Attitudes to risk By John Robinson
Those who admit to experiencing this phenomenon will tell you now that hindsight is an expensive luxury and that they wished they had known better or sooner of its consequence. But foresight alone is of limited use; like peering into the fog from the prow of a sailing ship, scanning for things that could send it to the bottom. But searching for what? Clearly, we need the ability to recognise hazards far enough in advance to allow us to respond before they strike. We need the ability to communicate every sighting accurately back to the ship’s captain in terms he can understand, assess and act upon. And to maximise our chances we need these basic skills to be widespread amongst the crew. Most stakeholders in the enterprise will probably share a general knowledge of the probable disaster scenarios faced by a vessel; bluntly, the ship may sink with the loss of crew and cargo. However, any detailed knowledge of how one or other causal threats may be realised is generally confined to the captain, a core of officers and specialist crewmembers whose roles include dealing with those hazards. Everyone else is left to develop their opinion of the risks they face based on what they see and hear, and on their own experience. Because of this, and in the absence of consistent education, pockets of belief form, subtly altering behaviour and causing individuals and groups to become either more gung-ho or blasé, or more conservative than is appropriate for the greater good. Either extreme is potentially damaging; with those in the former category in some cases actually welcoming risk as ‘character-forming’ or more likely causing risk management to be sidelined as weak, unnecessary or wasteful; the latter embracing it so tightly that adherents threaten to strangle the activity they are supposed to protect, attracting potential ridicule. Perception The businessman’s perception of the risks is viewed almost entirely from a profit and loss standpoint. He is intent on spending the minimum necessary to ensure his ship remains afloat and able to trade. He does not get involved in the physical operation and each successful trip reinforces his belief that nothing will happen to disrupt it. He communicates periodically with the captain, providing him with a lean budget to pay the crew and keep the vessel seaworthy. The businessman accepts that he may be taking a commercial risk by denying the captain the full funds he says he needs, but rejects the assertion that this is unreasonable or that he is placing the crews’ lives at risk. The captain’s perceptions of the risks faced by the operation are somewhat different. Common sense suggests his views should be true-to-life with all relevant information sources potentially open to him. He should know the hazards associated with each voyage, the condition of the vessel, the ability of the crew, and the approximate value of the enterprise. Together these should be enough for him to persuade the businessman to release appropriate funding. Unfortunately, other factors distort his perception and thus, his behaviour. First, he must balance the fact that his own and his crew’s lives are at stake whilst at sea, against his dependence on the substantial profit-linked bonus he receives for each successful trip he makes. Second, he lacks the vocabulary to express the risks to the businessman in terms he will understand and act on. Third, and critically, he is unaware that the information he receives from the crew is not reflective of the actual condition of the ship. Because of these factors, he is obliged to gamble, doing what he can to make the ship safe with the limited budget available to him, tolerating the risk and unknowingly failing to fulfil his natural and maritime governance responsibilities. The ships’ officers have yet a different perception of the same risks. In the past, each officer reported problems and made requests for risk-related investment in their areas of responsibility directly to the Captain. This took place with varying accuracy and emphasis, depending on individual officers’ perceptions and, to some extent, their relationship with the captain. Investment was correspondingly inconsistent, leaving glaring holes in some areas, including shortages of vital backup materials and emergency equipment. Since a recent recession when a number of crew members were laid off, the captain’s response to their requests for safety equipment, spare parts and basic training has been consistently negative, obliging the officers to convey this to the rest of the crew whenever they express concern. The officers are paid a monthly wage and a small bonus based on rank and performance; the ambitious among them now shun safety or risk issues. The permanent crewmembers are paid a low basic wage and have modest career aspirations. They only understand their part of the ship and, beyond the obvious, have little ability to see how incidents in their areas will affect the operation of the vessel as a whole. Their procedures are learned on-the-job and they receive minimal training, responding only to orders from the officer-in-charge. They are able to recognise localised operational threats, but only in extreme cases do they bother to report them since, they argue, they are not paid to do this and their remarks are badly received in any case. The hired hands again have a different mindset; they are paid a fixed amount on completion of each assignment and achieving this is their main motivation. They are unconcerned about the long-term welfare of the vessel and crew and, unless they need more work, will do the minimum to fulfil their contract. Depending on experience, they may perceive significant operational risk but will not rock the boat by reporting it. In this perhaps unrealistically bleak picture, the crew has been driven into a reactive mode of risk behaviour, reporting and repairing assets only when they fail. They have become increasingly accepting of, and blind to the high level of inherent background risk in the operation. Investment has been all but withdrawn and the ability to argue for funding has been substantially lost. Risk has become an unfashionable topic associated with reduced profits and has been erased