Risk profiling, a visual discussion


stick_figures_reporting_to_manager_400_clr_9595Risk profiling needs to move to a visual discussion.

Risk profiling practices of today are generally text based and focused on developing risks around words and sentences to represent the risk, controls and actions.  Yet research by 3M, highlighted in this blog post,  “concluded that we process visuals 60,000 times faster than text. Further studies find that the human brain deciphers image elements simultaneously, while language is decoded in a linear, sequential manner taking more time to process.”

So why is it we persist with representing risks to people in a non-visual manner.  In particular, why do we revert to non-visual methods in the process of performing the risk assessments and then in the initial representation of risks?  Of course, most people will report on components of risk profiling using charts and visual tools, but the process itself of performing the risk assessment will generally be “words” focused.

Of course a visual approach has risks.  How can a visual truly represent a risk?  People may interpret visuals very differently, how do we know everyone is thinking the same thing?  But I challenge you that even with text, this risks exist.

Here is a little visual exercise for you.  Try and guess what risks these visuals represent.





How did you do?  Print this page and show 3 colleagues and see what they guess these risks to be.

There will be differences, for instance the first one could be credit card fraud, fraud, theft, or even breach of privacy.  Interestingly these are all essentially similar risk themes, therefore even though there are variances, the variances do not cause the risk assessment process to degrade. For the process orientated reader, the other 3 pictures are process failures or problems, environmental hazards, and financial risk.

Once you have completed the “survey” of your colleagues with the visual risks.  Provide them written risk statements and ask them to explain the risk to you.  What differences do you see in the responses?

Now ask them to rate which they prefer in regards to documenting risks.

The Power of Visual Communication highlights that, “How many times have you heard, “I didn’t believe it until I saw it.” Studies show that the old saying “seeing is believing” is mostly true. Of course, we know that what we see can be manipulated but the point is that visuals are persuasive. The Stanford Persuasive Technology Lab asked 2,440 participants how they evaluated the credibility of Web sites they were shown. Almost half (46.1%) said that the Web site’s design look was the number one criterion for discerning the credibility of the presented material.”

We suspect, that based on your research you may find that a large number of people would prefer the visual cues for discussing risks.  Of course, from a regulatory perspective, visuals are not going to be enough to provide clarity of risk and are also very difficult to populate into existing risk management tools.  Therefore, a balance between the two is required.

The intent of this posting is not to say all risk assessments should use pictures, but rather that thinking differently about risk profiling will provide valuable results to your business and your risk management process.  In particular, ensuring that risk profiling resonates with as many people as possible, through both visual and written means, will provide better business outcomes and a more engaging discussion.

Risk profiling needs to be a visual discussion because people want to be engaged using all mediums possible.  Regardless of their generation.


  1. The visualization of risk goes far beyond just adding icons as metaphors. If you print a map visually showing all the countries that generated web server 404 errors in the past 7 days, it portrays risk to an executive in a way that a table or 5 paragraphs of text cannot. I think it goes to the idea of meaningful metaphors and cognizant impact. Adding color, useful/contextually appropriate art such as those icons are important and overlooked by risk professionals (make it most associated with IT). Of course using these tools is a lot like adding salt to oatmeal. Its great within certain limits but after that ….

Comments are closed.