{"id":28783,"date":"2023-06-23T10:19:59","date_gmt":"2023-06-23T14:19:59","guid":{"rendered":"https:\/\/www.oxebridge.com\/emma\/?p=28783"},"modified":"2023-06-23T10:19:59","modified_gmt":"2023-06-23T14:19:59","slug":"iso-abandons-decade-long-attempt-to-create-single-definition-of-risk","status":"publish","type":"post","link":"https:\/\/www.oxebridge.com\/emma\/iso-abandons-decade-long-attempt-to-create-single-definition-of-risk\/","title":{"rendered":"ISO Abandons Decade-Long Attempt to Create Single Definition of “Risk”"},"content":{"rendered":"

As reported previously — all the way back in 2014<\/a> — ISO has struggled to come up with a single definition of the term “risk.” At that time, ISO had at least 40 (as in forty) definitions of the term spread out over 140 (as in one-hundred-and-forty) standards. The problem was ignored for decades until two standards decided to fight each other: ISO’s flagship standard ISO 9001 and its (then) newer risk management standard, ISO 31000.<\/p>\n

The “Risk” of Silos<\/strong><\/span><\/p>\n

There is one truism in ISOworld: different technical committees, each responsible for developing their particular standard, hate each other.<\/strong><\/em> And the TC for ISO 31000 was not well-liked by anyone, much less the TC for ISO 9001.<\/p>\n

The ISO 31000 group itself grew out of a fairly complicated set of controversies (I won’t rehash it here, but I have a YouTube video<\/a> going over the whole thing.) Newly minted and blessed by ISO HQ, the group was flush with power, smug as can be, and headed by an incompetent, bumbling toady<\/a> who could barely bathe, never mind run a committee.<\/p>\n

Not to be outdone on the ego front, the ISO 9001 folks had prior decades<\/strong> <\/em>to hone their hubris, so were not about to be told what to do by some new upstart, no matter how new and shiny they looked.<\/p>\n

So the two TCs started to fight, somewhat publicly, over whose definition of risk was better, which brought the whole thing into the public eye — not helped by the fact that while the “quality” press ignored the debacle, Oxebridge was reporting on it in real-time. You’re welcome.<\/p>\n

Over the next nine years, many TCs would just adopt ISO 31000’s definition, and the overall number of “risk” definitions in ISO’s catalog decreased but still generated a good deal of controversy. The remaining conflict was largely due to the fact that the bumbling unwashed toady<\/a> had cribbed an already-controversial definition of “risk” from the Project Management Institute (PMI), which claimed that “risk is positive<\/em>.”<\/p>\n

No, Risk Isn’t Positive, You Dummies<\/strong><\/span><\/p>\n

Now let’s pause on that for a second, because I got words<\/a>. Until that time, most people with functioning goo in their brainpans understood that “risk” was something you either avoided or mitigated. You want to take<\/strong> <\/em>risk, sure, but you do so with your glutes clenched in the hope you can squeak out a benefit and not have disaster strike. The risk is bad, but it has the potential for a benefit — an opportunity, if you will — if you can manage it properly.<\/p>\n

This negative definition of risk also happens to align with the English dictionary<\/strong><\/em>, as well as that of nearly every other language ever spoken by man-apes. risk has always been understood as something bad that you have to manage or push through in order to get to the good stuff.<\/p>\n

Now, thanks to Mr. Beardtoad and PMI, risk was “good.”<\/p>\n

This never made sense, because in the same standards that insisted “risk is good<\/strong><\/em>,” they were telling you to mitigate<\/strong> <\/em>it. You don’t mitigate good things, you mitigate bad<\/strong> <\/em>things. Saying otherwise is like telling the High School football team to “get out there and work your darnedest to lose the big game!<\/em>”<\/p>\n

But because so many ISO standards users just parrot whatever ISO tells them, we now have an entire generation of folks insisting “risk is good<\/em>,” and promptly blowing shit up and killing people<\/a>.<\/p>\n

OK, I’m off my soapbox.<\/p>\n

Enter the Goons<\/span><\/strong><\/p>\n

A lot of people started to push back on ISO’s wrong-headed attempt to adopt a single, acceptable definition of “risk.” This was especially true since different industries have different ideas on risk, and standardizing “risk management” was a dumb plot to begin with. Insurance actuaries have a very different view of risk than, say, manufacturing engineers, and they all disagree with the notions of pharmaceutical companies. Heck, the definition changes depending on your income level<\/strong><\/em>: an hourly worker at Tesla has a very different idea of risk than their idiot, billionaire boss does. The ability to afford lawyers does that.<\/p>\n

In reality, “risk” can take on dramatically different meanings depending on which angle you’re looking at it from.<\/p>\n

So ISO was always going to fail<\/strong> <\/em>in this, and folks like me were telling them that for nearly a decade. But the consultants running around bragging about “being on an ISO committee<\/em>” were not to be deterred, and kept at it. The rest of us were watching them like the scientist standing over the mouse-maze, watching the poor creatures scramble to find an exit before the gas kicked in.<\/p>\n

A lot of (metaphorical) blood was spilled, too. Within the ISO 31000 TC itself, the members couldn’t agree, and during one official meeting, the delegates devolved<\/a> into a shouting match, threatening to sue each other for defamation. It was a complete shit-show, and was unraveling in front of the entire world.<\/p>\n

So ISO’s goon squad, the Technical Management Board (TMB), put a team on it. They created a joint task force with the intent of finally using their brute muscle to force everyone to use a single definition, preferably that from ISO 31000. I presume they had uniforms with scary black jodhpurs<\/a> and menacing red logos on the chest.<\/p>\n

But even the goon squad couldn’t re-write reality, because — again — trying to standardize “risk” was as stupid as trying to standardize “schadenfreude<\/i>.” You cannot standardize concepts that have multiple definitions and interpretations depending on the scenarios. (Look up the word “set<\/em>” and see how many definitions the dictionary has for it<\/a>.)<\/p>\n

So the TMB has been forced to surrender, and has now issued a final Resolution, announcing that they are abandoning tilting at this particular windmill, and will now allow TCs to make up their own definitions for “risk” whenever they like:<\/p>\n

\"\"<\/a><\/p>\n

So, this particular drama is now over, but don’t fret, masochists! ISO is currently cooking up some other mind-bogglingly bad ideas that will keep you up at night, like converting standards to expensive online-only subscription services<\/a>, rather than selling them as downloadable PDFs.<\/p>","protected":false},"excerpt":{"rendered":"

ISO is forced to admit that despite its name, it can’t really “standardize” things.<\/p>","protected":false},"author":2,"featured_media":28787,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","mc4wp_mailchimp_campaign":[],"footnotes":""},"categories":[5],"tags":[43,186,14,147,148,42,412,200],"class_list":["post-28783","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-opinion","tag-iso","tag-iso-31000","tag-iso-9001","tag-risk","tag-risk-management","tag-tc-176","tag-tc-262","tag-tmb","et-has-post-format-content","et_post_format-et-post-format-standard"],"_links":{"self":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/28783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/comments?post=28783"}],"version-history":[{"count":3,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/28783\/revisions"}],"predecessor-version":[{"id":28788,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/28783\/revisions\/28788"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media\/28787"}],"wp:attachment":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media?parent=28783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/categories?post=28783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/tags?post=28783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}