The 2012 Risk Zone Summit

 

This was the original website for promoting the Interactive 2-day conference moderated by the Risk Doctor, David Hillson. Once the conference was over and the need for the website finished, the domain's registration was allowed to expire and riskzonesummit.com disappeared form the web.

Dr David Hillson, The Risk Doctor, is well-known as an excellent speaker, presenter and trainer, international risk thought-leader, and popular conference speaker.;

Countless individuals, teams and organizations have benefited from his blend of thought-leadership with practical application, presented in an accessible style that combines clarity with humor. I attended the September 2012 in Vienna. I happen to work for a progressive software company as part of a team whose specialty is helping client integration with Salesforce. Take for instance the field in emerging concierge medicine. Many doctors, nurse practitioners, physician assistants, and other medical pros are taking a leap into this growing niche within the healthcare marketplace. Practices that have also chosen Salesforce and now need to integrate all their systems into this one platform hire folks like myself. Once Salesforce is fully integrated the physicians have greater control over: How much time they spend with patients / What kind of care they offer / Their own time, paperwork, and office workflows / Their overall income and cash flow. We are hired to make that greater control become a reality by customizing the doctor's CRM (customer relationship management) software. My bosses felt that the I could glean helpful information about project risk management and its overall impact on a business's programs/portfolios that would be useful when speaking with prospective clients. I often do the initial "sell" so I was the logical person to go to this conference.

Recently I discovered that the domain for RiskZoneSummit.com was available, so I bought it with the goal of recreating some of its content from archived pages and to point visitors to Dr David Hillson's site: www.risk-doctor.com/. I definitely didn't want someone else purchasing the domain and re-purposing the site for some enterprise that had nothing in common with the original conference website.

PLEASE NOTE THAT THIS PAGE CONTAINS SELECTIVE ARCHIVED CONTENT FROM THE ORIGINAL SITE.

Since the site will not be exactly as you remember it, please be indulgent.
Now let's take a nostalgic stroll back to Austria Trend Savoyen Hotel in Vienna, Austria
25-26 September 2012.

 

 

"Attending the 2012 Risk Zone Summit wasn't originally on my agenda; I was there primarily because of my father's insistence, as we were traveling together. Initially, I thought it would be an event filled with esoteric discussions, far removed from my interests. However, to my surprise, I found myself engrossed in the presentations. It was a revelation to discover the critical role risk management plays in achieving success. Despite the majority of attendees being significantly older, I never felt out of place. In fact, my Bane t-shirt became a conversation starter!

One of the speakers, a renowned expert in risk management and, as it turns out, took particular interest in it. He shared an intriguing perspective: embracing a Bane-like approach to risk management. His rationale was fascinating – sometimes, the best person to identify and manage risks is an outsider with a keen sense of danger, much like Bane, the notorious villain yet a character with an acute understanding of risks and strategy.

This unexpected intersection of a pop culture reference and a professional insight was enlightening. It led me to appreciate risk management not just as a business necessity but as an art form that can be approached creatively, even disruptively. This experience, though unplanned, has piqued my interest in the field, and I'm now keen to explore more about how 'outsider' perspectives, like that of Bane, can be a secret weapon in navigating and managing risks." Margi Fenton

 

 

The Risk Zone Summit, among the premier conferences to be organized in such a large and worldwide scale on topics and issues that are related to the risk factors in projects will be held in Vienna Austria. The conference will encourage interaction from participants and guests. The conference plans to cover a wide range of important topics related to risk strategies and risk management.

+++

Summit Focus

  • Interactive 2-day conference moderated by the Risk Doctor, David Hillson
  • Corporate Case Studies from Nestle, NSN, SAP AG, Transport for London, Alcatel-Lucent
  • Chance to benchmark your risk management approach against best practice and identify points of improvement to meet challenges faced by your business
  • Network with Europe’s Senior Project Professionals who all have considerable practice in the Risk field
  • Learning effective, proactive resolution plans to turn project risks in your favor
  • Rest assured by the Risk Doctor that you leave the summit with plenty of actionable learning points

+++

The Business Issue

Managing risk in projects is a well-established practice, with agreed processes, accepted methods and proven techniques. Even though it has been long considered a key contributor to project and business success, some elements of project risk management and its overall impact on the program/portfolio or enterprise are still areas to be further examined and developed.

