March 2018 – A Photo A Day

Posted on by
1

Based on a promise to ‘Pay Attention‘, this is one of six blogs with the good intention is to publish a photo a day of my six month adventure in Vienna with a caption and thoughts on the image. Note that the publication date and the date when the photos were taken are not the same. Enjoy my (manly) scrap book for future memories… take that future dementia!

March 31

March 30

March 29

Easter in Vienna, the bunnies are everywhere!

March 28

Traditional clothing is still worn extensively during celebrations. One advantage is that the style is functional. Here you can buy a Dirndl for only a few hundred Euro.

March 27

A train on the U2 line crossing the Danube. Part of the extensive public transit service in Vienna.

March 26

This is the east entrance to the Hofburg, the former imperial residence. Now where I go for meetings.

March 25

Year round bikes are a key transportation means.

March 24

Street Trams (strassebahn) are still a key feature of public transit in Vienna. Most people are aware and accidents appear to be infrequent.

March 23

One of a number of churches in the inner city. This one is Schotten Kirchen. It is so named as it is near the former Shotten Tour/Gate in the old city walls.

March 22

Easter markets are smaller than their Christmas counter parts. Mulled wien, treats and crafts can be purchased in both.

March 21

Not all of the attractions in Vienna are vernable. A ‘social club’ is perhaps an example’

March 20

Detail of statutes gracing the top of the parliment buildings. Framed against an unusual blue Vienna sky.

March 19

Easter Decorations on a balcony of a business in the inner city. Similar decorations are placed on the barren branches of trees.

March 18

Horse drawn carriages are a touristic fixture. Here this one is riding toward the St. Peter Catholic Church in the inner city.

March 17

A detail of a decoration on a building (housing Chanel) showing the excellent public art.

March 16

Why Are You Here?

Posted on by
2

Sitting in my new office, in a new city, on a new continent in a different country than usual; a staff member asked me: ‘Why Are You Here?’.  A seemingly innocuous question that took me aback for a response.

Whoa…. Where Are You?

For those who faithfully follow my blogs (hey, it could happen), you will know that I snowshoe, cycle, hike, blog and generally hang out in north-central Alberta (aka the Edmonton area).  This past week has not been a normal one as I finished work with the Government of Alberta on Friday, hopped on a plane Saturday, landed in Vienna Austria on Sunday and started with an international organisation on Monday, whew.

The role? I am the Deputy Director of an international organization.  Lots more on the organization in coming blogs, but for now, Why am I Here?

Sooo, Why Are You Here?

Over the past two months, it has been a whirlwind both in Alberta and finalizing this sojourn to Central Europe.  So whirlwindy that time for simple questions such as Why Are You Here had barely time to be answered… until now…

Managing your Serendipity

To start, I believe in managed serendipity.  Take a read of the blog from a few years ago, but one theme of this life-philosophy is: a) answer the door when opportunity knocks, and, b) opportunity usually knocks when you are in the bath tub.  In other words, opportunity is seldom convenient.

One thing ends and another begins

The next reason to be here is that I just spent 3.75 years in a very good gig at the Government of Alberta within the Ministry of Advanced Education as the controller for a large IT shop.  A good gig is not the same thing as an easy one; nevertheless, I look back at the body of work my team accomplished with pride.

But, all good things must come to an end and the government has chosen to change how it delivers IT services toward a much more centralized model.  I really do wish the government the very best as it seeks to consolidate this critical function.  I have my own views on the merits of making things bigger but that is no longer my business.  Suffice it to say, when the music stopped I was left without a chair and was just as happy to be left standing.

The intention is to return to the government.  I am a few years away from my first retirement number so my preference is to at least arrive at that number and then see how the world looks.  I enjoy being a member of the Alberta Public Service but sometimes it is important to take a vacation from yourself.

Vienna – Not a Bad Place for a Break

Finally the last but not least reason is because Vienna is a cool city and the organization does important work.  I think there will be lots to learn and I look forward to cycling, walking and exploring this part of the world.

