Effective Opportunity Management for Projects – Exploiting Positive Risk

Author: David Hilson

Released in 2004 , with references to texts from years earlier, but still blazingly topical, underused and under-studied : opportunity management as part of risk management. Benefits management for projects in this case …

The author advocates embedding opportunity management in existing risk management that focuses too much or only on threats. His argument for doing this is that they are two sides of the same coin called uncertainty. The fact that at present in a number of standards the uncertainty of the achievement of the goals may imply either a positive deviation or a negative deviation from their achievement, is underused and too little known in today’s companies.

Throughout reading, it is discovered that it can indeed be incorporated into a single management process, provided a number of minor extensions to existing threat management. This makes the book really to be not just regarded as a mere opportunity management process description: it is in fact a possible comprehensive risk management process description with some tips and tricks. This actually shows that the expansion of threat management with the management of opportunities entails virtually no additional work, but can potentially be very profitable in terms of ROI.

In order for it to succeed, the author sees four CSF (critical success factors) as follows:

  1. You need to know what you mean by the word “risk”.
  2. You have to know how to do it in practice.
  3. You need the right support: people, resources, methods.
  4. A person must know how he thinks and reacts in order to be able to adjust risk behavior.

One possible conclusion after reading is that it is always an advantage to engage in benefits management. People are often too focused on problems.

The fact that this work is written for projects does not detract from the fact that many ideas are valid in the management of processes.

The Intelligence Trap – Revolutionise your thinking and make wiser decisions

Author: David Robson

Very important in making decisions is a psychological view of one’s own leadership. Namely a view that prevents you from falling for the “intelligence trap”. What exactly is that?

In fact, the intelligence trap is a direct result of some people’s inability to think outside of their expectations, to come up with an alternative view of the world where their decision is wrong rather than right. People with very high intelligence are more subjected to this than people with moderate intelligence. Nobel laureates sometimes suffer from this, so often that there is a term for it: “Nobel disease ”.

An active intervention to this pitfall can make use of so-called “ evidence- based wisdom ”. This can be imparted to all ages and to anyone, although one is more likely to benefit from it with moderate intelligence.

A first step is to understand what wisdom is. A definition of “wisdom” is: “he is wise who recognized the limits of his own knowledge” (Socrates) . Apart from that, good factual knowledge and training remain important.

Very dangerous is the fragility of the expert. For example, by relying heavily on schemes and protocols, which one must have, he may have trouble adapting to changes in the environment. Flexibility is therefore important. Personal bias is also a problem. One step towards a solution is to adapt the own thinking. This can already be done by reading about it, with inspiring examples. Placing a beginner with another, detailed, view is also an advantage because he or she does not yet know the patterns and therefore sees and can indicate differences in details of the case with regard to the general rule. It can also be done by taking a distant position. An example of this is the listing and quotation of important aspects of a situation or object, spread over several days. In addition, being able to listen to your own emotional compass is an advantage. This has to do with being able to relate the events in your environment and your (gut) feeling in the right way. After all, being able to spot deliberately crafted bullshit is a necessary skill. To this end, the author provides a list of some methods by which false truths are sometimes told.

What can save us from the pitfall are: cognitive reflection, intellectual humility, active “open- minded ” thinking, curiosity, refined emotional awareness and a “ growth mindset ”. We find these things in the nine virtues of the Intellectual Virtues Academy. These are divided into three categories as follows:

Getting started

Curiosity: the opportunity to be amazed and to investigate and ask the “why” question. A thirst for understanding and a desire to explore.

Intellectual humility: the willingness to recognize one’s own limits and mistakes, regardless of intellectual status or prestige.

Intellectual Autonomy: Having the ability for active autonomous and self-guided thinking. The ability to reason and think for oneself.

Executing well

Attention: to be there with your thoughts 100% on the matters of the learning process. Keep distractions at bay. Be with the thoughts and commitment completely on top of the topic.

Intellectual carefulness: the ability to notice and avoid intellectual pitfalls. A commitment to accuracy.

Intellectual thoroughness: the ability to seek and find explanations. Dissatisfaction with rather apparent or superficial and (too) simple explanations. Reaching for a deeper meaning and understanding.

