We have been thinking about what needs to be done in order to improve the overall effectiveness of the risk management process. One observation is that organisations tend to apply exactly the same process to all their projects irrespective of their size or complexity. What this means is that in some cases an organisation uses a ‘sledge hammer to crack a nut’ where a perceived bureaucratic, time-consuming process is applied to simple non-complex projects while in other cases a totally inadequate 'quick and dirty' process is applied to mission critical or large, complex projects. What is needed is a process that is scalable and therefore can be tailored to meet the needs of the particular project to which it is to be applied. The ATOM risk management methodology offers a fully-scalable risk management process which recognises that simple or low-risk projects may need just a simple risk process, while complex or high-risk projects require more rigour and discipline.