• About us
  • Raising the Bar
  • Raising your Game
  • The Extra G - Geopolitical
  • Risk Matters - Roundtables
  • Leadership Team
  • Events
  • Blog
  • Contact
  • Menu

The Risk Coalition

  • About us
  • Raising the Bar
  • Raising your Game
  • The Extra G - Geopolitical
  • Risk Matters - Roundtables
  • Leadership Team
  • Events
  • Blog
  • Contact

How to survive a world of uncertainty

July 18, 2023

Global pandemic, war in Europe, insurrection in Russia – every day, the headlines proclaim a new, dramatic development.  How many of them were on your list of emerging risks before they happened?  If your organisation is like most, the answer is probably “none”.  And that is not because the future is risky. It is because the future is uncertain. If you are the many, you probably think the two are synonymous.  But they are not, at least not to a statistician.

Risk arises when we know the range of potential outcomes for an event but not which one will take place. If you are playing roulette, for example, you know that the ball will fall on one of 37 (or 38 or 39, depending on the game) spots.  The chances of it falling on any particular spot can then be calculated.  But if you do not know the range of potential outcomes for an event, you cannot calculate probabilities.  We are managing risk – or at least trying to do so. But we are living in a world of uncertainty.  What will the impact of generative artificial intelligence on society be?  How well will we adapt to climate change?  What are the prospects for peace in Europe?  The range of possible outcomes is unknown. And therefore, statistics cannot help us figure out the likelihood of any occurring.

One of our most important risk management tools is stress testing.  Stress testing is a forward-looking exercise that aims to evaluate the impact of severe (or even extreme) but plausible adverse scenarios on firms.  Stress testing therefore relies on the notion that we know the range of potential outcomes.  But stress testing has other weaknesses as well. They rely on historical data to assign probabilities, thereby denying the possibility that the future may not be the same as the past.  Further, stress tests do not consider the behaviour of other stakeholders, an omission that ignores the fluidity of developments. For these reasons, stress testing cannot help us much in the effort to deal with uncertainty.

Nonetheless, there are tools that can.  The first is storytelling, that is, thinking about how developments might play out, who would be affected if they did play out this way as opposed to that, how those affected might respond and, in turn, how we might respond to them.  Telling stories – or drafting playbooks - can help us think about a broader range of outcomes than we might otherwise do.  It can also encourage us to consider the reactions of other stakeholders and how those reactions might affect our own.  Although we cannot predict what might happen, by developing play books we can try to be nimbler in in our response to developments.

Another tool that can help is reverse stress testing, which is – as the name suggests - stress testing backwards.  Rather than determine the impact of defined potential scenarios, reverse stress testing starts with an outcome – insolvency, for example – then asks what scenarios could give rise to such an outcome and – importantly – what we could do now to become more resilient.  In so doing, reverse stress testing forces us to consider a wide range of potential scenarios.  Equally important, it suggests mitigating actions we might take today to ensure we have the resilience to fight tomorrow, regardless of what befalls us.

Flourishing in a world of uncertainty takes nimbleness and resilience.  Writing play books and running reverse stress tests can help us develop both.

Kathryn Kerle is an experienced non-executive director and audit and risk committee chair.

Tags: Kathryn Kerle
Prev / Next

Blog

Featured
Apr 15, 2025
Vera Cherepanova
The future of ESG: navigating a fragmented landscape
Apr 15, 2025
Vera Cherepanova
Apr 15, 2025
Vera Cherepanova
Mar 6, 2025
Mo Warsame, Gavin Hayes
Internal audit and risk management must work together to navigate uncertainty
Mar 6, 2025
Mo Warsame, Gavin Hayes
Mar 6, 2025
Mo Warsame, Gavin Hayes
Sep 4, 2024
Polly Williams, Mia Harris
Three key threats of phishing to be aware of
Sep 4, 2024
Polly Williams, Mia Harris
Sep 4, 2024
Polly Williams, Mia Harris
Aug 25, 2024
Felix Ritchie
Principles versus rules in data and corporate governance
Aug 25, 2024
Felix Ritchie
Aug 25, 2024
Felix Ritchie
Jul 16, 2024
Jane Hunter, Mia Harris
How can you maintain high standards in your business without suffering burnout?
Jul 16, 2024
Jane Hunter, Mia Harris
Jul 16, 2024
Jane Hunter, Mia Harris
Jun 2, 2024
Afshan Moeed
Enforcement of individual accountability in UK banking: a new boardroom recipe for change or continuity?
Jun 2, 2024
Afshan Moeed
Jun 2, 2024
Afshan Moeed
May 28, 2024
Craig Morris, Mia Harris
Three exciting new developments for AI in 2024 that you need to know about
May 28, 2024
Craig Morris, Mia Harris
May 28, 2024
Craig Morris, Mia Harris
May 24, 2024
Stefan Hunziker
The stuff of nightmares: risk management is shut down, and nobody notices
May 24, 2024
Stefan Hunziker
May 24, 2024
Stefan Hunziker
Mar 20, 2024
Neil Tinegate
What should boards know about digital technology?
Mar 20, 2024
Neil Tinegate
Mar 20, 2024
Neil Tinegate
Mar 15, 2024
Francis Kean
The insolvency risk for company directors - are you swimming naked?
Mar 15, 2024
Francis Kean
Mar 15, 2024
Francis Kean
Feb 29, 2024
Andy Watkins-Child
Are you sitting comfortably?  Cyber risk, board attestations and the implications for NEDs
Feb 29, 2024
Andy Watkins-Child
Feb 29, 2024
Andy Watkins-Child
Oct 24, 2023
Mamun Madaser
Risk management and internal audit should collaborate to navigate the poly-crisis of risk
Oct 24, 2023
Mamun Madaser
Oct 24, 2023
Mamun Madaser
Oct 18, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 2
Oct 18, 2023
Jim Watson
Oct 18, 2023
Jim Watson
Oct 13, 2023
Nisha Sanghani
Risk management and internal controls: much (needed) work to do as a result of the proposed changes to the UK Corporate Governance Code
Oct 13, 2023
Nisha Sanghani
Oct 13, 2023
Nisha Sanghani
Oct 9, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 1
Oct 9, 2023
Jim Watson
Oct 9, 2023
Jim Watson