The Downside of Opportunity

Of course nothing is ever free.  The costs include the time and space from family, friends and familiar circumstances.  There is also always a risk of taking a risk.  Although I am guaranteed a job upon my return what it will be is an uncertainty.  Living in a city in which you feel like you are 3-year-old language wise is always humbling (my goal is to speak ‘not-bad’ very-bad German in six months).

I am Here to Scare Myself a Little Bit

So that is why I am here, to scare myself a bit, to contribute to a larger civil society via the organization and to learn/hone my professional skills in a different context so I can return to the Government of Alberta refreshed, retrained and refocused.

Wish me luck and look for more on Vienna, the organization and new adventures.

Organizational Efficiency and Control Model

Posted on by
Reply

Have you ever thought about how to make an organization more efficient?  At this point you are probably going yawwnnn, been there done that with:

  • Doing more with less (how many decades have we been doing this?)
  • Lean [Whatever] remove waste from a process.
  • Business Process Re-engineering
  • Total Quality Management
  • Lean Six Sigma

A Measure of Productivity

Despite the ‘efficiency-fatigue’ you may be feeling, by any measure we humans have become more productive.  Take a look at the following graphic from the United States on labor productivity.  American workers produce more than five times what their great-grandparents did in the 1920s.  While you could argue this has come at a high cost for the environment, climate change, labor rights, etc.; you have to admit this increase in productivity is impressive.  (Source: bls.gov/opub/…/labor-productivity-the-economy.).

Labor Productivity (US) 1947-2012

A Little Dab Will Do You

Do you notice the line?  It relentlessly increases decade over decade.  There are very few spikes or drops but the ascent continues.  Technology is one factor but another is the competitive process of organizations to be more productive/efficient.

Squeezing Out Your Family

Which leads us to the central model I want to propose.  Focusing on output-efficiency is fine up to the point when your workers go strike or stress leave. Alternatively, perhaps you cut one control too many and the auditors or the police are at your door.  In other words, organizations must balance improving their processes, their people and their need to govern and/or control everything.  These three factors form the Organizational Control and Efficiency Model:

Organizational Efficiency and Control Model

OEC Forces

  • Explicit efficiency seeks to reduce the cost of an output through better use of inputs and improved conversion of the inputs.  Six Sigma, lean manufacturing or Total Quality Management can help with this objective.
  • Implicit efficiency is the ability of resources (staff, contractors, etc.) to work effectively together toward a common objective.  Resources can be efficient despite poor systems and processes.  Alternatively, the poorly trained, disengaged or unmotivated resources can negate/thwart the most efficient process. Most business models acknowledge this through concepts such executive buy-in or proper change management.  Implicit efficiency is subtly bigger than these concepts, it is how well does your organization play together?
  • Controls ensure organizational objectives are achieved. This may be through governance, automated controls, segregation of duties, etc.  Controls protect the organization but are often a drag on explicit efficiency or can negatively affect staff morale (implicit efficiency).

More Important than Corners is the Middle and the Lines

While the three corners of the triangle are important, more important is the stuff in the middle and lines between the forces.  Organizational objectives ask strategic question such as:

  • Should we still be in this business?
  • Do we invest, hold or divest of a product, business or service line?
  • Are our people working on the right things?
  • How can we become more agile and responsive to our clients/customers/citizens?
  • Do we have the right infrastructure to accomplish our goals?

The lines represent both support and tensions between the three forces.  Some organizations have discovered that by focusing exclusively on explicit efficiency they have alienated their staff or run afoul of their internal processes.

Too many controls will impede an organization’s explicit efficiency and make the organization a death march to work for.  However, too little control can co-opt or corrupt people or processes.

Finally, implicit efficiency can give you a competitive advantage (google southwest airlines steward announcements; these are people following procedures to ensure good control of the passengers while having fun).  Disengaged or unmotivated staff can derail the best quality management program or find ways around the most elegant controls.

Building a Strong Triangle

What are your thoughts?  Should this be a triangle, square or an even more complex geometric shape?  How well is your organization at balancing these 3 forces?  Does this model help when talking about efficiency and organizational effectiveness?  Drop me a note with your thoughts.

The Dice Game…

Posted on by
Reply

Okay, this is a bit of departure from social, economic or business thoughts – but heck, it is my website so I get to post whatever I like!

