If you’re like me, you’ll be tired of hearing some of the common misconceptions about risk. But if you are newer to project management, or just starting to focus your attention on risk, you may come across some of the common risk management myths and not know how to respond.
Here, then, are my top 15 risk management myths and fallacies.
This video is safe for viewing in the workplace.
This is learning, so, sit back and enjoy
Risk Management Myths
1. Risk management is a waste of time
This myth assumes that risk management doesn’t add value and only slows projects down. In reality, effective risk management improves decision-making, reduces costly surprises, and increases project resilience. When done well, it helps teams focus on what truly matters, ensuring resources are spent wisely rather than firefighting problems later.
2. Risk management is just admin or just a compliance task – JFDI
Many see risk management as a bureaucratic exercise—filling out forms and ticking boxes. This is a misunderstanding. Risk management is about actively identifying and responding to uncertainties that can impact objectives. A proactive approach integrates risk into decision-making, making it a strategic enabler rather than a procedural burden.
3. All risk is bad
This myth stems from a misunderstanding of risk as purely negative. In reality, risk includes both threats and opportunities. Managing risk effectively means identifying positive risks (opportunities) and maximizing their potential while mitigating negative risks. A project without any risk is either stagnant or failing to seize potential advantages.
4. We should avoid risk
Avoidance is not always the best strategy, and in many cases, it’s not even possible. Avoiding all risk can mean missing out on opportunities for innovation, efficiency, and growth. The right approach is to assess risks, understand them, and take calculated risks where the potential benefits outweigh the downsides.
5. Risk management means not taking risks
This myth portrays risk management as excessively cautious, leading to inaction. In truth, risk management is about making informed choices—not avoiding risks altogether. The goal is to take risks intelligently by understanding potential impacts, planning responses, and ensuring risks are aligned with business objectives.
6. Risk management is a buzz-kill
Some believe risk management stifles creativity and innovation. However, well-managed risk actually enables innovation by allowing organizations to take smart risks with confidence. Rather than saying “no” to every idea, risk management helps refine and execute bold initiatives while reducing the chance of failure.
7. Risk management is complicated
While risk management can be complex in certain contexts, it doesn’t have to be overly complicated. The fundamental principles—identifying, assessing, and responding to risks—are straightforward. A simple, structured approach tailored to the project’s needs is often more effective than over-engineered risk processes.
8. Linear scales work for impact and likelihood
Using simple 1-to-5 scales for impact and likelihood assumes that risk behaves in a linear way, which is rarely true. Many risks follow non-linear patterns, meaning small changes in likelihood or impact can have outsized consequences. More sophisticated approaches, such as logarithmic scales or scenario analysis, provide a better picture of risk severity.
9. Probability estimates are reliable
Risk probability is often treated as a precise figure, but in reality, it’s an estimate based on incomplete information. Human biases, lack of data, and unexpected variables make probability estimates inherently uncertain. A better approach is to use probability ranges and sensitivity analysis rather than relying on single-point estimates.
10. The risk matrix gives a quantitative measure of risk
Risk matrices are widely used but often misleading. They provide a visual representation of risk but lack true quantitative precision. A “high” or “medium” risk rating is subjective and depends on how categories are defined. Quantitative risk analysis, where possible, offers a more accurate understanding of risk exposure.
11. Impact and likelihood are all that matter
Focusing only on impact and likelihood ignores other crucial factors, such as risk velocity (how quickly a risk materializes), interdependencies, and the organization’s risk appetite. Some low-probability risks can have extreme consequences and require attention even if their likelihood is low. A more holistic view of risk is necessary.
12. Objective estimates are possible
Many assume risk assessments can be purely objective, but all risk estimates involve some level of subjectivity. Even with data, assumptions and judgment calls are required. The best approach is to combine data-driven insights with expert opinions while acknowledging uncertainties and biases.
13. The risk register is everything
A risk register is a useful tool, but it’s not a substitute for active risk management. Listing risks is not enough—what matters is how they are analyzed, communicated, and acted upon. Risk management should be an ongoing, dynamic process rather than a static document exercise.
14. A risk transferred is a risk removed
Transferring risk, such as through insurance or contracts, does not eliminate it. The risk still exists; it’s just assigned to another party. Moreover, poorly designed risk transfers can introduce new risks, such as legal disputes or reputational damage. Effective risk transfer requires careful planning and oversight.
15. Let’s ignore risks we cannot control
Just because a risk is beyond direct control doesn’t mean it should be ignored. External risks (e.g., economic shifts, regulatory changes) can be monitored, mitigated, or prepared for through contingency planning. Ignoring them increases vulnerability, whereas proactive strategies—like scenario planning—help organizations stay agile.
What Kit does a Project Manager Need?
I asked Project Managers in a couple of forums what material things you need to have, to do your job as a Project Manager. They responded magnificently. I compiled their answers into a Kit list. I added my own.
Check out the Kit a Project Manager needs
Note that the links are affiliated.
Learn Still More
For more great Project Management videos, please subscribe to the OnlinePMCourses YouTube channel.
If you want basic Management Courses – free training hosted on YouTube, with 2 new management lessons a week, check out our sister channel, Management Courses.
For more of our Project Management videos in themed collections, join our Free Academy of Project Management.
For more of our videos in themed collections, join our Free Academy of Project Management.