Handling challenges

Open- mindedness : an capacity to think outside the box. Responds honestly to competing perspectives.

Intellectual Courage: Being ready to persevere in thinking or communicating with the risk of fear of being embarrassed or of failure.

Intellectual tenacity: a will to face an intellectual challenge and struggle. Keep your eyes on the prize and don’t give up.

These aspects of the eternal learning mindset apply to an individual, but how do you put together a ‘dream team’? It depends.

If you have a team where everyone has to do things clearly separately, without overlapping job content, then you can use a team of top players: there is no competition.

If you have to put together a team of competitors, where there is overlapping job content , then it is important that they are not all toppers, only about 60% are toppers, but then teamwork, being in tune with each other, weighs more.

With a crisis team, any type of crisis team, it’s the best of both worlds. In a CRT (Crisis Respons Team), for example the company fire service team, it is clearly the second. At a CET (Crisis Expert Team, where a team member might handle a file from A to Z , it might be the first. But with the CMT (Crisis Management Team), where there is little or no overlap between the participants, but there is still a need to work together because people must be able to rely on each other’s results, it is a pure cross: you need 100% toppers, but they also have to be able to work with each other. In the latter case, intellectual humility is an issue, because in this team one often has to deal with high profiles who “know very well what they are worth”. Antibodies against this are exercises in which people learn to share information and are assessed on the integration of each other’s point of view in their own thinking.

A change of mentality that can be useful to contribute positively to this is to initiate discussions throughout the hierarchy, between the different layers of the hierarchy, and to recognize and hear people as experts in the field of, for example, their own ideas about occupational safety.

Also not to be ignored is the use of statistics from near misses. After all, it has been statistically proven that a serious event is preceded by a number of near misses. That was the case with the Challenger , with the Columbia, (NASA) but actually also Covid-19 was preceded by, among others, SARS and MERS. There was a failure to learn lessons and to implement them into the future, or to persist in these lessons learned. For that you need the mentality of a “high reliability ” organization. It has been shown for this type of organization (research by Karl Weick & Kathleen Sutcliffe ) that they exhibit the following characteristics:

Expect to Fail: Employees go to work and every day can be a bad day. But the organization rewards employees for reporting their mistakes.

Reluctance to simplify interpretations: employees are rewarded for questioning assumptions, and for being skeptical of the wisdom of others.

Sensitivity to operations: Team members continue to communicate and interact to increase their understanding of the situation and look for the actual origin of each anomaly.

Commitment to resilience : acquiring the necessary knowledge and resources to bounce back after a negative event. This includes the ‘pre mortems ‘ and the discussions of near misses.

Respect for expertise: here the open communication between different layers of the hierarchy is important, and the intellectual humility of those at the top.

The Psychology of Cyber Crime – Concepts and Principles

Authors: Grainne Kirwan; Andrew Power

The authors have set themselves the goal of bundling a number of ideas about the psychology of cyber crime. However, this is not easy, especially because it is not so simple to define cyber crime as an overarching container concept. They try to do that in the first chapter of section 1 (Introduction): “Creating the Ground Rules: How can Cybercrime be Defined and Governed?” The term covers a wide variety of thefts, private issues such as disputes between buyers and sellers, and all kinds of anti-social behavior. The definition they work with becomes “any activity occurring online which has intended negative consequences for others”

A first category are crimes that already exist offline, but are now facilitated by the internet. Examples are bank card fraud, theft of information, blackmail, obscenity, money laundering, etc. A second category are new crimes that did not exist before working with networked computers. Examples are hacking, denial of service, distribution of malware, …

A third category comes to mind when computer users start using online Avatars. This can be, for example, the harassing of someone online, which then continues offline.

The government can respond to cybercrime through laws; a response can come from companies with, among other things, a practical code of conduct, a technical response or a user response.

Because the internet is growing in terms of the number of users and the number of hours per user, we can speak of a term such as “cyber citizen”. That means there is a need for a framework of laws, rules and guidelines to keep order online.

The next question is “Can Forensic Psychology Contribute to Solving the Problem of Cybercrime?”. This determines the issue in Chapter 2.

