Whacking risks

Y’all remember this:

And how does that not translate directly to how risk ‘management’ is done in your enterprise ..?
Yes, whack-a-risk it is. One by one. Now that the hype about ‘cyber’ has blown over [Has it? Can we finally retire #ditchcyber ..?? We may need to party!], what will be next?
Hopefully, tackling the secondary risk of using futile methodology in risk management. Like, ‘heat maps’ (per this) or ‘evidence based’ kindergarten-big-data nonsense as is in this vast resource. The latter not dismissing the use of estimates, but putting them into perspective. And you do remember this …?
Let alone switching from 3LoD ridiculousness – as it is done today, all too often, towards actually useful organisational structures to get risks into every nook and cranny of your enterprise … I mean -managed and -resolved. Recalling this giant‘s work on that, in a sense.

[Perfect for lounging outdoors, no moles; Park Grill terrace]

Your comments, please