To me, this adage fully applies to risk management where the complex situation and environment of a risk can more easily be grasped visually using dedicated graphical models like the bow tie representation. Indeed, I believe this type of representation can truly ease the risk identification and mitigation phases. Furthermore, with such an easy-to-understand representation, the myth of risk management being a complicated process vanishes and people can focus on the true value of risk management – making decisions.

What Is the Bow-Tie Method?

The bow tie method is a risk documentation and representation approach where the risk event sits in the middle of the picture and its context surrounds it. In most versions, the impacts and drivers are displayed on both sides of the risk resulting in a representation of a man’s bow tie.

Most diagrams also include risk responses located on each impact and driver branch and some elaborated versions incorporate the associated processes in which the risk would take place and even sometimes the relevant key risk indicators (KRIs) constituting the early warning system for the risk.

When Should I Use the Bow-Tie Method?

To me, the bow tie method can be used in most if not all situations. Widely used for Environment, Health and Safety (EH&S) type risks, I see no reason why it should be restrained to one risk category because it’s simply another representation of the risk information.

From my experience, this approach is very helpful when performing a risk identification with people who don’t have a prior risk management experience. Leveraging this approach often helps stakeholders better picture the risk, its sources and consequences, and therefore increase their implication in the exercise.

Furthermore, for risks that span across multiple areas or departments, it helps in recreating the complete chain of events that would result in the risk occurring. Indeed, by graphically documenting the risk drivers, this approach can facilitate the identification of related events since bow tie is a great brainstorming support.

Where Do I Start?

Using bow tie is rather straight forward and I would suggest simply following these steps:

1. Name and describe the risk event (what could happen) in a circle placed in the middle of the page
2. On the left of the circle, place the risk drivers (risk sources) that could trigger the even to occur
3. On the right, place the potential consequences (risk impacts) that would be incurred should the event effectively happen

That’s it! Now that you have identified the risk, if you want to take this exercise a step further, you can place the preventive and corrective risk responses on each branch. This would enable you to rapidly visualize if any branch is left uncovered or if, on the other hand, some are being over covered with too many risk responses.

The following  is simply an illustrative example of the result you would be getting and the lightening symbol illustrates where risk responses are in place:

This easy-to-understand representation facilitates decision making, which is the true value of risk management.

What about you? Do you currently use this bow tie approach? If so, would you have any recommendations on where to start and how to progress? If not, could you tell us why you aren’t using this method?

If you are interested in learning more about SAP solutions for Governance, Risk, and Compliance, feel free to fill-in the demo request form!

Originally published on the SAP Analytics Blog