Tuesday, August 25, 2009

Do we risk too much by risking too little?

Government by nature is risk-averse.

There's very good reasons for this, as many decisions made by the government are life-influencing for large numbers of citizens.

For example, a simple policy change can have widespread, even catastrophic effects on certain groups in the community. Equally, bold sweeping changes can have significant political impacts, not always to the benefit of the party in power.

Therefore it is generally safer (and often required) for government organisations to be cautious in decision-making - spending the time necessary to ensure that as many voices and views are heard and making the minimum possible changes necessary to improve the system without damaging peoples' lives.

However risk-aversion can have its downsides,
  • change is generally slow to occur,
  • new ideas take a long time to be adopted,
  • decisions are sometimes considered in relation to risks alone - ignoring the benefits,
  • organisational structures grow rigid and hierachical - attracting people who seek to strengthen the risk-averse culture and are more resistent to change,
  • mistakes become seen as failures rather than learning opportunities,
  • managing costs is progressively more difficult (as savings come from reducing functions rather than employing innovative solutions),
  • the organisation can progressively become out-of-tune with it's customers and community - making it less effective at meeting its purpose.
More risk-tolerant organisations are better at resolving many of the challenges above. They are often more nimble and responsive, however may make more mistakes and errors.

Similar to the biological world, highly risk-averse organisations usually do better in stable and predictable environments which change slowly or not at all. Whereas more risk-tolerant organisations usually do better in fast changing and variable environments.

But here's the rub. Business environments are not uniformly stable or variable.

At any point in time some elements of an environment are likely to be quite stable - for example the laws and protocols defining an organisation's existence.

At the same time some aspects can be changing quite rapidly - such as the news of the day and the situations of customers and communities.

Other aspects may fall between the extremes, staff levels and skills and supplier prices.

One of the fast-changing areas is, naturally, online - which has evolved from basic text only bulletin boards twenty years ago (before the net) into real-time audio-video data exchanges today.

Where an organisation is risk-averse it is likely to be slower to enter the online arena, or make use of the tools and techniques available. This leaves the organisation behind the current trends in the community, potentially leaving many citizens frustrated and annoyed (as they cannot simply go online to do what they want to do).

Even worse this risk-aversion can lead to an organisation struggling to keep up, not having the inhouse expertise to fully understand and realise the benefits of emerging solutions that could save it significant costs or improve service delivery, or leaving the organisation potentially facing much larger 'catch-up costs' in the future.

In other words, by applying a risk-averse risk management approach to highly variable situations, an attempt at risk management can achieve the reverse - increasing the risk for the organisation.

So how does an organisation address this?

In my view it means we need to consider the rate of environment change in our risk management strategies - applying the appropriate approach for the environmental element.

Therefore while many areas within an organisation can make do with a risk-averse management approach, there must be sufficient flexibility within the system (or a different system entirely) for fast-changing and variable areas, which need a more risk-tolerant approach.

No comments:

Post a Comment