Dice as a Means to an End

I recently taught the dice game twice in the past few weeks. I had to remember the rules so I thought I would jot them down for future reference. My good friend Darryl N. taught my family this game decades ago and we have evolved the rules since then.  Many families I have come across have played variations which I have incorporated.

I like this game primarily because the play is simple and it can be scaled up or down to the either children or adults.  It is both competitive and cooperative and for younger players, it teach strategy, decision making a rudimentary statistical calculations.

Objective:

  • Be the first player to get more than 10,000 points.
  • Variation, if played exact, the winner must get exactly 10,000 points.
  • The amount can be adjusted to accommodate short play times (e.g. play to 5,000).

Equipment and roles:

  • Five die
  • 1 scoring sheet divided into the number of players.
  • 1 Score keeper.
  • 2 or more players.
  • Optional: mulligan markers (see below for Children’s variations).

Scoring:

  • 1 and 5’s score 100 and 50 respectively.
  • Three Of Kind (e.g. 3 Twos) score the number X 100 (e.g. 3xTwo’sx100 = 200).
  • Four of a kind = double three of kind (e.g. 4xTwo’sx100x2 = 400).
  • Five of a kind = double four a kind.
  • A five die straight in one role = 450 points.
  • Five ones in one roll = 10,000 points and automatically wins the game.

Rolls:

  • On the Board: 500 points is required to be on the board
  • Once a player is on the board, they can accept lower point rolls.
  • A roll must have at least one scoring die to be counted (e.g. a 1, 5, of-kind or straight)
  • A roll without a scoring die is a bust.
  • If all dice are scoring, the player must roll all five.
  • If there are non-scoring dice left after a player has taken their points, the next player can roll these dice and build on the previous points.
  • A straight must be immediately scored and then passed on to the next player who will roll all five dice. A straight cannot be used to get on the board.

Rule Variations:

  • If playing exact to 10,000 then the following variation is used to manage rolls that are passed on:
    • If a player rolls at least 500 points and the next player needs less than 500 points to get exactly 10,000, then the roll pass by the second player to the next player.
    • If the next player similarly needs less than 500 points, it pass on to the next player.
    • This continues potentially around the table to the original player.
    • If no player can build on the dice because they all require less than 500 points, it is considered a bust and the natural next player rolls the dice.
  • If playing with children, mulligans can be used:
    • Based on the age of the children, mulligans can be provided.
    • For example, six and under perhaps 6 mulligans, older than six, one less mulligan per age until zero mulligans at age twelve.
    • Mulligans can be used either at any time or only on a single die roll per house rule.
    • A mulligan can be a chip or a piece of candy.
    • If candy, if the mulligan is taken, the player gets to eat the candy.  Any mulligans not used, either the player gets the remaining candy or they must be given to the winner as their prize.
    • The overall intent of the mulligans is to get younger children engaged in the game, teach them strategy and the value of delayed gratification.  Adjust the above rules as required.
  • If playing with adults, a gambling element can be used:
    • Each player must pay for a bust.
    • If they have not reached the minimum 500 points to get on the board, they pay the pot a fixed amount (e.g. a penny or nickel).
    • Similarly if they bust, even after being on the board, they must buy the roll.
    • When a player is down to a single die and wishes to roll that die, they and the other players can bet against the pot.
      • This is done by putting one or more bets in.
      • If the resulting single die is a one or five, the bettors keep their bet plus a payout equal to their bet.
      • E.g. if they bet two nickels, they keep their nickels and draw out two other nickels from the pot.
      • If the resulting roll is not scoring, all players contribute their bets to the pot.
      • They player who wins (e.g. past 10,000 or exact), receives the pot.

Has your family ever played Dice or do you have a variation that you want to share?  If so, drop me a note and I will list them here.

Other Links and Variations

Managing Voldemort Risks

Posted on by
Reply

“Voldemort Risks” are unspoken that employees avoid naming due to fear or cultural pressures. It highlights historical examples, like Enron and the Challenger disaster, emphasizing the need for risk identification through methods like whistleblower protections and fostering a high-trust culture. Identifying these risks can improve organizational resilience.

