Risk from a Business Analysis Perspective

Posted on December 29, 2010 by


The International Institute of Business Analysis was founded just a few years ago in 2003.

Risk Assessment

Kudos to Learning Tree for a very cool CBAP display!

In terms of professional associations it’s a new kid on the block.  Yet in a short time it’s made a profound impact on the discipline and profession of business analysis.

One success factor of The IIBA for making a swift impact has been embracing other best practice association’s bodies of knowledge (BOKs).  The primary body of knowledge that The IIBA and its Business Analysis Body of Knowledge (BABOK®) reference is the Project Management Body of Knowledge (PMBOK®).  That, in our opinion, is a good thing.  As best practices, BOKs, standards are established, allied or “nexus” organizations do well to embrace those competencies and not re-invent the wheel.

Risk assessment and management is an example of the BABOK®’s inclusion of the PMBOK®.  The full definition of it is in the Technique Chapters (Section 9.24.5).  Much of it repeats verbatim from the PMBOK®’s risk identification and management chapter/knowledge area (Chapter 11).  That definition provides one addition to the PMBOK® – specifically the further elaboration of risk tolerance.  Three categories of risk tolerance are provided:

  • Risk-Aversion
  • Neutrality and
  • Risk-Seeking

Those tolerances may be applied to people or organizations.  Understanding the risk tolerance of either people or organization guides the building of risk management approaches for enterprise analysis, requirements management and organizational readiness (for solution implementation).   For example a risk averse organization typically does not embrace leading edge technologies.  Business Analysts in those organizations may want to opt for incremental improvement with proven technologies or approaches.