VOSE | Our history building risk analysis software since 2008
Vose Software company logo

History

Building quantitative risk software since 2008

Vose Software was founded by David Vose and Timour Koupeev, two friends who had built their careers providing quantitative risk analysis consulting to governments and businesses in a wide range of fields.

David and Timour found that the risk analysis software available at the time were very limited in the capabilities they provided, making it a struggle to build risk analysis models that were compact, easy to understand and a good reflection of the problems they were trying to describe. Vose Software was created to offer a much richer choice of risk modelling tools.

ModelRisk risk analysis software logo

ModelRisk

In 2008, the first version of ModelRisk (our Excel risk analysis add-in) was launched. It represented a quantum leap in risk modelling capabilities, introducing innovative new features like copulas, time series, aggregate functions, electronic results graphing and sharing with ResultsViewer, as well as greatly extending the range of probability distributions the modeller could choose from, and much more. The influence of ModelRisk on the market is obvious – every serious challenger to the risk analysis Excel add-in market attempts to include at least some of ModelRisk’s features, though with debatable success.

Since 2008, we have continuously improved the capabilities of ModelRisk, releasing a major update at least once a year on average, and ModelRisk remains easily the most powerful tool in its field. In fact, no competing product has yet managed to offer the range of capabilities that ModelRisk offered back in 2008.

Tamara project risk analysis software logo

Tamara

In 2014, a customer approached us with a unique challenge. They wanted to be able to perform rolling risk analyses on the decommissioning of one of their nuclear power plants. The problem was that this was the largest decommissioning ever undertaken, with a project plan containing well over 50,000 tasks, and no project risk analysis software on the market could cope with such complexity. In response, we developed Tamara – our project risk analysis software. Building a risk analysis simulation tool that could handle such immense projects meant we needed a simulation speed that was orders of magnitude faster than anything available, so we set about building a simulation engine from scratch, using every trick we could think of to optimise the speed. The challenges didn’t stop there, however. Risk and uncertainty can take many forms and have very different effects on a project plan, so we gathered together a panel of a dozen World experts on project risk and asked them to describe all the different ways risk can affect a project, then made sure that Tamara was able to describe those effects. Tamara was released at the end of 2016 as a commercial product, and has been continuously updated to include new features. For example, Tamara is now able to perform multiple simulation runs and automatically compare scenarios or risk management strategies. We have also built a spreadsheet tool, similar to ModelRisk, directly into Tamara so one can, for example, use the spreadsheet to describe complex risk issues like the effects of weather, or intricate conditional pathways. The spreadsheet can also be used to evaluate the full discounted cashflow of an investment by incorporating delivery costs and delays directly into the analysis.

Pelican risk register logo

Pelican Risk Register

In 2017, we released the first version of our Pelican. fully quantitative risk register. Back then, enterprise risk registers were mostly drawn up each quarter to satisfy reporting regulations. Risk registers were seen as a box-ticking exercise that should be done as quickly and cheaply as possible. GRC system vendors promoted their products on how much time you can save doing this tedious task. Almost every risk manager was using risk registers with Low, Medium, High estimates of likelihood and impact, and risk scores, counting up how many red, orange and green risks were listed to get an ‘aggregate risk exposure’. We came with a different approach, designing a risk register application that would bring real value to a business by optimising its understanding and management of risk. We incorporated bowtie analysis, risk tolerance profiles, multiple impact dimensions and integrated Monte Carlo simulation from the get-go, and over the years have added many features that are only possible with a quantitative system – capital allocation calculations, insurance optimisation, risk treatment cost efficiency optimisation, to name a few. The Pelican Risk Register was a bit ahead of its time, and we struggled to convince people of its value. The came COVID. Risk managers were shocked to find that they couldn’t turn to insurance to solve all their problems, and they had no tools to address the complexity of interconnected risks. Suddenly, the Pelican Risk Register made sense. Regulators are now demanding that large organisations scrap their risk scores and take a fully quantitative approach to risk registers. Even FERMA, an organisation that has barely mentioned risk quantification before, is now promoting risk quantification as the most important next area for risk managers to address.

Pelican integrated risk management software logo

Pelican Integrated Risk Management

Gradually, we have added risk analysis capabilities to Pelican for C-suite and senior managers. These capabilities have been focused on two main goals:

  • to bring together and harmonise the work of the various professional disciplines that do some sort of risk analysis within an organisation
  • and to combine that work so that the organisation’s leadership is able to make the best possible risk-based decisions

The capabilities became so extensive that we combined them to create an extension to the Pelican Risk Register, and called it Pelican IRM. Pelican IRM provides risk solutions for every leadership role: from the CEO looking to understand what most threatens achieving the organization’s objectives; to the CFO who needs to understand whether the business is taking on too much (or too little) financial risk. From the CISO who needs to find cost-effective ways to address cyber security; to the COO who needs to ensure business continuity and consistency; and the CBO who needs to find the right balance of new investments and divestments.