As a leader, I am expected to make decisions all day – every day. Some decisions are huge, possibly critical to my business or people, while others are minor. Making sure that these decisions are as good as they can be at the time of decision is vital.
There is risk in every decision. Risk of failure, and risk of success. I try to reduce the risk of failure, and increase the risk of success in all the decisions I make. How do I do that, you may ask, allow me share my secret…
The Risk Process
Managing risk is not exactly a new science. Humans have managed risk since the dawn of time, trying to survive in a harsh environment. There should be no surprise then that risk management process’ exist. Depending on your sector, terminology may differ, but the steps of the risk process remain the same.
Good news: you don’t need to be an expert in risk to successfully manage risk.
The risk process can be summarized in these steps:
1. Risk Assessment
- You identify the risks involved.
2. Risk Evaluation
- Evaluate each risk and it’s severity,
- Classify them by severity and likelihood,
- Analyze the possible outcome(s) of the risk.
3. Risk Management
- Decide how to handle each risk. There are two main things you can do:
- Accept the risk: You accept that this risk may happen, and choose not to do anything about it
- Mitigate the risk: You decide that the risk is not acceptable, and choose to change its impact.
4. Evaluate and Review
You monitor your process, and make changes as you progress. You may receive new information later that changes the way you perceive some risks. The more you know, the more accurate your map.
There is risk in every decision. Risk of failure, and risk of success.” ~Kai Roer Tweet this!
How Much Risk Analysis Do I need To Do?
The answer is entirely up to you, your organization and the situation. Sometimes your decision require a rigid process where you must document and analyze many different aspects. Other decisions can be made without writing anything. The secret lies in a list of questions.
The questions follow the process outlined above, and are designed to help you make better decisions.
Questions
- Identifying risk:
What can go wrong?
What is the desired outcome? - Evaluating risk:
What can happen if things go wrong?
What happens if we do not get the desired outcome? - Mitigating risk:
What can I do to change the outcome?
Do I want to change it? - Evaluation:
What did I just learn?
How can I reapply that in this decision? - Do I make this decision, yes or no.
The last question is critical. The whole reason behind using a risk process is to help you make better decisions so you can run your company better.
Choosing Right
As you have observed by now, each of these questions can be expanded as needed. This means that if there is an easy decision to be made, you can just run through the questions in your head. If there is a tough decision to be made you can use the exact same process and questions to document the risks involved.
One last note – there are always risks involved which we are not able to identify. I call these Blind Spots. Watch for them!
How do you manage risk in your decision making? Are you concerned with the unwanted outcomes your decisions may create?
Risk practitioners generally failed to address these underlying human aspects. Since the publication of the Basle accord, ISO 31000 and other standards and regulations, it has often been argued that compliance with these standards and regulations will mitigate and control risk, but this is only true if the standards and regulations are embraced in an effective Enterprise Risk Management Culture. Just like the policies, procedures and systems, these are worthless if human attitude, acceptance and desired response lack.
Addressing the aspect of people risk is the only way an organisation can improve the results of how their people respond to a situation of risk and the effectiveness of their risk management function. No organisation can ever have a perfect risk management culture, but organisations can achieve a level of maturity where they have an effective risk culture process and every employee is risk-minded and does something on a daily basis to mitigate, control and optimize risk
The development of Risk Culture Building is focused on awareness and training in business ethics and human behaviour, as mentioned, both the behaviours we want to encourage and the behaviours we want to avoid. Organisations should frequently evaluate the progress (or regress) they are making on the path to maturity and implement action plans.
Every business decision is a RISK decision; what is your level of risk intelligence and how is your Risk Culture?
Excellent questions and easy to put into practice immediately. Thanks Kai!
You’re very welcome!
Great tips and questions to ask to assess the risk. Love the practicality of your suggestions it makes it easy to understand and apply!
Thank you Heidi! That is the purpose – keep it simple, stupid!
