quant rules qual


Megrow podcast, episode 21

Quantifying risks, i.e. making a tangible, quantified statement about the expected severity and likelihood is difficult. I raved about the topic previously.

Organisations often resort to a combination of the following approaches:

  1. qualitative statements, such as “severe” or “negligible” or “possible”
  2. risk matrixes plotting each risk to a specific spot on a heat map, implying precise knowledge
  3. experience-based approaches
  4. experience/exposure-based approaches
  5. complicated and complex, sometimes “black-boxy” type of very input-sensitive models that predict pretty much everything and anything
  6. and many others… (just to make the list complete)


In this blogpost, a sequel to a previous post, I focus on the qualitative approach of risk assessment.

or even very most severest….

Only if hard-pressed, arm-twisted, threatened and black-mailed for a substantial ransom, I endorse the qualitative approach; and only for an organization that is at the earliest stage of its risk maturity journey. Better not even start using it at all. If you are using a qualitative approach, I strongly suggest discontinuing usage as early as possible. Stay with me as I outline some reasons, why qualitative statements, despite their apparent simplicity, just don’t cut the mustard for good ERM.

Sidenote: stay-tuned for upcoming episode elaborating on the concept of Risk Maturity.


Qualitative statements are easy to grasp and intuitive in their meaning. Everybody has a subjectively objective and clear view what the term “severe” means for their organization. Secondly, it also is quite easy to categorize a risk into a “severe” category, because as the word implies, this must be something “serious”. And lastly, in any group or team, it is much easier to classify a risk as “severe” than agreeing whether the expected severity is SGD 850’000 or SGD 1’200’000.

Having said all that and admitting that the qualitative approach has its advantages, I still vehemently advocate you abandon qualitative risk assessment sooner than later or best, not even start using it.


Qualitative Risk Assessment Statements ….

  1. mean different things to different people. What is “negligible” in my perception might be “serious” from your point of view
  2. are hard to compare
  3. are vague by default
  4. don’t mingle well with quantitative risk mitigation measures (such as the contractually defined pay-out of an insurance policy)
  5. don’t interact well with strategy and business plans; in other words one of the key benefits of good ERM cannot be harvested.

quant rules qual

Quantification of risks is hard, yet it is a key ingredient to efficient and effective ERM. I strongly encourage all risk practitioners: go out and quantify; make sure your key stakeholders understand, embrace and buy into the results of your efforts. Then the outcome of your ERM-efforts will integrate neatly with strategy and the business plan of your organsiation.

Remember the mantra: quant rules qual !

We at Megrow have worked with numerous clients on their ERM-journey. Contact us via the links below, we very much look forward to accompanying your quantification journey with our experience, foresight and input.