[GUEST AUTHOR]: doc. dr. Brane Bertoncelj, Former director of cash management department at the Bank of Slovenia

Risk is a personal, professional and social overburden. “How safe is safe enough?” is the common denominator of an increasingly difficult decision-making in identifying an acceptable risk in a precarious social environment.

Risk perception requires us the assessment of probability and the ability to think intelligently and deductively about an unlikely, but relevant emergency. Usually, the individual attributes the probabilistic nature to the event, thus assesses it as more or less probable, and makes risk management decisions accordingly.

Zaznava tveganja

However, the process of risk perception is limited with our mental and physical perception, since an individual can only process the stimuli and cognitions that he/she perceives. This is why risk perception is a very personal decision-making process based on a frame of reference that an individual has developed throughout his/her lie. Consequently, the central issue in risk perception is the multifaceted understanding of the individual as a risk assessor, and the ways he/she thinks, feels and acts on the hazard, threat and associated risks.

The risk self-perception is, in fact, fraught with flaws as it is influenced by many factors, in particular the personal characteristics of the assessor, the fatal consequences of the risk, high damage, loss of reputation, impact on future generation, involuntary exposure to threats, ignorance of the threat, recent emergencies, inadequate sources of information, distrust of authority, media attention etc.

The results of psychological experiments show that an individual is not the best risk assessor, and that in the face of uncertainty he/she systematically violates the principles of rational decision-making. Risk management thus does not meet the basic requirements of reasonableness and consistency, since risk perception is most influenced by personal experience, foresight, thinking, feelings and desires.

Risk perception is therefore rarely completely rational. Instead, the individual perceives the risk by using a mix of cognitive skills (e.g. assessment of evidence, use of arguments and logic to reach conclusion) and emotional assessment (intuition or imagination). The process is further aggravated by an overconfidence about the correctness of one’s own judgement, in which an individual too often trusts its own judgement, even if it is incorrect.

Such overconfidence is dangerous as it shows that we are often unaware of how little we know about the potential threats and risks, and how much additional information and interdisciplinary approach we would still need. This excessive self-esteem is also fueled by the individual’s desire for certainty which is often manifested as a denial of uncertainty. In this aspect, the asymmetry between profit and loss is also interesting (an individual prefers to believe he/she is playing a game with high profits, even though he/she may end up with nothing).

As seen above, risk perception is a very complex processes based on theoretical analyzes more than on direct experience. Risk perception contains at least two sources of uncertainty, namely the variable of natural uncertainty (the uncertainty which needs to be assessed) and the uncertainty, arising from the lack of expertise, knowledge and information of the risk assessor. However, these two uncertainties are uniform and cannot be synthetically separated.

Based on good practices and my own experience, I suggest the following activities to improve risk perception:

When anticipating what will happen, try to reduce the pessimism. This approach affects the feelings of fear and causes you to assess the risk higher than it is.

Because of our need to control we often perceive we have more control over situation that we actually do. This “control illusion” leads us to perceive the risk as a lesser threat than it is.

Risks we have not yet perceived lead us to think about them more, and therefore evaluate them as riskier.

Choosing between two equally risky events can cause the risk to be perceived lower than it actually is probably out of a sense of control that gives us the possibility to choose.

If the risk is getting a lot of public attention, it is rated as more important than it really is by the heuristic availability.

If we are exposed to risk personally, we rate it higher.

If opportunities and risks are intertwined, and the choice could lead to benefits, we may perceive the actual risk as lower than it actually is.

When the risk involves the actions of others, the way we access the risk will have a significant impact on the extent of the trust of the parties involved.

An individual’s risk perception system is subconsciously and quickly established by his/her mind (the amygdala) even before acquiring the actual facts. This “flashing” instinct may be useful for avoiding simple and immediate dangers, but it is not the most thoughtful way to figure out what to do about complex future threats.

One can be overly optimistic when the details are unclear. Try to imagine that threats are more difficult and imminent.



Contact Silver Bullet Risk team if you need help with risk management.

For more information about risk management follow their LinkedIn & Twitter account. You can join the debate in Linkedin group ERM – ENTERPRISE RISK MANAGEMENT.

In a competitive business landscape, the most successful organizations are those that have managed to adapt to the new conditions as quickly as possible and to control the risks imposed. Despite being constantly faced with internal and/or external factors that affect the uncertainty and unpredictability of the situation and the achievement of business goals, it is still important that the organizations try to reduce risks to a level that is still manageable.

Risk management should be ensured to the extent that they don’t have an impact on the core business processes. This is why it is also necessary to invest more in the continuous education and skills-building of the employees who are dealing with risks. Risk management and corporate security processes are an indivisible set of organizational management models, visible through corporate management and corporate social responsibility.