Forensic psychology as a concept is well known to the general public through television series. But they provide a distorted picture. So the first question is “What is Forensic Psychology?”. In this work the broad definition is chosen that states that “forensic psychology is a combination of legal psychology covering the application of psychological knowledge and methods to the process of law and criminological psychology dealing with the application of psychological theory and method to the understanding ( and reduction) of criminal behavior ”. The authors also assume that “it will be considered to include any way by which psychology can be of assistance at any stage in the criminal justice process.”

Tasks in which forensic psychology is involved are the assessment of offenders with regard to psychological disorders, the punishment, rehabilitation and the associated risk assessment. This includes interviewing suspects and analyzing eyewitness accounts. And ultimately also profiling offenders in criminal investigations.

Chapter 3 continues with the question “Can Theories of Crime be Applied to Cybercriminal Acts?”.

After all, theoretical explanations of crimes can help society understand how and why crimes are happening. But it also helps predict future criminal behavior. In addition, the insight provides a basis for successful rehabilitation strategies, as well as preventive strategies. There are different types of theories:

  • Social theories (which views crime on a social level rather than individually),
  • Community theory that states that sometimes crime does not happen randomly in society,
  • Socialization Influence Theories, which state that psychology is important because, for example, it involves observational learning,
  • Individual Theories, which state that certain traits of the person determine the likelihood that he or she will become a criminal, and what type of criminal.

Such theories can then (perhaps) be applied to cyber crime. Important in this are:

  • Social Construction of Crime: some cases are already criminally offline, others are offline in a gray area, but are not socially accepted,
  • Biological Theories of Crime: A comparison is made with the ancient “science” of cranology. There is some evidence that the majority of cyber criminals are men, but there is very little information on how biological theories explain cyber crime. So it’s been noticed somewhat, but we don’t know why it would be true,
  • Learning Theories: A cyber criminal candidate may be put off by fear of punishment, or by guilt when he / she sees the consequences for the victim. Or he / she may induce to commit the crime online, but not to commit it offline, such as cyberbullying.
  • Eysenck’s Theory of crime: he applied conditioning learning theory to crime, and came up with the idea that people with more extroversion, neurotisism, and psychoses are more likely to engage in criminal behavior. This theory is strongly contradicted by his colleagues.
  • Psychoanalytic theories do not appear to be fertile ground for explanations of criminal behavior.
  • Addiction and Arousal Theory: it has been noted that treatment of the addiction often leads to a reduction / cessation of criminal behavior. There are also testimonials from cyber criminals that “they get a thrill” of committing the crime.
  • Neutralization theory: criminals rationalize their guilt feelings with different types of argumentation. There is also some evidence for cyber criminals doing this.
  • Geographic theories are also important in cybercrime: different countries or groups of countries have different laws, different definitions of certain types of crimes. But the ease of access to the means to commit the crime also plays a role. E.g. having a computer, servers, network, internet.

Section 2 deals with Internet-specific crimes.

Section 3 deals with online variations of offline crimes

I summarize a few things about these two sections in this Excel sheet:

Section 4 talks about crimes in virtual worlds.

This is not so much about pure crime over the internet, but about crimes against people, who, among other things, present themselves as avatars. Chapter 12 asks the question “Crime in Virtual Worlds: Should Victims Feel Distressed?” This includes property crime, such as theft of property, but also crimes against persons, such as their avatar, including rape, stalking, etc., which can also continue offline. The question of police action and preventive action is addressed. But there appears to be mainly anecdotal data, not so much a large mass of empirical data.

Finally, Chapter 13 deals with “On-Line Governance”: what is needed in online government, what else is needed, how do political tendencies emerge, and how has “Second Life” been important in the past. But also: is a “Virtual Government” an added value? ”. Or should the government stay away from the Virtual World? E.g. because it is hopeless, or even unwanted?

Psychology of Risk Taking Behavior

Author: Rüdiger M. Trimpop

The topic – how the psychology of risk-taking behavior works – is split into questions.

Research implications of a motivation for risks

Is there a Personality Factor when taking risks?

The sample of people does not exist out of professional risk takers (soldiers, fire brigade, police, civil protection, stuntmen, race car drivers, …) but mainly of young white men and university students from a medium-sized Canadian city.