Particularly as nowadays project risks cannot be treated in silos anymore but organizations must offer a unified, enterprise wide approach to managing risk or capitalizing on opportunities. Unfortunately a study by COSO reported that “the state of ERM appears to be relatively immature. Only 28 percent of respondents describe their current stage of ERM implementation as 'systematic, robust and repeatable' with regular reporting to the board. Almost 60 percent of respondents say their risk tracking is mostly informal and ad hoc or only tracked within individual silos."


Therefore businesses face considerable challenges in developing and maintaining an effective risk management system that filters across the business. If you manage risk inappropriately, you can drive out the opportunity you seek in your venture. Consequently, risk management is not a matter of driving out all risks, but rather one of understanding the risks and choosing to void some, while turning others in your favor.

RiskZone 2012 brings you a range of insightful case studies demonstrating where and how successful projects have been managed, and what measures can be taken to avoid the pitfalls which have befallen others.

 

+++

 

Summit Agenda, Day One

08:00 Registration p;

08:30 Opening Remarks by Chair

08:45 Opening Keynote: Do’s and Don’ts of Risk Management in Real Life

Wilhelm Kross, CEO Kross Consulting, PMI Frankfurt Chapter Former President

  • Establishing Risk Frameworks that work
  • Practical Implementations for the Net Benefit of the organization

09:30 Embedding Risk Awareness in the Core Corporate Culture

Bryan Barrow – APM Risk SIG Chair 2011 - 2012

  • Why it's people, not tools, that we need to update
  • The Board's role in shaping corporate risk culture
  • Ending the culture of silence that allows risk to go unmanaged

10:15 Coffee & Networking Break

+++

Auditorium One: Risk at Project and Program Level

+++

10:45 Opening Remarks by the Chair

Paul H. Lohnes, PMP

11:00 Understanding the difference of risk management on project and program level while integrating the view on risk management for the organization

Thomas Walenta, Service Leader EMEA, IBM

  • Managing Risk on organization level versus project and program levels
  • Understanding different stakeholder needs and dependencies regarding risk identification, analysis and mitigation between strategic, program and project levels
  • Exploring Benefits and limits of an integrative approach

11:45 Managing the people side of risk management

Presenter to be advised soon.

  • Human understanding and cultural attitudes towards RM
  • Delegation of responsibility
  • Strategic stakeholder communication

2:30 Lunch & Networking Break

13:30 strong>Corporate Case: Delivering an Effective and Proactive Risk Response – The Austrian Ariline’s Journey on Risk Management

Ulrich Aigner - Director Corporate Project Management, Austrian Airlines

14:15 Combining Risk and Value Management in Projects and Programs

David Hancock, Head of Project Risk, Transport for London

+++

Auditorium Two: Risk at the Enterprise Level

+++

10:45 Opening Remarks by the Chair
David Hillson, The Risk Doctor

11:00 Is RISK a negative word in your organization?
Robert Stroud, VP CA,
Strategic Advisory Council Member, ISACA (invited)

Some simple guidelines for the implementation of effective enterprise risk management requires the development of a risk culture that considers the implications of risk and identifies process to determine if a risk should be accepted for business benefit or mitigated with appropriate controls.

  • Identify the organizations risk appetite and tolerance
  • Identify responsibilities and accountability for Risk Management
  • Create an awareness program and communicate
  • Making Risk management is the responsibility of all business professionals.

11:45 Keynote: Managing Threats & Opportunities in a Unified Risk Process
Gerhard Rotter, Director of Risk Management, Alcatel-Lucent

  • Using a single risk process for both downside and upside risk
  • Developing appropriate strategies to minimize threats and maximize opportunities

12:30 Lunch & Networking Break

13:30 Setting objectives for ERM function taking into account its possibilities and limitations as a corporate governance tool.

