Intelligent risk management shouldn’t be all defence.
With risk comes business opportunity, and capitalising on this is key to adding project rigor, while also adding value to the overall enterprise.
This realisation is prompting many forward-thinking organisations to reevaluate older approaches to risk management. The goal is to transform the way their people think about risk – as a robust, intelligent, even proactive engagement.
After all, risk is everywhere, especially when you look at the global potential for disruptive events. The World Economic Forum’s 2018 report on global risk found 60% of respondents (made up of 1,000 experts and decision-makers) were bracing for risk ahead. Only a small fraction — 7% — predicted less risk in our collective futures.
If you plan on spending any amount of time in 2019 re-thinking your risk management strategy (we suggest you should!), here are a few key things to consider:
Sweat the small stuff
One truth about risk is that anyone can make mistakes. That’s why it’s so important to make sure your projects and programmes are solid from the ground up. Refresh yourself on the fundamentals with this simple but effective framework Victoria University developed for the study of project management.
Evaluating risk properly requires:
- Making risk management an “integral component of decision-making in projects.”
- Understanding the threats and opportunities and how they map in relevance to the project itself.
- Applying tools and techniques with a critical lens.
- Analysing risks as part of a larger plan.
- Evaluating the responsibilities of personnel assigned to “manage, monitor and control project risks.”
It may seem rudimentary but the Project Management Institute labels project risk management as the “least understood — and most effective — tool project managers can employ to increase the odds of project success.”
Foster an intelligent risk culture
Risk management can’t fall on singular shoulders. Everyone on a team, project or within a company should be responsible for viewing risk in an intelligent way.
Following the Global Financial Crisis and the Royal Commission into the Home Insulation Problem (HIP), the Public Service Commission shared a clear-eyed take on how a lack of an intelligent risk culture can have a major impact:
“A crucial step in risk management, understanding the operating environment, was skipped entirely in favour of identifying internal or procedural risk,” the report documented. “Responsible officials did not demonstrate capability in assessing, documenting and analysing risks within the broader context of the industry. Nor did they employ information from similar program roll-outs in order to assess emerging problems as they manifested. Effective risk management was hampered by poor understanding of industry dynamics, of regulatory frameworks, and of how government intervention would impact the existing industry and behaviour of individuals within it. Time pressures exacerbated the failures.”
It goes on to discuss the issue of culture: “A lack of responsibility and accountability for managing the risks also proved to be a major problem. Responsibility for risk was abrogated. Hanger [the head of the inquiry] found a governance structure in which no-one seemed to accept personal accountability for ensuring that risks were appropriately managed. Teamwork became a convenient excuse to cloak individual responsibility. Internal management structures prevented effective review and oversight of risk management once things started to go wrong.”
But what can be done?
In one discussion on how Chief Security Officers can think of risk in a more intelligent and holistic way, there emerged four key takeaways:
- Be proactive. Sometimes you have to seek out risks to truly understand them.
- Leaders need to share mistakes more openly.
- Front-line decision makers can’t be expected to “connect the dots” without a truly aggregated view of risk — a state upon which project and programme managers can have a major impact.
- Clarity begets accountability. Don’t assume everyone knows the corporate appetite for risk. Spell it out.
Create a strong feedback loop
Once the basics are established and a culture of accountability has taken root, there’s still more to be done. As projects and programmes mature and risks change, a strong feedback loop is critical for making sure objective performance metrics get fed back into the decision-making cycle.
“Well-crafted feedback loops support self-correction and continuous improvement by adjusting a process according to the variances between actual and desired performance. As a foundational component of the scientific method, the feedback loop has long been an essential tool used to support advances in many fields, including economics, engineering, and medicine,” explains one leading organisation for accountants on the topic of risk.
Risk, meet return
In all, project and programme professionals are critical players when it comes to evolving risk management into a place where enterprises can do more than just simply avoid risk. They can instead wield a tremendous amount of influence on overall business agility at a time when it’s needed most.
The key is remembering the basics, helping to create a corporate culture where everyone is given the necessary tools to be accountable, and by creating strong, self-sustaining feedback loops.
If your organisation needs assistance assessing risk and delivering projects or programmes, contact us today on +65 6818 5771.