Evidence for a general risk-taking personality trait, statistically significant, was not as strong as some theories predicted. This may be due to the sample, but most theories had comparable samples, resulting in doubt that the level of influence that personality traits may have on risk taking.

The conclusion is that risk factors of personality traits play an important role in the risk-taking behavior, but that their role is less important than that of situational factors. The results have important implications for risk-taking research and for safety measures (eg Task-specific selection and risk training).

What is our motive for looking for risks?

Most theories of expected utility considered no emotional, nor physiological components, of the positive aspects of risk taking, nor the importance of non-materialistic rewards. The RHT (Risk Homeostasis Theory) also does not regard risk (taking) as something one can desire or a pleasant undertaking, but as a purely extrinsically motivated activity with risk tolerance. However, people look for intrinsic as well as extrinsic rewards. E.g. therefore also pleasant emotions and pleasant excitement. The literature on emotion, motivation and the interpretation of such studies suggest that these factors are more effective for adressing of motivations for risky or safe behavior than important rewards, which (the latter: rewards) one obtains with more focused behavior.

The tests also postulated that the subjects generally test their limits, try their luck and risk their chances by taking risks. Nobody took a completely safe course, everyone followed some too risky reactions. This explains the intrinsic need, desire and motivation of the subjects to take risks. However, the differences between where, how and how much risk they want are large.

The conclusion is that people feel intrinsic reward for taking risks, such as hormonal pleasure experiences, stimulation of a physiological pleasure center, emotional pleasure, the experience of small differences between the desired – and the target level of risk, of the unity of action-oriented – and targeted risk-taking behavior. We therefore take risks for both the intrinsic pleasure and the extrinsically favorable benefits.

The power of incentives

Risk motivation theory (RMT) and Risk Homeostasis Theory (RHT) both state that incentives for safe behavior are a powerful motive for reducing risk-taking trends. Changes in the risk content of a situation will lead to a higher involved control and therefore to compensation behavior. Externally introduced safety benefits are virtually canceled out. External incentives for safety also manipulate the intrinsic motivation of subjects by changing the desired target level of a risk. The target level of a risk is influenced by a higher advantage of safe behavior and higher cost of risky behavior, so the subject chooses a less risky strategy.

An additional finding is that target levels are constantly adjusted according to the perception of the risk level of the subjects.

This suggests that incentives should be used for safer behavior. Social rewards are stronger than financial ones. Social incentives are more likely to trigger intrinsic motivation. The data also suggests that incentives work better than punishments to stimulate safe behavior. So “Fame” works stronger than “Fortune” or “Pain”.

This also applies to phobias: people with a phobia keep their behavior until an alternative behavior is realized that is more rewarding than the avoidance behavior with regard to feelings such as fear.

Whether incentives work most effectively on a physical, economic or social level, or if being presented as conditional for good performance or rather as opportunities in a lottery, can depend on the individual, the situation, or the culture and is worth further investigation.

How can we master and control our risk motivation?

People strive for increasing control and we adjust our behavior according to the situation / needs, even when the perception of that control is an illusion. When a situation or an illusion of a situation with more uncertainty and unfamiliarity presents itself, we become more careful, until a less risky situation presents itself.

In gambling, such as throwing a die with a 50% chance of the outcome of three or less versus a result of four or more, many engaged in some form of superstitious behavior, such as throwing harder for higher numbers, or e.g. systematically gambling for low numbers after a few times high numbers. Or assigning their success to the previous course of the day, their happiness in love, the moment of the day, etc.

Most people do not realistically perceive their own situation, but have a positively colored illusion about themselves, their skills, and their ability to control the environment. Such findings confirm the importance of involving individual perceptions of personal control, even illusory, when analyzing risk-taking behavior. They show that the perception of control, or lack of control, leads to corresponding risky or safe behavior. “Don’t worry, I’ve got it all under control” is a famous final phrase just before an accident. Giving the feeling of control with seat belts, ABS, four-wheel drive and helmets, etc., therefore leads people to riskier, ill-considered, or even careless behavior.

How do we compensate for perceived risks?