from the management team’s vocabulary. The next incident affecting the ship could be its last, but the politics and culture are such that no one owns the problem any more and no one is in a position to change things. Reality • Risk awareness. The risks individuals perceive that they face. This is a reflection of ability to channel undiluted and accurate risk information, from top-to-bottom and from side-to-side within an organisation. The captain’s inability to persuade the businessman to fund the reduction of risk arose because he could not present him with a convincing, factual case for inward investment; he did not know enough about the risks and he had no shared language with which to communicate with the businessman – he needed to convey risk in relation to profit. Similarly, the captain’s apparent unwillingness to respond to his officers’ concerns removed risk management from their agenda, cascading this negative message down the chain of command. Ultimately, risk awareness became an unfashionable, unnecessary commodity, so no one saw, or wanted to see the full picture. Starved of information, the captain lost the argument, funding dwindled and the situation deteriorated to the point where otherwise minor incidents became enterprise-threatening and life-threatening. • Risk appetite. The decision to act on or accept a risk is based partly on an individual’s tolerance of that risk. In the absence of a clear mandate or policy setting out what is and is not acceptable, risk tolerance information is collected and conveyed personally. We make up our own minds according to our views, opinions and agendas; our views are then modified by other local factors. An example of this is how managers react when told of a risk condition by staff. If the information is well received by the manager then the donor feels encouraged and continues to pass information, and vice versa. Our willingness to tolerate or accept a level of risk is called risk appetite. It works hand-in-glove with risk awareness, since an individual can only judge the acceptability of a risk based on his/her knowledge of that risk. This tendency is illustrated by the fact that each of the groups involved in the venture took important risk decisions affecting the other parties, based on their own view of acceptability. This ranged from the hired hands’ decision to tolerate the few risks they became aware of, through to the captain’s decision to turn down his officers’ request for investment, and ultimately to the businessman’s commercial decision to trade profit against the chance of failure. Strong risk appetites – a willingness or desire to gamble – are appropriate in only a few corporate roles, such as market trading. • Risk Ownership: This is a measure of an individual’s perceived acceptance of responsibility, the willingness and the ability to act on available risk information by others in the organisation. Again, inextricably linked to risk appetite and awareness, only the captain was in a position to collect the information he needed to obtain funding and then begin to manage and delegate the risks effectively. Yet the businessman’s hard commercial stance, and the culture of risk denial the captain subsequently created on-board, meant he was unable to do this; he was unable to act on, or own the risks. Individual officers or crew with weak risk appetites might have begun to manage risks in their own areas but would face a thankless task without funding, recognition or reward, stretching their resources to the limit. In an ideal world, the captain, officers and crewmembers would network the ownership of the operational risks according to responsibility and specialism, feeding back the high quality risk data needed to make a watertight business case. In this example, no-one owned the risks so nothing changed. Whilst far from defining an organisation’s risk culture absolutely, the three parameters described here offer a basis for comparison and improvement. For example, if we can measure a person’s awareness of the operational risks facing the organisation we can determine how well informed their risk decision-making is likely to be. Similarly, if we can measure a person’s risk appetite, we may be able to infer how well they are suited to making consistent risk-decisions in the organisation’s interest. Thirdly, if we can measure their perception of risk ownership, we can begin to judge the pervasiveness of risk culture via the risk management activities they see taking place around them. The analogy also suggests that individuals’ risk behaviour may be typed by other attributes, such as membership of function or department, seniority, experience, motivation and ‘stake’ in the enterprise. Being able to demonstrate group tendencies based on these and other relevant criteria allow us to predict and then focus more ably on the origins of risk cultural strengths, weaknesses, opportunities and threats within already well-defined areas of the organisation. For example, a department exhibiting poor awareness of the actual risks and a strong risk appetite might be offered very specific training to help comply with risk standards, thereby improving risk culture. Similarly, we can benchmark a department’s performance against a standard response or against the behaviour of another group. This allows changes in attitude to be tracked and consistently compared, applying carrot-and-stick measures to guide participants into an acceptable cultural and behavioural zone. Conclusion However, we can propose some general tenets: As a final point, it is clear that we need information to make sense of our own and others’ conditions. Only then can we detect the potential for ‘bad behaviour’ and improve. Such information can be obtained by experience, by guesswork or through the collection of genuine business intelligence. The latter seems preferable and, in conjunction with www.ContinuityCentral.com the author proposes to conduct a risk culture survey of organisations. We would be grateful if you would participate – click here. John Robinson is a Director of JR Consulting Partners Ltd. You can email him on jr@jrcpl.com or visit www.jrcpl.com
•Date:
9th January 2004 •Region: Worldwide •Type:
Article •Topic: Operational
risk |