Continue reading

Cascading Risk Management

Posted on by
1

I have been thinking about risk management a lot and how to make it as effective as possible.  One concept that I have not seen but I would have expected would be ‘cascading risk management’.

The Neck Bone is Risk Managed by the Head Bone…

Cascading risk management is where senior levels of an organization manage risks that are germane to the entire organization freeing subordinate levels to focus on their specific strategic, tactical and operational risk management.  Here is an example in a fictional state or provincial government or larger for-profit company:

Level Risk Management Example/Comment
Government Wide / National Wide Strategic risks that affect the entire government and central services provided. Government wide IT security, tax policy, inter-government relations.
Ministry/ Department Strategic risks that affect the Department but exclude those identified as belonging to the government.  Government wide risks are inherent to the Ministry’s Risk profile but do not need to be repeated unless they meet one of the following criteria:

  1. The strategic risk is not articulated or articulated broadly enough to reflect the uncertainty faced by the Ministry.
  2. The Ministry has policy-responsibility for the risk, for example tax policy would be expanded upon by the Ministry of Finance.
  3. The political or senior management deems the risk of sufficient importance/context to include despite it being managed by a senior level of the organization.
 Ministry of Finance further articulates the risks of debt management or tax policy.

The Ministry of Health further articulates the risks related to a pandemic.

The Ministry of Education reinforces the need to replace retiring teachers.
Division/ Branch Strategic risks that affect a sub-element of the organization but exclude those sufficiently belonging to the above layers of the organization.

The same conditions as discussed above apply but cascaded down one more level.  Note that this level will generate Strategic, Tactical and Operational Risks.

 Western Canada Marketing sub-Department.

Tax policy unit of the Ministry of Finance
Team/ Project/ Other Work Unit Tactical and Operational Risks with a reference to the above cascaded risks.  In this manner, the operational area can focus on the most critical risks affecting delivering their contribution to organizational objectives. IT Project Team.

Policy team drafting legislation.

New product launch team.

How is the Cascade Managed?

The above is predicated on the following assumptions:

  • The senior levels of the organization have an effective risk management process including a risk registry available to subordinate areas.
  • Resources managing risk at subordinate levels have a good awareness of the scope, limitations and intended usage for the senior risk management resources.
  • Each of the resulting levels have the ‘container’ to cross reference ‘cascade risks’ that is efficient and effective.
  • As required, a subordinate level can point to a senior level risk and then add or modify it as required.
  • This method is consistent with ISO 31000 as part of the Risk Identification step.

Assuming the above exists the a cascade risk statement may look like this:

  • The Ministry of Finance, Tax Department / Tax Policy Unit has prepared the following risks that may impair its ability to meet its operational objectives.
  • This risks exclude the following risks already articulated and reasonably managed by the indicated entities:
    • Government of Riskastan’s Economic assumptions and risks available via [link…].
    • The Ministry of Finance’s business plan which include significant strategic risks affecting the unit and available via [link…].
    • The Tax Department’s Tactical and Operational plan which includes significant departmental strategic, tactical and select operational risks.
  • The exception to the above exclusions are the following two risks that are further expanded upon by the unit:
    • Risk relating to the price of prunes and the Organization of Prune Exporting Countries to manage supply and thus price for prunes (Riskastan fiscal plan, page 17).
    • Risk related to retaining staff in the Tax Department who can count on both their fingers and their toes (Tax Department Operational Plan, list of assumptions and risks, page 71).

Is this Bespoke Spoken For?

Posted on by
Reply

It is a truism to say that organizations, in particular governments, are relying more and more on technology to operate and deliver services.  In a 2014 blog, IM/IT Inventory, I explored the concept of what assets should an organization actively manage and track.  The following graphic was introduced as part of a larger concept known as the IM/IT Lifecycle.

IM/IT Inventory-Model with sample mappings

To Include or Not to Include – that is the Catalog?

The purpose of the blog series was to try to answer the question, which bit of technology should be included, or not, in things like an inventory of applications.  The conclusion was pretty much, if it has value – include it – and if it will take a material amount of effort to recreate it, definitely include it.

