This is the second in a series of blogs on a Practical Risk Management Method or PRMM. At the bottom of this blog is a refresher of the other steps. This step’s premise is don’t separate your planning activities from your risk management activities. In other words:
Planning = Risk Management. Planning is ultimately about managing uncertainty which is a fancy name for Risk. At this point you may be saying:
- Of Course: we already do this. Good on you, see you at the next blog!
- Great Idea: this may be incrementally more work during the planning process but ultimately over all less effort for the organization.
- What is This Planning Thing you Speak Of: hmmm, we may have identified your top risk.
I am afraid I can’t help you if you fall into the last category but hopefully these blogs can help you if you with the first two.
Capture Risks as the Go By
Most planning activities generate assumptions, questions, issues and risks. Ideally you have a risk log or something similar and a process to revisit and evaluate these risks. This is standard fare but one thing to consider are the ‘Risks That Shall Not be Named’.
The Risk That Shall Not be Named
Here is a fun, career limiting thing to try at work. On the top of your risk register list something along these lines:
- The current President of ACME is myopic, suffers from dementia and should have retired 20 years ago, or
- The darling product the Vice President of Marketing loves so much is a dog and has drained the organization of resources and will never sell, or
- The Deputy Minister is a political hack with almost no organizational skills and a near complete lack of judgement other than kissing up to the Minister.
Okay, these fictional examples are a bit extreme but the point is that the risk that will inflict the greatest harm is either one you can’t predict (a Black Swan), one you don’t want to deal with (a Grey Rhino) or one that the organization does not want to talk about (the Gorilla in the room)*.
The trick for risk management is how to list these risks while not getting fired or having them sanitized down to meaningless. The solution, euphemisms, subterfuge and some good old fashion honesty can help… good luck with the last one.
(* Note, no animals were harmed in the creation of these metaphors).
Practical Risk Management – Steps
- Planning = Risk Management. Incorporate risk management into existing operational, tactical and strategic planning; don’t separate the two.
- Are You Any Good at Change? Evaluate how well your organization responds to change (e.g. when uncertainty becomes certain).
- How Strong is your ARM? ARM or Antifragile Risk Management is a system that focuses on building robust and resilient organizations.
- A Certain Test of Uncertainty. The organization’s risk/opportunity log is used to stress test the work done above.
- Don’t Stop. Modify/improve your plans and keep going. All of the above activities are meant to be both periodic (e.g. the annual planning process) or continuous.