Risk Appetite , Risk Tolerance , Risk Threshold
Risk Appetite, Risk Tolerance and Risk Threshold are different kinds of risk levels and they refer to different concepts within the project risk management. These terms are mentioned in the risk management plan as the factors that determine the risk attitude. Although they both reflect the organizations or stakeholder attitude towards risk, they are different concepts. In this article we will discuss Risk Appetite, Risk Tolerance and Risk Threshold terms and their differences with the help of examples.
Definition of Risk
Risk is an unforeseen event or condition that has positive or negative impacts on the project’s objectives in case of it’s occurence. It may effect one or more than one project’s scope, schedule, cost and quality.
According to this definition, risk can be an opportunity or a threat for your project’s success. Risk management seeks to increase the probability and impact of positive risks and decrease the probability and impact of negative risks.
The strategy to manage risks changes depending on the circumstances and the behaviour of the organization towards risks.
In some cases organizations accept the risks and sometimes avoid. This depends on the risk attitude of the organization.
According to PMBOK® Guide Risk Appetite is the degree of uncertainty an organization of individual is willing to accept on in anticipation of a reward. In other words, Risk Appetite is the amount of risk that an organization is prepared to pursue.
Organizations take risks in order to meet their strategic objectives. Risk Appetite is the amount of risk that an organization is willing to take risks in order to innovate in pursuit of objectives.
Some organizations are willing to take high risks therefore their Risk Appetite is high. Others are willing to take low risks therefore their Risk Appetite is low.
Risk appetite can vary based on the factors such as ;
- Company Culture
- Organizational Objectives
- Financial Strength of the Organization
According to PMBOK® Guide Risk Tolearnce is “Risk tolerance is the specified range of acceptable results.”
Risk tolerance indicates the sensitivity of an organization to risks. Critical projects causes the organizations to take more risks than uncritical projects.
Example for Risk Tolerance
Let’s assume that you are a sales manager of a real estate project. In order to speed up sales you proposed to your top management to make discounts. The sales price of a housing unit is 50,000 USD and the profit rate is %10. Your top management does not allow you to make discount for more than 7 % of 50,000 USD. This %7 is your organization’ s tolerance limit in order to gain %3 profit.
Another example is that, your organization will participate in a tender. According to your calculations, total project cost will be around 500,000 USD. You decided not to bid for more than 15% of the total project cost. This 15% is your organization’s tolerance limit.
According to PMBOK® Guide Risk Treshold is “The level of risk exposure above which risks are addressed and below which risks may be accepted.”
A threshold level is the level beyond which organization doesn’t want to tolerate the risk. The organization will not tolerate the risk above the treshold. Risk threshold is a quantified limit beyond which your organization can not pass.
Example for Risk Treshold
Let’s assume that you are a sales manager of a real estate project. In order to speed up sales you proposed to your top management to make discounts. The sales price of a housing unit is 50,000 USD and the profit rate is %10. Your company have a policy that a discount rate which is more than profit rate can not be acceptable. Therefore your organization’s threshold for this project is 5,000 USD.
Another example is that, your organization will participate in a tender. According to your calculations, total project cost will be around 500,000 USD. You assembled a meeting with your top management and they told you that they cannot allow you to go beyond 80,000 USD, apart from the 500,000 USD.
Your organization’s risk treshold for this project is 80,000 USD.
Risk Appetite vs Risk Tolerance vs Risk Threshold
• Risk appetite is the amount of risk that an organization is willing to take in order to meet their strategic goals. It shows the organization’s hunger to take risks depending on the reward. In practice, it is not possible to quantify the hunger. Therefore you can grade the Risk appetite of an organization from low to high.
• Risk tolerance is willingness of an organization to accept or avoid risk. It can be described as an acceptable variance percentage.
• Risk threshold the amount beyond which organization does not want to tolerate the risk. It can be described as an acceptable value (or a quantified limit).
In this article we discussed the important risk management terms. Risk appetite, tolerance, and threshold concepts are used in the risk management plan to reflect the stakeholders attitude towards risk. However, they refer varying degrees of risk that stakeholders are willing to accept. If you don’t understand the differences between them, you will not create an effective risk management plan. Note that these are very important concepts from the PMP Certification Exam point of view. You may see some questions related with them.
If you want to share something related with the topic, you can do through the comments section in below.