When you hear the word “risk”, do you run away in panic believing it’s something that should be avoided at all costs; something that if you ignore, simply goes away? Disappears? Many organizations and their management teams – of all levels – have such negative reactions when they hear that 4 letter word that it’s hard to believe we progress at all. Yet, in business, and in fact in our daily lives, it’s almost impossible to achieve some level of success without taking a level of risk. Would we be flying in ten-ton aircrafts (and that’s probably light) if the Wright Brothers hadn’t taken a risk? Would I be writing this message on a laptop if two “techies” hadn’t taken a risk of creating the personal computer? The key is to act with your brain when it come to risk. What does that mean?
1. We only act on those risks that we understand and that we’ve investigated; we know what we stand to lose, and have an idea of what are chances of success are.
2. We only act on those risks that we can afford to take action on; we know the risk might hurt us in some way but even if we fail, we can move forward.
3. We choose the risks that have an acceptable level of success and reward; ignoring the risks that don’t provide enough payoff.
In the same way that many of us react negatively to the word “risk”, many people think that “risk management” is about eliminating or minimizing risk. Not necessarily so. There are some risks that must absolutely be avoided no matter what happens. For example, no one would want to take a risk that could mean the loss of life, family members or others close ones are hurt. This will be true for companies as well. Does an organization really want to do something that may put itself in financial jeopardy, putting itself out of business? Doubtful.
Enterprise Risk Management (or ERM) is about understanding the risks of the organization in a consistent way. We build an ERM framework in our lives and working realms that enable us to make better decisions about taking and managing the risks we encounter; on a daily basis.. Essentially, we need to make sure we identify what is a risk to us, and our organizations, whether they’re financial risks or operational risks, such as the dreaded risk of ‘system failures.’ We then put those risks through our brain against our previously noted criteria and determine whether they’re acceptable and worth taking or if we should avoid the risk altogether; effectively running away in panic. But if you’ve put the risk through the criteria in a calm and calculated method, avoiding the risk is simply walking away calmly and keeping an eye open for what’s next. We may even want to take the risk but may not have the support or resources at our disposal to act upon it. Making that decision still doesn’t mean the risk was bad – or a four letter word – but something you walked up to, looked in the face and then made a wise thought out and calculated decision.
We all must take responsibility for the risks we encounter during the day and how we respond to them, sometime making good judgements and sometimes not. The Wright Brothers took a calculated risk and now we fly around the world. So each of us is our own risk manager and keeps us in control and if that’s true, risk isn’t such a bad word after all.