Alas there is a definitional challenge when it comes to building application catalogs, namely WHAT IS an application?  Some definitions available include:

  1. ITIL – Application: Software that provides functions which are required by an IT service. Each application may be part of more than one IT service. An application runs on one or more servers or clients. See also application management; application portfolio. (Axelos.com; glossary, accessed 2018-01-27).
  2. COBIT – Application: A computer program or set of programs that performs the processing of records for a specific function.  Scope Notes: Contrasts with systems programs, such as an operating system or network control program, and with utility programs, such as copy or sort. (www.isaca.org; glossary, accessed 2018-01-27).
  3. Techopedia – Application software is a program or group of programs designed for end users. These programs are divided into two classes: system software and application software. While system software consists of low-level programs that interact with computers at a basic level, application software resides above system software and includes applications such as database programs, word processors and spreadsheets. Application software may be grouped along with system software or published alone. Application software may simply be referred to as an application. (www.techopedia.org, accessed 2018-01-27).

Why Ownership Matters

All 3 definitions try to get their arms around the question, how long is a piece of string.  Unfortunately the string is only going to get longer as applications pop up on smart phones, are meshed with AI or are used by an organization but inhabit the cloud.  Nevertheless, the definition is important because no matter where/how/who etc. the application is run – an organization must still keep internal accountability for its creation, maintenance, usage, information management and ultimate disposal.

Accountability is important because if service is increasingly delivered by technical means (including robots, AI, cloud and the Borg) then human accountability for its proper functioning and adherence to business objectives becomes more, not less, important. 

Another important reason to define an application is to provide ownership both technical and business.  This concept will become both more difficult and more important as applications become completely embedded in business processes and wink in/out of existence because of an accelerated development time frame.

But is ‘IT’ Spoken For?

One of the challenges of trying to assign ownership is that busy business users don’t want to be bothered with having to own technical resources such as a flux capacitor or an anti-matter chamber (these exist, right?).  They want to focus on their widget production system without being bothered with tech-esse.  However, all the technical bits need to be ‘owned’ by someone for no other reason than to ask: ‘can we turn it off‘?  To assist with this, I am proposing a 3 tier ownership structure.

Level/Description Typical Owner Examples
1. Strategic.  Technology in this group is often at the system level meaning that it is composed of 2 or more applications.  A strategic system is often long-lived and may directly or indirectly support multiple areas of the organization and product lines. The most senior person in an organization that relies on the technology for their immediate accountability.  Resist the urge to give everything to the President/CEO – this is the day-to-day senior owner, e.g. the VP of Operations.

The owner may sometimes be known as the information controller.  I like this as it focuses on the value of a system (information) rather than the means of a system (technical).
  • ERP system including manufacturing, inventory, sales, etc.
  • Production or product support system
2. Tactical Application. A bit of software that may support one or more business/technical needs.  Each tactical application has a single or a few outputs it produces.  It may exist on its own and/or it may be part of a larger system. Because most entries in an organization’s application catalog fall into this category, it is not surprising that most owners are middle level managers.

The biggest challenge in this category is what is in or out.  See the above blog for some thoughts on this.
  • Speciality reporting tools for finance/ marketing.
  • Stand alone database to track a single business function.
3. System/Operations. A bit of software that the techies are primarily aware of… until it does not work of course.  This includes ITIL system programs but may include utilities that business users rely on to operate a tactical application. Although these applications support a business user, their owners are the technical folks.  In this way, the technical areas provide a service to the business/ tactical applications.
  • Print utility, payment control system integrated with a bank, network or firewall software.

Like most things in life there are definite grey areas between the above 3.  This is where professional judgement comes to assign a bit of code to the right category and therefore to the correct accountable person. In doing the assignment, I would suggest that an organization use the following rubric in assigning ownership.