An important underlying assumption of Risk Homeostasis Theory (RHT) and Risk Motivation Theory (RMT) is the behavioral compensation for observed changes in risk content. People show compensation behavior to reduce a difference between their perceived and their desired level of risk. The risk-taking strategy variable DFO (Deviation from Optimal Response Pattern) also showed these behavioral shifts as a result of changes in the probability of punishment. This was predicted by the RMT, which states that each change results in a new perception and the target level of risk reset.

What distinguishes RMT from RHT?

RMT is based on RHT with its compensation behavior feedback loop for perceived difference between desired level and target level of risk. RHT, on the other hand, does not take into account the frequent, continuously shifting target levels of risk nor the risk-seeking tendency of people.

RMT is an extension of RHT by stating that physiological and emotional processes undergo the same compensation functions as the rational cognitive processes on which the RHT primarily focuses.

RMT states that people take risks for intrinsic rewards associated with performing risky activities, and that this process also has a compensation feedback loop.

All in all, the RMT extends the RHT with the following:

  1. a) Postulating multi-target levels of risk that require constant compensation and may never achieve a homeostatic controlled risk optimum.
  2. b) The strong emphasis on individual motivation processes, rather than collective behavior of a larger population.
  3. c) The importance of emotional and physiological aspects in the assessment and evaluation of risk-taking behavior.
  4. d) The addition of action-oriented rewards (desire for risk) to the goal-oriented rewards (risk tolerance).

Can we describe risk-taking behavior holistically?

The big difference between the RMT and other theories is that it combines many facets of risk taking in a single holistic model. It takes into account the desire to take risks, as well as the desire to control it. It involves processes that do not consciously take place, such as physiological and basic emotional processes. RMT emphasizes emotional, physiological and cognitive aspects of risk-taking, and a behavioral compensation feedback loop, designed and developed to optimize the overarching benefits of risk-taking.

The components of the ‘Risk Motivation Theory’ (RMT)

Implications of a Risk Motivation for the “Real Life”

Although it seems obvious that people are more cautious when there is great danger, this theory also implies that people voluntarily increase their exposure to danger when the perceived risk is low. This has implications for industry, traffic, health issues, and personal life. The findings teach us that if we make the environment safer, people will compensate for this increased safety by taking more risks.

Implications for reducing accidents

This is important for the design of the workplace for the reason of reducing accidents. The less active input an employee has when working with machines, the higher the chance of boredom, too little excitement and therefore compensation with risky behavior. E.g. duels with oil barrels, or races with fork lifts.

That is why it seems important to involve the employees in the design and execution of their job. The amount of responsibility that one experiences is probably proportional to the amount of risk that one experiences. Risk-seeking behavior must therefore be considered if accidents are to be avoided.

Although programs for encouraging safe behavior have some long-term effect, habituation can be expected that people simply get from the (increased) rewards, and after a while they take more risks. It can help to periodically change the nature of the rewards, and make them flexible, tailored to the person’s needs, individual needs and differences, and by using non-material incentives in addition to material ones. Praise and fame often have a greater effect on intrinsic motivation than material rewards.

Security measures, controlled and imposed by the government, may best be used in family circumstances. By learning from childhood safe behavior and rewarding them for displaying risk-conscious behavior, one could be much more effective than changing adult behavior. The same is true for forming the desired behavior of an employee from the start of employment.

Another important factor in risk-taking is risk perception. If a risk is not seen as such as a threat, one cannot respond to it as such. So recognizing danger must be learned and trained, otherwise accidents will happen anyway. An example is the difference in the handbrake-wheel combination in a bicycle compared to a motorcycle. With a bicycle, the right hand brake belongs to the rear wheel. With a motor, it is the front wheel. If this is not known, this will lead to accidents.

The insurmountable desire for challenges in our daily lives

However, one must also realize that no matter how high the reward or punishment may be, most people still take risks. After all, taking risks is important for survival, and is intrinsically and socially rewarded. Instead of eliminating all risks, one should therefore channel into equally risky actions for the individual, but which are less risky for society. E.g. taking risks with a race car are more tolerated than taking the same risks with a truck with toxic waste.

We must therefore try to let people actively choose which risks they take, and limit the situations in which they take them, as well as look for other situations or locations where and when they want to take risks. People must learn to estimate the costs and benefits of this action.