Hei Kai
I like it when you choose to link risk to success, it reminds me of a couple of thoughts I have had on this subject, regarding probability of success and failure.
First, you can adress both at the same time, for there is one factor that will on the one side contibute to maximize the probability of success and at the same time contribute to minimize the probability of failure.
1) So… how to maximize the probability of success? Among the things a leader need to know about when decisions are made, is to know your business favourable position or competitive edge in the industry and marked. Knowledge of the use and consequence of these internal factors may hold the key for success. Of course there is also other factors, but this internal factor(competitive edge) you should know how to use.
2) But…how can this minimize the probability of failure? Knowing the factors that contibute to success, you will also find the factors that needs to be governed (protected, developed and monitored). This processes reduces the likelihood of failure.
So in my opinion a leader should therefore allocate resources to prioritize organizational analysis and development in this respect. Theses resources should then advise the leader before big decisions are made.
Hei Arild 🙂
I like your summed up definition of maximizing success also will reduce risk of failure. Great comment!
You are also right that my description is on the light side, and the process will benefit greatly from structure and organization. My claim is that the process is the same, no matter the size of the organization/team – and you are right that it must scale with the needs of the organization.
K
Thanks! Very practical approach to risk management. I found ‘risk of success’ particularly interesting. I have never considered success to be a risk. But with hindsight, I needed to manage my successes better. The risk of success is to relax, sit back and savor the attention. Going forward, I need to manage this aspect of my life and work better lest I’m broad-sided by not critically assessing why I succeeded.
Thanks for your comment, Kimunya. I find the comment by Arild above a nice summary of risk of success.
Particularly enjoyed #3 – Acceptance is always powerful.
It helps clear the mind of unnecessary chatter that gets in the way of decisions.
And some times we have no choice but to accept.
Greetings, Kai. Thank you for this great post. You have provided a great list of questions for us to use as we analyze the potential riskiness of our decisions. Applying your suggestions will certain increase decision quality among leaders. And yes – I certainly agree about the blind spots. Something of which we all should be aware.
Thank you very much, Kai Roer. This piece is just timely. Thanks for this too… “One last note – there are always risks involved which we are not able to identify. I call these Blind Spots. Watch for them!”
You are very welcome!
Thank you so much, Kai Roer. This piece is just timely. Thanks for this too… “One last note – there are always risks involved which we are not able to identify. I call these Blind Spots. Watch for them!”
Perfect detailing in getting through a SWOT analysis. Risks are exponential when we sidestep this process. Thank you!
Glad you liked it!
Thank Kai, leadership is full of decisions and every decision has some sort of risk attached to it. Its interesting to see how you put a complex internal process in type. When the decision is large with many major outcomes, I find my self writing things out. Many times this processes has become automatic.
You are absolutely right, the more decisions we make, them better we get at automation – for good and for bad (we may form bad habits). In the workspace, automation of risk management, and decision making, is evident too. Just think of any large enterprise you know, and how they deal with risk management. All their processes are there to help them make better informed decisions. Automagically 😉
Greeting, Kai. I appreciate you sharing your process on decision making and risk analysis. Your list of questions is a succinct way for one to think all decisions – big and small. And yes, those blind spots … great advice for all to be on the lookout. Thank you for this post.
Thank you 🙂
Thank you Kai. Very applicable tips in daily decision making.
Kind regards,
Joan
You are very welcome, Joan!
The Risk Management points – choose one of 2 -either accept or mitigate is right on. This is the focus and where decisions are made. It can be the place where procrastination hits. This is a good article to get leaders past that point!
I agree, procrastination is one way to avoid taking a stand. IMO, not making a clear choice of mitigation or acceptance is a failure – on the leaders part.
Kai – Thanks for giving us such a detailed look into your risk management process and the decisions that you ask yourself when making a risk assessment. I appreciate the immediate application! ~Alli
Thank you for seeing the benefits of applying such process’. Evaluate the risks of using this process before you implement it 😉