#54 – RISK MANAGEMENT IS ON RISKY GROUND – TONY BENDELL

Tony BendellDear friends we live in depressing times. Our media is full of failing and failed organisations. From the Financial crises to the BBC, from the IRS or the Veterans Health Administration to the UK Houses of Parliament, all around us is the evidence that our systems and safeguards are failing to protect the stakeholders from the slings and arrows of outrageous management, and an ever more demanding and volatile environment. Clearly, modern life has an enormous dependence on the integrity of human systems.

SO, IS OUR RISK MANAGEMENT UP TO THE JOB?
However, “Risk” is itself a human construct; our way of coping with, and trying to predict and manage the unknown. It reflects the fact that: “Organisations of any kind face internal and external factors and influences that make it uncertain whether, when and the extent to which they will achieve or exceed their objectives” (ISO 31000:2009).  “Risk” is then defined as the effect this uncertainty has on the organisation’s objectives. This view of risk as a human construct is valid, whether or not one believes in a probabilistic, or a deterministic universe. And we may have got it wrong; for the contention of my recent book `Building Anti-Fragile Organisations; Risk, Opportunity and Governance in a Turbulent World`  (Gower June 2014) is that, despite good intents, much of Risk Analysis and Management as we know it today is part of the problem, not of the solution. The argument is that the way we conceive and approach Risk and its Management, has led to increased exposure and fragility.

The core of this argument is based on application of the Anti-Fragility concepts of Nassim Taleb, the author of The Black Swan, who has been extensively lauded for his insights into the recent banking and economic crisis. There is no doubt that whilst Taleb is a Professor of Finance, much of his arguments about risk, and in particular his emerging view of Anti-Fragility, apply also in other domains, such as companies, Healthcare systems and Organisational design and management.

Organisations and systems may be Fragile, Robust or Anti-Fragile.

  • Fragile refers to systems and organisations that can be easily damaged by changes or shocks in the external or internal environment.
  • Robust refers to systems and organisations that are able to withstand such adverse conditions.
  • Anti-Fragile refers to systems and organisations that, like biological systems, are more than just robust and within limits actually improve their resilience through being stressed.

Anti-Fragility is a new way of thinking about mitigating risk. With this view, to find out about risk avoidance, mitigation and management in human systems we focus on the analogous characteristics of biological systems that, being more than just robust, actually improve their resilience through being stressed.

Applying this concept to the development and management of organisations, systems, services and products of all types, allows us to identify the characteristics of these that will not only mitigate against the realisation of hazards, but will enable growth in protection over time. At the organisational level, Anti-Fragility (or not) is defined by the Organisational Strategy, Structure and Systems, its People, Relationships and its Culture. We can then Build Anti-Fragility (or not) into our products, services, markets, use of information and technology base.

Risk Management, like Quality Management Systems and ISO9001, are inherently Anti-Fragile features within organisations. But there is a big `BUT`. The way that these systems are implemented are themselves typically Fragile, rather than Anti-Fragile. They are typically formalised, delegated to middle management, routinized and automated. Their information base is typically inadequate and untimely. Decision making under threats lacks clarity, determination and learning.

Globally our organisations and systems are failing with increasing frequency and the Risk and Quality professions appear to be ignoring it. And perhaps not unreasonably, since they are concerned with keeping the Risk Management andISO9001 systems running, not the whole organisation; that`s for the big bosses, way above our heads!

Maybe this view is right, or maybe we have forgotten what Risk Management and Quality Management are really about. It’s easy to dismiss the elephant in the room, when it’s not your room. The problem can be tackled. Anti-Fragility gives us a coherent framework for unifying and utilising an impressive arsenal of already existing approaches and methods to take Risk Management and Quality Management from the reactive to the proactive. But changing ourselves, our practice, is the hardest type of change. For more details see  
www.theanti-fragilityacademy.com
 or email me at tony@theanti-fragilityacademy.co.uk

Tony BookFor more information on this fascinating topic, purchase Building Anti-Fragile Organizations at: http://www.gowerpublishing.com/isbn/9781472413895