.
This is a draft cheat sheet. It is a work in progress and is not finished yet.
Uncertainty Factors
Likelihood |
How likely the event is to occur at any time |
Frequency |
How often the event will occur in a set period |
Proximity |
How soon the event will occur |
Velocity |
How quickly the consequences occur after the event |
Aleatory |
Dependency on random change |
Epistemic |
Dependency on information |
Confidence |
How certain we are about our estimates |
Predictability |
How much future events correspond to known past events |
Credibility |
Whether the event could reasonably happen |
Interdependence |
Whether other events will contribute unpredictably |
Ambiguity |
When we are uncertain about the meaning of an event |
Persistence |
How long the risk remains valid |
Impact Factors
Severity |
The magnitude of the impact |
Criticality |
The importance of the impacted asset to a capability |
Cascade |
Subsequent effects |
Irreversibility |
Whether the damage can be undone |
Recoverability |
How easily normal operations can be restored |
Scope |
How widespread the impact is |
Fragility/Antifragility |
Whether the system worsens or improves under stress |
Exposure |
The degree of investment in the outcome under threat |
Duration |
How long the effect of the event lasts |
|
|
Control Factors
Controllability |
Our degree of influence over causes or outcomes |
Detectability |
Our ability to recognise early indicators |
Mitigability |
Our ability to reduce or contain the impact post-event |
Dependency |
Reliance on outsourced capabilities or third parties |
Substitutability |
Flexibility in replacing compromised assets |
Systemic Factors
Asymmetry |
A risk with a mismatch in positive outcome for overcoming vs negative outcome in failing |
Opportunity |
A different view of risk focused on attempting to achieve positive outcomes rather than avoid negative consequences |
Systemic Risk |
Risks that propagate or occur beyond our control |
Cascading Risk |
Dependency chains or knock-on effects |
Concentration Risk |
Lack of diversification leading to single points of failure |
Knightian Uncertainty |
Fundamentally unknowable risks, where we cannot meaningfully estimate probability |
Volitional Risk |
A risk we have chosen to take in pursuit of goals |
Emergent Risk |
In complex systems novel, unmodelled outcomes may become apparent and should be anticipated |
|
|
Behavioural Factors
Perceived Risk |
Subjective perception of risk drives action |
Appetite |
The amount of risk we are willing to take in pursuit of a goal |
Tolerance |
The variance from appetite we are willing to accept before taking action |
Confidence |
Over- and underconfidence distort judgment and are difficult to measure accurately |
Communication |
Effectiveness of information sharing affects understanding of risk |
Cognitive Bias |
Various cognitive biases affect how we perceive and react to risk |
Moral Hazard |
Incentives misaligned with exposure, i.e. "playing with someone else's money" |
Meta Factors
Framing |
The story you tell about why to take/treat a risk |
Model Risk |
Reliance on an inaccurate or inappropriate model |
Comprehensibility |
Whether decision-makers understand the information presented, simpler models encourage action while complex ones discourage it |
Volition vs Fate |
Clarifies which risks are controllable |
|