Risk tolerance defines how much risk an individual or organization can handle. It is the range of acceptable results when taking risks. A high tolerance means they are willing to take greater risks, while a low tolerance means they prefer to avoid high risks.
Risk tolerance reflects the attitudes of stakeholders toward risks and is measured in specific units. It shows how sensitive stakeholders and organizations are to risks.
Risk tolerance is not fixed. It changes over time based on circumstances. A project manager must regularly monitor it and understand how it affects stakeholder decisions.
This concept is crucial in project risk management. It helps prioritize risks and allocate resources to manage them effectively. Understanding risk tolerance ensures better decision-making and reduces the chance of unexpected outcomes.
Factors Affecting Risk Tolerance
Three key stakeholders influence a project’s risk tolerance: the organization, the project manager, and the project owner or client.
Risk perception and assessment are subjective, and these stakeholders often have differing views on the same risk.
- Organization’s Risk Tolerance: The organization’s tolerance depends on its financial stability and the potential impact of the risk on customer satisfaction. Financially stable organizations are generally more willing to take risks.
- Project Manager’s Risk Tolerance: The project manager and team’s risk tolerance is shaped by the organizational culture and their job security. They tend to be risk-averse.
- Project Owner’s Risk Tolerance: The client’s tolerance depends on the project’s importance. For critical projects that significantly impact organizational success, the client is likely to accept higher risks. Conversely, for less important projects, tolerance is lower.
When a project is internal and essential for achieving organizational goals, the organization may accept greater risks. However, it tends to avoid risks for non-critical projects.
Types of Risk Tolerance
Risk tolerance level can be of three types:
- Aggressive Risk Tolerance: These stakeholders have a high tolerance and will take risks for high rewards.
- Moderate Risk Tolerance: These stakeholders are interested in rewards but do not take many risks. Instead, they will weigh the risk with the reward and adopt a balanced approach.
- Conservative Risk Tolerance: These stakeholders have a low-risk tolerance and do not take risks—unless the risk is low and the reward is high. They do not want to lose investment at any cost.
Five Steps to Find Risk Tolerance
You can follow these steps to determine the risk tolerance:
- Identify Key Stakeholders: List the individuals or groups involved in the project (e.g., the organization, project manager, and client). These stakeholders influence the project’s risk tolerance.
- Understand Stakeholder Attitudes: Talk to stakeholders and learn how they feel about risks. Determine whether they are willing to take or avoid high risks.
- Analyze Financial and Strategic Factors: Review the organization’s financial stability, project importance, and potential impact on goals or customer satisfaction. These factors can help you determine how much risk is acceptable.
- Assess Organizational Culture: Examine the organization’s approach to decision-making and risk-taking. A culture that encourages innovation may have a higher risk tolerance, while a cautious culture may prefer low risk.
- Document and Monitor Risk Tolerance: Record the findings and revisit them regularly. Risk tolerance may change over time, so monitoring and updating it as needed is important.
Risk Tolerance Examples
The following are the two examples of risk tolerance:
Example 1: Bidding for a Contract
A project manager is bidding for a contract with a budget of $1,000,000. The organization approves the bid but states that costs should not exceed 5% of this amount. This 5% limit ($50,000) represents the organization’s risk tolerance. It shows the maximum variance they are willing to accept in the budget.
Example 2: New Product Development
A company launches a new product in an untested market. The management accepts up to a 10% decline in quarterly profits for the first year to support marketing and development costs. This 10% profit drop is their risk tolerance, which reflects the maximum loss they are prepared to bear while pursuing this venture.
Risk Tolerance Vs Risk Capacity
Risk tolerance is how much risk you are willing to accept, while risk capacity shows how much you can financially stand.
Risk tolerance depends on your mental capability, emotion, and financial goal, while risk capacity depends on your financial position and net worth.
Risk tolerance is subjective to the person taking the risk, while risk capacity is an objective parameter based on income, expenses, and assets.
Summary
Understanding risk tolerance is essential for effective risk management. It helps organizations to make informed decisions and take calculated risks that align with their strategic goals. Risk tolerance guidelines help allocate resources efficiently, ensuring efforts focus on managing the most important risks.
Organizations can adjust risk tolerance as conditions evolve to adapt to new challenges and opportunities. By proactively managing risk tolerance, businesses can balance caution and ambition, fostering growth while safeguarding their objectives. This approach strengthens decision-making and enhances organizational resilience in an ever-changing environment.
Further Reading:
- Demystifying Risk Attitude in Project Management
- Risk Tolerance Vs Risk Appetite
- What is Risk Appetite?
- What is the Risk Threshold?
- Risk Vs Uncertainty
References:
This topic is important from a PMP and PMI-RMP exam point of view.
I am Mohammad Fahad Usmani, B.E. PMP, PMI-RMP. I have been blogging on project management topics since 2011. To date, thousands of professionals have passed the PMP exam using my resources.
