Forecasting unknown-unknowns by boosting the risk radar within the risk intelligent organisation

This theoretical perspective paper interprets (un)known-(un)known risk quadrants as being formed from both abstract and concrete risk knowledge. It shows that these quadrants are useful for categorising risk forecasting challenges against the levels of abstract and concrete risk knowledge that are typically available, as well as for measuring perceived levels of abstract and concrete risk knowledge available for forecasting in psychometric research. Drawing on cybersecurity risk examples, a case is made for refocusing risk management forecasting efforts towards changing unknown-unknowns into known-knowns. We propose that this be achieved by developing the ‘boosted risk radar’ as organisational practice, where suitably ‘risk intelligent’ managers gather ‘risk intelligence information’ such that the ‘risk intelligent organisation’ can purposefully co-develop both abstract and concrete risk forecasting knowledge. We also illustrate what this can entail in simple practical terms within organisations.