Risk Assessment Techniques – Showing What Matters with Pareto Charts

Almost  every business will have some customers or clients that are more important than others, and usually this will be based on the amount of money these clients spend.

Accordingly many businesses will also group or categorise their customers into different service levels designated by their importance, whether or not their customers are actually aware of this or aware of which category they fit into. 

Even if a business doesn’t really have specific key customers or clients in quite the same way, they will nonetheless certainly have groups of types of customers that represent their key client demographics. 

Of course revenue isn’t the only factor that businesses might consider to be important when they are designating their key customers, for example some of them might not buy a lot of products or services, but have a high reputational value or marketing value, for example if a celebrity, influencer or member of a royal family buys a particular fashion designer’s brand they might have an significant impact on the business’ brand awareness and then income, even if they don’t spend a lot directly.  

This works for bad stuff too sometimes, and businesses will often flag problem customers or clients when they find that a large proportion of problems or complaints seems to come from a few specific customers, or them may even choose to deliberately exclude certain demographic groups, for example car hire companies that only rent to people over the age of 21 or banks choosing not to offer accounts to certain types of e-commerce businesses.

The Pareto Principle

This idea is recognised in the Pareto Principle, also known as the 80/20 rule, which suggests that 80% of the consequences of something comes from 20% of the causes.

So 80% issues, problems and complaints a firm’s experiences come from 20% of its customers, and turning this around,  20% of a firm’s work leads to 80% of the results, and 20% of a firm’s customers will be responsible for 80% of it’s profits.

The Pareto Principle was identified and named in the 1940s by the Romanian American management consultant and engineer Joseph Juran, who himself was inspired by reading the work of Italian intellectual Vilfredo Pareto who was born in the 1840s, and whose research into land ownership and wealth showed that 20% of the people seemed to own 80% of the land.  

Juran applied this concept to business and put forward the idea that if 80% of a firm’s success comes from 20% of its activities and 80% of its problems from 20% of its deficiencies, then by identifying and concentrating on these areas for effort or improvement as applicable a firm would be able to greatly improve efficiency.

As someone who was particularly interested in quality management in processes  Juran envisaged that there would be substantial benefits from fixing the few parts of a process that caused 80% of the defects, rather than trying to deal with those defects once they had occurred. 

In the decades since, research has tried to apply and identify the Pareto Principle to a very wide variety of fields beyond economics and business, including health and safety, medicine, crime and policing, sports and information technology, with studies finding in all of these areas that the principle holds with reasonable accuracy. 

For example 20% of criminals causing 80% of crime, 20% of patients requiring 80% of health care resources, 20% of carriers of an infectious disease spreading it to 80% of those infected, (1) and as a compliment to  Juran’s idea about industrial processes for the information age, in 2002 the then Microsoft CEO Steve Ballmer suggested that 80% of the errors in Office and Windows were coming from just 20% of the bugs they had identified.

It’s been suggested that Juran’s ideas, which he shared during travel to Japan in the 1950s, were one of the influences that lead Japanese managers to develop ideas like the concepts of Lean management and Six Sigma, which are used very widely across the world today.

The Pareto Chart

The Pareto Chart is tool to identify and show which categories cause different levels of consequences. It’s a combination of a bar chart and a line graph and doesn’t require much knowledge of either statistics or spreadsheets to put together.

The bars show whatever criteria you are trying to analyze, starting with those events or cases that have the largest frequencies on the left diminishing to the lowest frequency on the right. The bars always go from the biggest to the smallest, left to the right.   

The line shows the cumulative percent of the weight of those criteria. This line will always go up left to the right, the bars will always go down.  

Here’s an example Pareto Chart showing causes of identified cyber or information security breaches as reported by more than 650 British businesses to the UK Government in 2019.

As you can see of 176 reported breaches or incidents around 45% of these were attributable to fraudulent emails or re-directions, and about another 16% to people impersonating or attempting to impersonate an organisation

The columns designating the frequency or volume of the categories or criteria get smaller as they go left to right, and the orange line showing the total cumulative percentage gets larger and will always end up at 100% if the data is complete. 

This chart doesn’t really show a full 80/20 Pareto Principle, in this case it is 61/22 but one of the main points to remember about Pareto Charts is that they don’t necessarily have to show the Pareto Principle to be effective or useful. In fact quite the opposite, because trying to force data to fit a principle rather than trying to see what the data shows you is going to lead to all sorts of problems with the conclusions drawn from it. 

There are always going to be issues as well in studies like this with the way the data is categorised, so in this instance nine specific categories have been chosen already. The results might be different if a different number of categories were selected. 

Though it is probably more commonly used to show negative things like breaches, problems or issues to be resolved, The Pareto Chart can be used to show positive criteria too like which customers your business derives most revenue from, which member of staff receives most positive feedback or which are the most popular items in a store.   

Things to Consider When Using Pareto Charts

One of the main things to think about is to be sure about what the chart is really showing you. Like in the example above we can see that fraudulent emails were the most common problem but this particular chart doesn’t tell you anything about the importance or value of that problem. Ransomware was a cause of only 7% of reported breaches but maybe it caused more financial losses than all the rest put together. This chart doesn’t show that.

So don’t forget the risk assessment principle of Impact V Likelihood. Something might occur very frequently but this doesn’t necessarily mean it is that important and vice versa. When you are thinking about applying solutions you need to look at both of these. 

How Can I Use the Pareto Chart?

If you are capable enough with Microsoft Excel or other similar programs then it’s pretty easy to do, and Excel even has function that will turn two columns of figures into a Pareto Chart directly. (3) If you are not strong with Excel then there is a guide here

Beyond making up charts however the value of the tool is as much about the idea and how it can be applied in a practical sense as is it plotting graphs…

  • where are you going to get most reward for your effort?
  • how can I use my time more productively?
  • what are the main things I can do to improve my business?
  • why do people most often fail when they are doing what I want to do?
  • do I need to make this thing perfect, or is “good enough” going to be ok?

Trying it Out

If you are still trying to figure out the idea why not have  a go by thinking about some different areas of your life and seeing if Pareto applies. Does 20% of the food you eat give you 80% of the calories you consume? Do you find that a few tasks seem to take up 80% of your free time? Does 80% of your stress come from a just a small number of activities or people? 

Like many of the other risk assessment techniques we have shared so far on Risks and Ventures, Pareto Charts can be used to support complex, technical work however the principle of the Pareto Chart – that most of the consequences of something come from a small number of causes – can potentially also be used with relatively low effort to identify key problem, opportunity and solution areas in many aspects of life.  


(1) At time of writing it’s too early to say whether this holds true for the COVID-19 / Coronavirus outbreak as there just isn’t enough evidence yet and knowledge about how the virus spreads, however it will be interesting to see whether this does follow an 80/20 pattern. 

(2) Cyber Security Breaches Survey 2019: Statistical Release, United Kingdom Department for Digital, Culture, Media and Sport, 3 April 2019  [Accessed: 4 May 2020]

(3) If you are not strong with Excel then there is a guide you can follow here



Leave a Reply

Your email address will not be published. Required fields are marked *