5 Mental Models That Changed How I Think About Risk

Three years ago, I deployed a database migration on a Friday afternoon. The rollback plan was "it'll be fine." It wasn't fine. That weekend taught me more about risk than any textbook ever could.

Since then, I've become a student of risk -- not the financial kind specifically, but the general skill of thinking clearly about uncertainty. Here are five mental models that fundamentally changed my approach.

1. Margin of Safety

Warren Buffett never buys a stock unless it's trading well below his estimate of intrinsic value. The gap between price and value is his "margin of safety." If his analysis is wrong by 20%, he still doesn't lose money.

I apply this to system design. When estimating server capacity, I don't plan for expected peak load. I plan for 3x expected peak. When setting deadlines, I don't commit to the optimistic estimate. I add buffer.

The margin of safety isn't pessimism. It's acknowledging that your estimates are always wrong in some direction, and building room for that error.

2. Asymmetric Risk-Reward

Not all risks are equal. Some bets have limited downside and unlimited upside. Others are the reverse.

Consider two scenarios:

• Scenario A: You spend a weekend building a side project. Downside: you lose a weekend. Upside: it could become a product, a portfolio piece, or a learning experience.
• Scenario B: You skip writing tests to ship a day faster. Downside: production outage, customer data loss, regulatory issues. Upside: you saved eight hours.

Scenario A is asymmetric in your favor. Scenario B is asymmetric against you. The skill is recognizing which type you're facing before you commit.

3. The Pre-Mortem

Gary Klein's pre-mortem technique asks you to imagine that your project has already failed, then work backwards to figure out why.

Before every major launch, I run a pre-mortem with the team. "It's six months from now. This project was a disaster. What happened?" The answers are always more honest and specific than anything a risk assessment spreadsheet produces.

Common findings: "We didn't test with real user data." "The third-party API changed and we had no fallback." "The team lead left and nobody else understood the architecture."

These aren't hypothetical -- they're the actual failure modes hiding in your project right now.

4. Redundancy vs. Efficiency

Nature doesn't optimize for efficiency. You have two kidneys, two lungs, and far more neural connections than strictly necessary. That redundancy is what makes biological systems robust.

In engineering, we face constant pressure to optimize: fewer servers, less code, smaller teams. But efficiency and resilience are often at odds. The most efficient system is one where every component is fully utilized with no slack -- and it's also the most fragile.

I learned to ask: "Where in this system would a single failure cascade into total failure?" Those are the places that need redundancy, even at the cost of efficiency.

5. Ergodicity

This one is subtle but powerful. In an ergodic system, the time average equals the ensemble average. In plain English: what happens to one person over many tries is the same as what happens to many people in one try.

A coin flip is ergodic. Russian roulette is not.

If 1000 people play Russian roulette once, about 833 survive. But if one person plays it 1000 times, they're dead. The ensemble average (83% survival) is meaningless for the individual.

Many career and financial decisions are non-ergodic. The average outcome across all possible paths is irrelevant if one path leads to ruin. This is why avoiding catastrophic downside matters more than maximizing expected value.

Putting It Together

These models share a common thread: risk management is not about predicting the future. It's about structuring your decisions so that you survive being wrong.

I've been cataloging these kinds of principles -- from Buffett's margin of safety to Munger's inversion -- and found that having them organized in one place makes a real difference. The principles collection on KeepRule does this well, grouping decision-making frameworks by theme so you can actually reference them when it matters.

The goal isn't to eliminate risk. It's to take the right risks, with the right safeguards, at the right time. These five models won't make you clairvoyant. But they'll make you harder to kill -- professionally and financially.