11:00 Is RISK a negative word in your organization?
Igor Mikhaylov - Head of risk management at MTS,& Board member at FERMA, Winner European Risk Manager of the year (Strategic Risk Awards 2011, London)

  • Functions of integrated risk-management
  • Integration of risk-management into the key decision-making processes
  • Objectives for ERM based on the specifics and need of the company
  • Principles for segregation of duties and functions in ERM process
  • Recommendations for ERM implementation
  • Milestones of ERM development in MTS (case)

14:15 Using Risk Management for Strategic Advantage
Ingo Hoffman - VP, Head of Strategic Risk Management, SAP

  • Putting projects in perspective – the organizational context
  • Managing risk across the enterprise through a coherent and aligned approach
  • Extend ERM towards Strategic Risk Management with Focus on Emerging Risks

+++

Auditorium One & Auditorium Two Presentations Concluded

+++

15:00 Coffee and Networking Break

15:30 Keynote: Understanding Risk Appetite – The right approach to enteprise wide risk management
Ruth Murray Webster – VIsiting Fellow Programme and Project Management – Cranfield University Partner – Lucidus Consulting
This keynote explains the concept of risk appetite (essentially, how much risk do we want to take) but most importantly, put it into context with the other five questions you need to ask to manage risk effectively:

  • Risk Culture: how much risk do we usually like to take?
  • Risk Capacity: How much risk can we take?
  • Risk Perception: How much risk do we think we are taking?
  • Risk Attitude: How much risk do we think we should take?
  • Risk Exposure: How much risk are we taking?

16:15 Keynote: Building a Portfolio Level Risk Management Environment
Paul H. Lohnes, PMP – Managing Partner, MCLMG
Cheryl A. Wilson, CCEP, PMP, PMI-RMP, - VP Risk Management, MCLMG

  • New risk terminology: getting on the same page with stakeholders and PMs
  • Portfolio risk environment standards: consistency and compliancy
  • The Risk Management Office (RMO): support, services, and solutions
  • Deliverables-Centered Project Management (DCPM): a risk-advantaged project solution

17:00 Summary, closing remarks

17:30 End of Day One -Time for a well deservedglass of wine, cocktail dinner and networking.

 

Testimonial

First of all, thank you again for bringing me to Sweden for this event. The Nordic countries resonate remarkably to the subject I offered. They cherish their resources, and their culture. Environmental and Social responsibility have become integrated into the organizational strategy of nearly every major company in the Nordic countries. Their questions were poignant, and on target, and left me feeling that the entire group was “listening”. (…)The event content especially was excellent, and well structured. To me, in a world filled with competition on this subject, the content distinguishes it from the “pack” of competitors. It was a high quality event. The other way that this event distinguishes it from others is in the attendees. They were far more experienced than the attendees at typical PMI events. The PMI events are excellent, but are directed at the demographics of the membership, which represents a broad range of experience. It is like a large village…all must be cared for and educated, but few will have the opportunity to excel to the highest level of education offered…you are addressing the “few”. The attendees were challenged in thought and in content because of the speakers and subjects presented. It was a superbly crafted event.
Gregory Balestrero – President and CEO, The Project Management Institute (2002-2011)

 

More Background On RiskZoneSummit.com

 

RiskZoneSummit.com represents more than just a defunct conference website—it captures a moment in the evolution of modern risk management thinking, when enterprise risk, project risk, and strategic uncertainty began converging into a unified professional discipline. The site originally served as the digital home for the Risk Zone Summit, an international, in-person conference held in Vienna, Austria, in September 2012. Although the event itself lasted only two days, its influence reached far beyond the conference halls, contributing to ongoing discussions about enterprise risk management (ERM), risk culture, governance, and leadership.

Today, RiskZoneSummit.com exists primarily as a reconstructed and archival reference point, preserving the intellectual footprint of a conference that brought together senior risk professionals, project managers, strategists, and thought leaders from across Europe and beyond. Its continued relevance lies not in ongoing events, but in its documentation of a critical transition period in how organizations began thinking about risk as an opportunity—not merely a threat.