  1. Start High – Work Low: there is an inclination to make all technical things belong to the techies.  Therefore, all systems start with being owned by the highest possible level until they are pushed down based on the following guidelines.
  2. Who Gets to Change or Turn IT Off: this guideline is the contrary to the above, who gets to make changes to the bit of software.  Ideally this should be pushed down as low as possible.  When in doubt, who is responsible to to turn the dang thing off when the application has outlived its usefulness.
  3. The User/Customer, Disenfranchised and the Veto: Because the first two purposely try to move ownership either up or down an organization, the last consideration is consider the outcome.
    1. Who is nearest to the user/customer of the bit of software and therefore can make the best determination whether or not cinnamon red on a burnt orange background is a good colour scheme for web page. Move ownership down when this factor is important.
    2. Who are the internals and externals who are affected but are disconnected from the decision-making choice; these may be users or a few degrees separated from the user. Move ownership up when this factor is important.
    3. Who has a veto either explicitly or implicitly?  What are the internal and external politics of the bit of software?  If there are few such considerations, move ownership down; if there are many such considerations, move the software up.
  4. The Times are a Changin’: Use professional judgement to make a determination and then plan to periodically or ad hoc return to the decision.  Hopefully ownership generally moves down as a system matures and becomes stable – a change in the environment may require it to go up for a bit..

Conclusion and Other Ownership Constructs

The above takes a bit of a traditional view of ownership and purposely avoids such knotty issues as open source software or software as a service.  My expectations is that an organization with lots of applications to document (in particular governments) should spend time on these assets and then turn their attention to the more esoteric.  If an organization really does not own any applications then this discussion is a bit mute and academic anyway.

Let me know if the above model is useful and how you would improve it!

 

 

Against the Gods

Posted on by
Reply

Peter L. Bernstein wrote “Against the Gods: The Remarkable Story of Risk” in the late 1990s, well before the financial meltdown of 2008 or the dot come bubble burst a few years later. The book itself is a good refresher of the history of mathematics and provides a reasonably entertaining and well written history of risk.  Before getting to the book though, a quick detour about Bernstein himself.

A Life Well Lived

Bernstein died in 2009 at the age of 90.  Over those nine decades he was born into relative wealth, served as an officer in World War II, worked for the US federal government, taught university, took over his father’s investment business, sold the business for a tidy sum, wrote ten books – 3 in his late 80’s and became a respected academic.  WHEW

For anyone of us, a few of the above accomplishments in our lifetime would be gratifying (including making it to 90) let alone the number he accomplished.  In other words, Bernstein can be said to have had a life well lived.

The Good News from the Gods

Some of the reviews on http://www.goodreads.com have critiqued Bernstein’s writing style.  It is not the most elegant I have ever read but it was reasonably engaging and not too technical.  He takes a chronological approach to risk but this is really on the mathematics of risk.

He notes the restrictions early western mathematicians had including the Roman numeric system, the enlightenment and renaissance (to get beyond the notion that all things are pre-ordained by God), bookkeeping, forecasting, algebra and an unfinished game of chance.

To this last point, the question was how best to divide up the winnings of a game with a fixed number of iterations of the game that was partially played.  This question spurred the mathematics to ask the question about probabilities and the future.  Risk management was born.

From the renaissance, Bernstein takes us through the development of more advanced mathematics, game theory and then finally the rise of the Quants in computerized trading.

In other words, the book is a good and reasonably accessible refresher on the history of mathematics and specifically the development of statistics and financial mathematics.  Bernstein does explore some of the human side of risk.  For example he discusses those old favorites of behavioral economics: loss aversion, regression to the mean / Prospect Theory, ambiguity aversion, etc. In other words, a good historical romp that ties in some familiar and some unfamiliar details into a reasonably good overview of the mathematics of risk…

The Bad News about the Gods

… and therein lies the biggest problem with the book, big on math short on the story of risk.  There is so much more that Bernstein could have incorporated into the book.  For example

  • How is risk perceived and managed in different cultures.
  • How have the Christian and Muslim beliefs about risk and interest rates changed their respective trajectories.
  • What has been the impact over the past 50 years on risk management given that risk has now being overtly managed.
  • How have institutions such as the military, healthcare or pharmaceuticals changed in how they managed risks.
  • What was the impact of large-scale events on the acceptance and management of risk, for example did the Black Death make people more or less risk averse and how did this affect risk management.