Anticipation of having fun, and the actual experience of emotions and physiological arousal are very intense under risky circumstances. The increased pleasure provides a powerful incentive to sort out situations that can give us that feeling back.

However, how much risk and intensity is still felt by someone as pleasure is subject to situational and personal differences. Testimonials show that the higher the perceived risk, the higher the pleasant excitement, and the higher the amount of energy spent on controlling the hazard. E.g. how much people think, test, buy protection and spend money to control the dangers for public figures on a race track is probably proportional to the danger for the individuals involved.

The effects of illusion of control has potentially important implications. Most of us have the illusion of control, optimism and skills. We may all be at risk to the level that we feel comfortable with. As we overestimate this level, we may all take too high risks. This has consequences for our survival as a species. Namely, if no other factor compensates for this phenomenon, we should have died out already, or this will happen soon.

A personal conclusion from the author

Given the insatiable motivation of people to do more, he hopes that our drive for more risks will be accompanied by a proportionately strong drive to master and control risks and the environment, so that one does not have to take the ultimate risk, just to to know what happens in the hereafter. Perhaps the consequences of taking that risk would ignore the optimum level of the challenge.

Natech Risk Assessment and Management – Reducing the risk of Natural-hazard Impact on Hazardous Installations

Authors: Elisabeth Krausmann; Ana Maria Cruz; Ernesto Salzano
The problem that is currently on the rise is that of technical disasters triggered by previous natural disasters or natural events. Examples include frost, heat, drought, rainfall, floods, earthquakes, whether or not combined in tsunamis, lightning strikes, etc.
In an extensive introduction, the authors give a number of examples of what these natural phenomena can do. And that is quite something: ranging from power cuts and pipe breaks, to destruction of storage tanks and explosions. These in turn give rise to an evacuation of the employees of the company, the environment, with or without death toll, as well as a possible enormous economic damage and the stagnation of (parts of) the economic activity in the affected area. It is therefore not for nothing that people want to arm themselves against the even worse domino effects of such events. To this end, these so-called Natech events are studied. To make the world a little safer.
Unfortunately, no two Natech disasters are the same. Although performing risk assessments makes progress in this regard, according to the authors, it remains (for the time being) an impossible task to compare the results of risk assessments. That makes it difficult to prioritize. Yet there are some standard works that the authors regularly refer to, among many other things in their detailed literature lists. Namely the so-called purple book, red book, green book and yellow book from TNO. But perhaps more important for their discussion are the software packages RAPID-N, PANR, the methods of TRAS 310 and TRAS 320, risk curves and ARIPAR-GIS. These contain qualitative, semi-quantitative and quantitative risk assessment modules.
After a number of chapters in which RAPID-N, ARIPAR-GIS and RISKCURVES are illustrated with discussion of the results, two chapters deal respectively with structural (technical) measures and organizational (more administrative) measures.
An innovative framework, which the authors say is worthwhile, was proposed by IRGC and consists of the following five elements:

  1. Risk preassessment: an early warning and “framing” of the risk to provide the problem with a structured definition. Or how it is framed by the various stakeholders and interested parties, and how best to deal with it.
  2. Risk assessment. By combining a scientific risk assessment (of the hazard and the probability of it) combined with a systematic ‘concern’ assessment (of public concerns and perceptions) to form the basis of knowledge for taking subsequent decisions.
  3. Characterization and evaluation: making use of scientific data and a thorough understanding of the societal values ​​affected by the risk to determine whether the risk is acceptable, tolerable (with or without mitigation of the risk as a requirement) or intolerable (unacceptable).
  4. Risk management: all actions and remedies that are necessary to avoid, reduce, share or retain a risk.
  5. Risk communication: how stakeholders and interested parties and society understand the risk and participate in the risk governance process.

The work is, in particular, a piece of “compulsory” reading material for continuity managers and risk managers of large companies that are important for the economic motor of a region or country with large industrial installations. It requires a healthy portion of common sense, but also a sufficient knowledge of process engineering to grasp the storylines. In addition, an open view of a wide range of sciences, technical and non-technical, and of society, is necessary to correctly assess the importance of this work.