Ownership and Origins of RiskZoneSummit.com

The Risk Zone Summit was organized under the leadership and moderation of Dr. David Hillson, widely known in professional circles as “The Risk Doctor.” Hillson is an internationally recognized authority in project risk management, author of multiple foundational texts, and a frequent speaker at global risk, project management, and governance events.

The RiskZoneSummit.com domain was originally registered to support the promotion and logistics of the 2012 summit. Like many event-specific domains of the era, it was never intended to function as a permanent content hub. After the event concluded and promotional needs subsided, the domain eventually lapsed.

Years later, the domain was acquired by an individual attendee who recognized its historical value and sought to preserve its legacy. Rather than repurposing the domain for unrelated commercial use, the new owner reconstructed portions of the original site using archived materials and contextual commentary, positioning it as a reference point for those researching the evolution of professional risk management discourse.

Location and Setting: Why Vienna Mattered

The 2012 Risk Zone Summit was held at the Austria Trend Hotel Savoyen Vienna, a location selected deliberately for its accessibility, professional atmosphere, and proximity to major European business centers.

Vienna was an especially appropriate host city for a conference focused on enterprise risk and governance. As a hub of international organizations, finance, infrastructure development, and regulatory bodies, the city has long represented a crossroads of structured planning and cultural tradition. Its central European location also made it easily accessible to professionals from Germany, Switzerland, the Nordic countries, Eastern Europe, and the UK.

The venue itself reinforced the tone of the event: formal, internationally oriented, and designed for high-level professional exchange rather than mass-market training.

Purpose and Vision of the Risk Zone Summit

At its core, the Risk Zone Summit was created to address a growing disconnect between how organizations claimed to manage risk and how risk was actually handled in practice.

By the early 2010s, most large organizations had adopted some form of risk management framework. However, studies from institutions such as COSO and PMI indicated that implementation remained fragmented, siloed, and often superficial. Risk registers existed, but meaningful integration into strategy and decision-making was rare.

The summit aimed to:

  • Move beyond theoretical risk frameworks

  • Address real-world application challenges

  • Explore risk at project, program, and enterprise levels

  • Encourage cultural change around risk ownership

  • Highlight how risk could be used as a strategic advantage

Rather than focusing solely on compliance, the conference emphasized risk intelligence—how organizations could better understand uncertainty, capitalize on opportunity, and avoid blind spots.

The Role of Dr. David Hillson (“The Risk Doctor”)

Dr. David Hillson’s involvement gave the summit both credibility and coherence. By 2012, Hillson was already internationally recognized for his work in:

  • Risk-based decision-making

  • Enterprise risk management

  • Project risk modeling

  • Risk maturity assessment

  • Risk leadership and governance

His ability to translate complex risk concepts into accessible, practical frameworks made him an ideal moderator for a multi-disciplinary audience.

Rather than positioning himself as a lecturer, Hillson curated the summit as a dialogue—connecting enterprise executives, project managers, consultants, and risk specialists in a shared exploration of how risk thinking could evolve.

Summit Structure and Format

The Risk Zone Summit followed an intensive two-day format designed to balance theory, case studies, and discussion. Sessions were organized into two parallel tracks:

1. Risk at the Project and Program Level

2. Risk at the Enterprise and Strategic Level

This structure allowed attendees to engage with content relevant to their roles while still understanding how risk thinking scales across an organization.

Key features of the summit included:

  • Keynote presentations by industry leaders

  • Case studies from multinational organizations

  • Interactive discussions rather than passive lectures

  • Networking sessions with senior practitioners

  • Emphasis on applied, real-world lessons

Unlike many conferences of the era, the summit intentionally avoided sales pitches and vendor-heavy agendas.

Speakers and Institutional Representation

One of the defining strengths of the Risk Zone Summit was the caliber of its speakers. Presenters included senior professionals from:

  • SAP

  • IBM

  • Transport for London

  • Alcatel-Lucent

  • Austrian Airlines

  • PMI leadership

  • ISACA

  • Enterprise risk consultancies

These were not abstract academics but practitioners responsible for managing real operational, financial, and reputational risks at scale.