In a way it is too bad that Bernstein wrote the book when he did or that he did not write it say 10-12 years later.  I would have been interested in his views on the 2008 financial crisis and the work of Nicholas Taleb, etc. who also discussed risk, statistics and randomness.

In the End

So, a good read if you enjoy history, mathematics and what a fuller understanding of the concepts of risks.  A revised edition would be great, or even better, a second volume with more depth and breadth.  Never the less a read that rounds out anyone interested in Risk Management.

A few Quotes and Thoughts

Publisher’s Description: With the stock market breaking records almost daily, leaving longtime market analysts shaking their heads and revising their forecasts, a study of the concept of risk seems quite timely. Peter Bernstein has written a comprehensive history of man’s efforts to understand risk and probability, beginning with early gamblers in ancient Greece, continuing through the 17th-century French mathematicians Pascal and Fermat and up to modern chaos theory. Along the way he demonstrates that understanding risk underlies everything from game theory to bridge-building to winemaking.

p. 15: Time is the dominant factor in gambling.  Risk and time are opposite sides of the same coin, for if there were no tomorrow there would be no risk.  Time transforms risk, and the nature of risk is shaped by the time horizon: the future is the playing field.  Time matters most when the decisions are irreversible.

p. 197: The essence of risk management lies in maximizing the areas where we have some control over the outcome while minimizing the areas where we have absolutely no control over the outcome and the linkage between effect and cause is hidden from us.

p. 228: Keynes argued that interest is a reward for parting with liquidity, not for refraining from consumption.

p. 232: Game theory says that the true source of uncertainty is in the intentions of others.

 

PRMM – How is That Planning Thing Working Out for You?

Posted on by
Reply

This is the second in a series of blogs on a Practical Risk Management Method or PRMM.  At the bottom of this blog is a refresher of the other steps.  This step’s premise is don’t separate your planning activities from your risk management activities.  In other words:

Planning = Risk Management. Planning is ultimately about managing uncertainty which is a fancy name for Risk.  At this point you may be saying:

  1. Of Course: we already do this. Good on you, see you at the next blog!
  2. Great Idea: this may be incrementally more work during the planning process but ultimately over all less effort for the organization.
  3. What is This Planning Thing you Speak Of: hmmm, we may have identified your top risk.

I am afraid I can’t help you if you fall into the last category but hopefully these blogs can help you if you with the first two.

Continue reading

Practical Risk Management Model

Posted on by
1

Is traditional risk management practical?  If so, why do so many organizations struggle to do it well?  As a quick refresher here are the three steps of virtually all risk management methods:

  1. Establish business objectives.
  2. Identify and quantify some or all of the risks that may prevent the organization from achieving these objectives.
  3. Figure out what you are going to do with the resulting risks (e.g. ignore, manage, transfer, assign owners, etc.).

An Practical Risk Management Method (PRMM)

What makes risk management impractical is that it is often a bolt on and/or a parallel activity.  In addition, risk management often gets bogged down in too many risks and not enough value add (see my blog “Guns, Telephone Books and Risk?” for more on this).  PRMM recommends the following steps:

  1. Planning = Risk Management. Incorporate risk management into existing operational, tactical and strategic planning; don’t separate the two.  Why?  Because planning is how organizations manage uncertainty which is a fancy name for Risk.
  2. Are You Any Good at Change? Evaluate how well your organization responds to change (e.g. when uncertainty becomes certain).  When the unexpected happens, was your response chaotic and uncoordinated or did it go more or less to plan?
  3. How Strong is your ARM? ARM or Antifragile Risk Management is a system that focuses on building robust and resilient organizations.  While step 2 above measures the organization in action, this step anticipates your organization’s uncertainty resiliency.
  4. A Certain Test of Uncertainty.  The organization’s risk/opportunity log is used to stress test the work done above.  Testing measures the robustness of the organization and the scope and reasonableness of the collected risks.  This is the traditional risk management step in PRMM.
  5. Don’t Stop. Modify/improve your plans and keep going.  All of the above activities are meant to be both periodic (e.g. the annual planning process) or continuous.

My next blog are some thoughts on step 1 above, integrating risk management into the planning processes of the organization.