In many organizations, risk management is ineffective, what consequently shows as a devastating impact on business and competitiveness (Lam, 2014). Some authors therefore advocate educational programs that more fully provide knowledge to deal with such vulnerability, threats and risks (Flammini, 2012, Gritzalis, 2018).

In this aspect, corporate security is a preferred tool for the management to be able to identify the necessary activities to manage security risks. By preventing financial losses and protecting organization’s reputation, the risk manager, together with other services, creates the conditions for successful business and for achieving the organization’s development strategy.

What to study is one of the more important decisions in a person’s life. Every student should think about what makes him/her happy, how his/her life will look like in 10 years, and in which area of expertise he/she will most likely to get a job. It is important that we know what we want in life, as without having goals and plans, our aspirations can remain unmet.

It is odd that sometimes an individual can spend more time planning a holiday than his/her own career path. The desires make us crave for their fulfilment, but it is our goals that motivate us into taking an action. The greatest assurance for our success is therefore “the intensity of our purpose”. This is why, besides knowing what we want in life, we must also be aware of the cost of the effort we are willing to devote to achieving our goal. Only when one knows all this, he/she can take a path of personal growth, realize personal potentials, competences and lead a quality life.

Risk management and Corporate Security Study enables the management of business and security conditions in the economy, critical infrastructure, industry, state bodies and civil society. This is the study for the profession of the future, and represents an upgrade of a much wider area of business studies.

The study enables students to acquire knowledge by analysing theoretical and methodological concepts, and later transferring them into practice and problem-solving. The program is multidisciplinary by design, as the risk management represents a very complex process that demands one to obtain skills from various professional disciplines. As such, it doesn’t only reflect the needs in Slovenia, but is easily comparable to programs of reputable European and American universities with a similar curriculum. It is also the basis for attaining the Certified Protection Professional (CPP) certification, which is considered to be the “gold standard” for risk management professionals around the globe.

If you are wondering whether the today’s labour market is in need for risk managers, I find the field greatly lacks of knowledge (and knowledge is the only thing in the world that is properly deployed among each and every one of us). In my opinion, any large organization in the area of national critical infrastructure in Slovenia should have at least one risk manager employed. This person should have a strategic knowledge on how to establish risk management system, and implement risk management processes accordingly.

In 2017, there were 195,756 organizations registered in Slovenia, employing 881,920 individuals and generating 108,840 million EUR in revenue (SURS, 2017). Of that, 346 large organizations (over 250 employees) employed 270.739 individuals, and generated the largest revenue share (38,703 million EUR).

If we also consider medium-sized organizations, there is a strong need to improve the staff structure of those responsible for risk management and corporate security (estimated above 500), which is a great potential for employing corporate security managers and professionals in the future. Therefore, I believe this program will be one of those areas where a great need for continuous training of relevant experts will be constantly present.

Among the many interesting challenges that we face, the most important one remains that we understand the upcoming technological revolution which also involves the transformation of the entire mankind. We have come to the threshold of the Fourth Industrial Revolution (some even refer to it as the Fifth) which will fundamentally change our way of life, work and mutual understanding. This is why its extent, scale and complexity cannot be compared of anything that humanity has experienced so far.

The Fourth Industrial Revolution will have a significant impact on the nature of the relations between states and international security. The technology will enable higher efficiency, which most of us wants. However, most people also want to feel they are not just part of the process, but something that is bigger than themselves. Security is a topic that is not sufficiently discussed in the public and in all sectors outside the government. The critical danger is that highly connected world of rising inequalities can lead to social unrest, and also to violent extremism. This is why the nature of security threats will also change, or as poet Rainer Maria Rilke wrote in his Letter to a Young Poet: “The future enters into us, in order to transform itself in us, long before it happens.” In other words, everything depends on us.

The Fourth Industrial Revolution is also forming the need for new professions, and has already significantly changed the old ones, however in my personal opinion, the role and significance of the security manager will increase in time. The main obstacles to a more resolute approach to this new situation are the lack of understanding of the impacts of change in organizations, inadequate staffing strategies, constraints on operating resources, and pressures on short-term profitability.

Consequently, there is a disproportion between the scale of future changes, and the relatively marginal measures that organizations now accept as preparation for these changes. A new approach is needed to examine each organization staffing need, and avoid possible unwanted outcomes.

Despite the potential favourable impact of technology on economic growth, it is essential to address the potential adverse effects on the labour market. Fears about the impact of technology on jobs are not new. As early as 1931, economist John Maynard Keynes warned us in a resounding manner against extensive technological unemployment “due to our discovery of ways for more economical work that overtakes the discovery of new ways to exploit the workforce.” His predictions did not prove to be true at the time, but what if he might be right this time around?


Contact Silver Bullet Risk team if you need help with risk management.

For more information about risk management follow their LinkedIn & Twitter account. You can join the debate in Linkedin group ERM – ENTERPRISE RISK MANAGEMENT.