Bucket lists.It never seems to fail--the language war I too often come face to face with when it comes to risk management terminology. Anyone who has had professional dealings with me already knows that I have been lovingly accepted as the risk management "Word Nazi." It is incredible to me how we all revolve re·volve v. re·volved, re·volv·ing, re·volves v.intr. 1. To orbit a central point. 2. To turn on an axis; rotate. See Synonyms at turn. 3. intimately in this risk world and yet so few of us actually have the same understanding of the words that we use everyday. The word "risk" to an underwriter underwriter n. a company or person which/who underwrites an insurance policy, issue of corporate securities, business, or project. (See: underwrite) UNDERWRITER, insurances. One who signs a policy of insurance, by which he becomes an insurer. means something totally different than the word "risk" to a financial adviser. The word risk in a hospital is different than the word risk my mother refers to when she refers to her fear of flying. Because of this, I usually spend the first twenty minutes or more of most risk discussions establishing a base understanding of we are talking about. This linguistic torture regrettably extends further to popularized risk categories or buckets. I was recently in discussions with a senior management team who adamantly ad·a·mant adj. Impervious to pleas, appeals, or reason; stubbornly unyielding. See Synonyms at inflexible. n. 1. A stone once believed to be impenetrable in its hardness. 2. An extremely hard substance. wanted to categorize cat·e·go·rize tr.v. cat·e·go·rized, cat·e·go·riz·ing, cat·e·go·riz·es To put into a category or categories; classify. cat their "risks" by categories such as operational risk, strategic risk, financial risk, just to name a few. The effort intended to be dedicated to this was mind-boggling. Warning--please read the label. It is just a label. It is just a filing system, an arbitrary classification scheme, a visual tool, nice packaging, an organizational technique and that is about it. Consider the effort you are willing to expend ex·pend tr.v. ex·pend·ed, ex·pend·ing, ex·pends 1. To lay out; spend: expending tax revenues on government operations. See Synonyms at spend. 2. choosing your file folder In a graphical user interface (GUI), a simulated file folder that holds data, applications and other folders. Folders were introduced on the Xerox Star, then popularized on the Macintosh and later adapted to Windows and Unix. In Unix and Linux, as well as DOS and Windows 3. colors or writing file tabs for your files in your filing cabinet? What is somewhat comedic to me is if I were to ask 100 people what these categories actually meant, I guarantee that very few would actually agree and the definition of these labels might even be opposing. So what is the point of doing it? How much time are we willing to waste arguing whether one particular concern or "risk" actually belongs in one bucket over another? Too often, I see organizations paralyzed par·a·lyze tr.v. par·a·lyzed, par·a·lyz·ing, par·a·lyz·es 1. To affect with paralysis; cause to be paralytic. 2. To make unable to move or act: paralyzed by fear. by this very problem. They tend to miss the whole point of the risk identification process. When working with a natural gas company, I recall discussions around a key "risk" being a large gas explosion in a city center. Agreed, it is a scary scar·y adj. scar·i·er, scar·i·est 1. Causing fright or alarm. 2. Easily scared; very timid. scar event. But what bucket does this event fall into? Operational? Reputational? Financial? All of them? None of them? The explosion event as stated meant little and did not fall easily into any category. The trick to meaningful risk identification is the ability to break down events in a more granular granular /gran·u·lar/ (gran´u-lar) made up of or marked by presence of granules or grains. gran·u·lar adj. 1. Composed or appearing to be composed of granules or grains. 2. way so that risk solutions become more naturally evident. So, for instance, with such an explosion, the company may be concerned about negative media coverage. The solution to mitigating this is much clearer and intuitive now. With an explosion, they may be concerned with loss of a specific plant. Again, the solution is different but clear. With an explosion, they may be concerned about third-party liabilities, property damage, penalties, business interruption. Look at the risk list now. It is the degree of specificity that drives meaningful risk identification. Being specific about the events that are affecting company goals is critical and as an added bonus, it saves you from having to force risks into buckets unnaturally or even awkwardly. If we agree that the point to risk identification is to eventually rank and set priorities on instituting real risk solutions, please leave labeling your buckets as one of your last tasks. JOANNA MAKOMASKI, the former risk manager for a global energy company, is a leading specialist in innovative Enterprise Risk Management methods and implementation techniques for ERM (Enterprise Relationship Management) An umbrella term with many shades of meaning over the years. It may refer to the management of information from any or all of an organization's customers, suppliers, business partners and employees. Quickstart. She writes on risk management and can be reached at riskletters@lrp.com. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion