For many executives, effective risk management means that they don't get into trouble with their supervisory authorities. Due to their role the latter are hardly interested in the 'upside' of risk. It’s their duty to minimize the downside.
Risk management brochures and articles try to escape from this compliance focus. In rapidly changing times, they state, steersmen must effectively navigate turbulent waters. Understanding and managing risks is therefore imperative for successful leadership.
During training, board members are taught to ask about the top ten risks. That is apparently a sign that management has thought carefully about their vulnerabilities and that they have taken suitable action to mitigate them.
Many consultants proclaim that it is profoundly unwise not to implement risk management. It saves you from unnecessary pitfalls. And above all, risk management helps you achieve your goals. How on earth could it be redundant?
But wait a minute. Isn’t it, on second thoughts, some kind of a belief system? Could there be missionaries, believers and inquisitors who have a serious commercial interest in maintaining the system?
It is a rarity to encounter entrepreneurs, line managers or project leaders at risk management training courses, webinars and conferences. This is quite striking since risk management promises them to better achieve their objectives. Most of them are not stupid or ignorant. If it really would help them, wouldn't they all want to sit in the front row eager to learn how to take advantage of it?
There is no science called 'riskology'. In fact, a self-contained risk management world has been created with all kinds of consultant-recommended practices. Those methods must then be integrated into the existing management cycle. Unfortunately, the chance of encountering success stories is pretty small.
ISO 31000 states that risk management is effective if it is embedded in decision-making. To what extent does conventional risk management really help line and project managers to make better decisions? Reality is that it has become an accountability tool in practice. That is quite different from a tool for achieving your goals under uncertainty.
Please check for yourself to what extent decision-makers need separate risk management if the following applies.
They understand that their objectives are about creating and protecting value for their core stakeholders. They take looking ahead seriously as part and parcel of their regular management responsibilities. They ask questions like: what can happen that could help or hinder the realisation of our objectives? They try to make realistic estimates of possible positive and negative effects on the interests of their stakeholders.
They demonstrate that they are consequence conscious. They are aware that they have options to act or to refrain from acting. They consider the possible consequences of their options on the competing or even conflicting interests of their stakeholders. They take unwelcome information into consideration as well.
They show that they have the right competences to weigh the potential positive and negative effects of their decisions. They also display a mentality that leads to balanced decisions and honest reconciliations of dilemmas.
Marinus de Pooter (nl.linkedin.com/in/marinusdepooter) is owner of MdP | Management, Consulting & Training