Are you a "risk professional"? How do you know? Or do you use the services of "risk professionals"? How can you tell they’re really professional?

The "Risk Management Professionalism Manifesto" (Hillson, 2002) provides 10 criteria that risk practitioners and their clients can use to determine whether the risk services being offered can be described as "professional" or not.

The full Manifesto is available online, and it includes a set of test cases. Before you start your next risk engagement, as either the provider or receiver of risk services, consider how you would answer these questions:

1. Scope.

If the risk professional discovers a risk which is important but clearly outside the agreed scope of the engagement, what should they do?

2. Context.

If the risk professional gives advice that the client thinks is not “industry best practice,” how should the discrepancy be resolved?

3. Competence.

If a particular risk area is very technical, how much should the risk professional rely on the advice of the client’s engineers or technical specialists?

4. Processes and tools.

If the client has a preferred risk tool or process, but the risk professional thinks these are not appropriate for this engagement, how should this be addressed?

5. Quality of advice.

If the risk professional considers that a risk analysis is robust but the project or business is highly sensitive to the accuracy of the results, to what extent should they be concerned about that sensitivity?

6. Language.

If agreed risk management actions have been poorly implemented by client staff, leading to problems, should the way the risk professional communicated these actions be reviewed?

7. Recommendations.

If the risk professional considers that the client is jeopardizing third parties by not managing risks effectively, how should the risk professional raise the resulting ethical issues?

8. Conflicts of interest.

If a risk professional discovers a risk that might affect a colleague working on an unrelated assignment, should they ask the client’s permission before speaking to their colleague?

9. Inappropriate application.

If the client chooses to use a contract to transfer risks to a supplier, but the risk professional considers that those risks would be managed more effectively by the client, what should they do?

10. Objectives.

If the client has concealed the true purpose of a project from the risk professional because of its strategic sensitivity to the business, what should the client do if the risk professional identifies business-related risks?

If you’re not sure how to answer any of these questions, the Manifesto may help!