Topics addressed included:

  • Integrating risk into corporate culture

  • Aligning risk appetite with business objectives

  • Managing risk across portfolios

  • Behavioral and human factors in risk management

  • The relationship between governance and uncertainty

  • Balancing risk mitigation with opportunity creation

Cultural and Professional Significance

At the time of its launch, the Risk Zone Summit stood apart from traditional project management or compliance conferences in several ways:

  1. It framed risk as a strategic asset, not merely a threat.

  2. It addressed cultural barriers, not just technical frameworks.

  3. It attracted senior decision-makers, not just operational staff.

  4. It emphasized maturity and judgment, rather than checklists.

This positioning resonated particularly with professionals who felt constrained by overly bureaucratic risk processes that failed to reflect real-world complexity.

The summit also arrived at a pivotal moment following the global financial crisis, when organizations were increasingly aware that risk blindness—not risk itself—posed the greatest danger.

Audience and Professional Reach

The audience for RiskZoneSummit.com and its associated event was highly specialized. Typical attendees included:

  • Enterprise risk managers

  • Program and portfolio managers

  • Strategy and governance professionals

  • Senior consultants

  • Internal auditors

  • Compliance officers

  • Project management executives

What distinguished this audience was its level of experience. Unlike entry-level training conferences, the summit catered to professionals already embedded in decision-making roles, many of whom were responsible for shaping organizational policy.

This focus contributed to the summit’s reputation as a high-level, intellectually demanding event rather than a mass-market conference.

Reputation and Professional Reception

Feedback from attendees consistently highlighted three qualities:

  1. Depth of content – Sessions went beyond surface-level frameworks.

  2. Quality of participants – Peer discussions were as valuable as presentations.

  3. Practical applicability – Ideas could be applied immediately in organizational settings.

Senior figures in project management and risk governance publicly praised the event for its thoughtful structure and maturity of discussion. Many noted that it stood apart from typical PMI-style conferences by focusing less on certification and more on strategic insight.

Why the Site Still Matters Today

Although the Risk Zone Summit occurred in 2012, the themes it addressed have only grown more relevant:

  • Enterprise risk integration

  • Organizational resilience

  • Strategic uncertainty

  • Governance failures

  • Cross-functional risk ownership

In an era defined by global pandemics, cyber threats, supply chain disruptions, and economic volatility, the questions raised at the summit remain unresolved in many organizations.

RiskZoneSummit.com now serves as a digital artifact of a formative period in risk thinking—capturing a moment when professionals began seriously challenging siloed approaches and advocating for enterprise-wide risk intelligence.

Preservation and Revival of the Domain

The modern iteration of RiskZoneSummit.com exists primarily as an archival and educational resource. Its preservation reflects a broader trend among professionals who recognize the historical value of early thought leadership in emerging disciplines.

Rather than allowing the domain to be repurposed for unrelated commercial use, its current stewardship focuses on:

  • Preserving original intent

  • Documenting the conference’s impact

  • Pointing users toward authoritative risk resources

  • Maintaining continuity with Dr. Hillson’s work

This approach aligns with the values of the original summit: thoughtful stewardship, long-term thinking, and professional integrity.

Cultural and Educational Legacy

While the Risk Zone Summit itself was a one-time event, its legacy persists in several ways:

  • The continued influence of its speakers in global risk discourse

  • The normalization of enterprise-wide risk thinking

  • The shift toward viewing risk as both threat and opportunity

  • The professionalization of risk leadership roles

In hindsight, the summit can be seen as part of a broader movement that helped elevate risk management from a technical function to a strategic discipline.

Why RiskZoneSummit.com Still Matters

RiskZoneSummit.com is not merely a historical website—it is a window into a pivotal moment when risk professionals began redefining their role in modern organizations. Through its association with Dr. David Hillson and its emphasis on practical, enterprise-level thinking, the summit helped push risk management toward greater maturity and strategic relevance.

For researchers, practitioners, and students of organizational risk, the site offers valuable insight into how today’s best practices evolved. Its continued existence ensures that the lessons, conversations, and ideas from the 2012 Risk Zone Summit remain accessible to those seeking to understand not just how to manage risk—but how to think about it.

 

RiskZoneSummit.com