Risk Management – Risk Tolerance & Risk Appetite

Risk Management – Risk Tolerance & Risk Appetite

Risk Management – Risk Tolerance & Risk Appetite

Author: Premal Desai


One of most important activity which Project Manager should perform on continuous basis is managing risks in terms of Identifying risks, assessing risks and controlling risks [IAC] of the project, using Risk Management knowledge area, its tools and techniques & processes.

Risk Management plays pivotal role in Project Management. The activity commences with identification of the risks, assessment of therisks &mitigation of the risks referred as control of risks. This is referred as IAC. The cycle of IAC is continuous and should be performed throughout the Project Management Life Cycle/PMLC.

A risk can be an opportunity or a threat. The positive risk positively affects project objectives, and the negative risk impacts them negatively. When risk affects positively it is known as Opportunity and negatively impacted referred as Threat. Each of them have specific ways of mitigation like Avoid, Reduce, Transfer, Fallback, Exploit, Enhance or Accept or Reject.

While performing above activities, two important aspects to be checked or to be validated are – Risk Tolerance & Risk Appetite.

Let us look each of them –

Risk Appetite

Every enterprise or individual response to risk varies and this behaviour or action is known as Risk Appetite while quantification of Risk Appetite is Risk Tolerance meaning specified range of acceptable results.

According to the PMBOK Guide, “Risk appetite is the degree of uncertainty an organization or individual is willing to accept in anticipation of a reward”.Risk appetite can be rated from high to low.

Some enterprises can take a high risk if the reward is high thus their risk appetite is high and some enterprises that plays conservatively has a lower risk appetite.

Risk Tolerance

According to the PMBOK Guide, “Tolerance is the specified range of acceptable results.”

Risk tolerance shows how much risk an enterprise or individual can withstand or sustain.

A high-risk tolerance means they are willing to take on more risk, while a low tolerance is reverse.

Example-While working on RFP, rough order estimate comes to USD 200,000. As per organization norm, cost more than 20% meaning cost variation beyond 20% is not allowed. Meaning bidding team can take cost escalation risk up to 20%, so 20% is risk tolerance limit.


Understanding risk appetite and risk tolerancewill help to develop Risk Management Plan which is sub-set to Project Management Plan. Risk appetite is a tendency towards risks, and risk tolerance is an acceptable variance which is quantified or which is represented in numbers.

More To Explore

Subscribe For Newsletter

Stay updated for new courses

Subscribe For Newsletter