WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Risk and the organizational mindset: why risk managers need to learn to think like a commodities trader

By Geary Sikich.

Introduction

Our concept of risk management needs to change. I’m not saying that the current practice is wrong; it just provides us with too much static risk assessment and the creation of many false positives in risk reports. One may ask why I chose the use the example of commodities traders for a new risk mindset. The answer is rather simple; commodities traders view risk as a rapid change agent. That is to say, risk changes in likelihood, velocity, impact and exposure over time.

If one refocuses to look at the consequences or potential consequences of the ‘near miss’ event instead of trying to determine the cause (which is often masked by opacity) preventative measures can be undertaken. Controls often times are reactive and not sufficiently proactive. Once we have changed the mindset, we can create a more proactive culture.

Reactive or proactive?

For organizations to go from a reactive risk culture to a more proactive risk culture, we need to begin to think like commodities traders when it comes to risk management. Commodities traders are what I will term ‘risk vigilant’. In essence they are constantly assessing risk exposure and doing a lot of risk buffering (hedging, derivatives, etc.) to offset the consequences of a risk realized.

The current practice of risk management is changing. With the advent of such standards as ISO 31000 many adherents have declared a new era in risk management, this is just a respite and decline is inevitable as risk managers become ensnared in compliance without thinking through the nonlinearity of risk. We tend to seek the cause for justification of risk activities. But today, due to complexity, we are faced with opacity, rendering the cause of a risk realized less important than the consequences resulting from the risk realized. The real constraints we face are well intentioned standards and practices that do not reflect the real-world operating conditions. Compliance is important and should not be overlooked. However, risk is not static and cannot be treated as a static element. The dynamics of risk require us to change our approach and thinking so that we can mount an effective campaign to consistently and constantly buffer risk exposure so as to reduce the impact of a risk realized over time.

Likelihood, volatility, impact and exposure over time

In a study performed by Deloitte two points are worth looking at. The report concluded that:

  • Traditional risk assessments that prioritize risk on probability and impact are outpaced by the speed at which risks move throughout the organization.
  • While 70 percent of finance executives agree that risk velocity is a core consideration, only 11 percent have introduced it into their risk assessments.

If we look at commodities trading we begin to understand the nature of speed and its ability to move throughout an organization rapidly. Commodities are complexity personified. Markets are large (global) in scale and trading is nearly constant (i.e., 24 X 7 – 24 hours a day and 7days a week). This makes identifying and managing risk a challenge that can be daunting to many. In many conversations with commodity traders I came to conclusion that their ability to see risk as a continuum, constantly changing, opaque and rapid in its impact creates a mindset of constant vigilance and offsetting of risks.

Achieving risk parity

Risk parity is an approach that focuses on the allocation of risk, usually defined by exposure, velocity and volatility rather than allocation of assets to the risk.

The risk parity approach asserts that when asset allocations are adjusted (leveraged or deleveraged) to the same risk level, risk parity is created resulting in more resistance to discontinuity events. The principles of risk parity will be applied differently according to the risk appetite, goals and objectives of the organization and can yield different results for each organization over time.

Recognize opacity and nonlinearity

The application or, misapplication, of the concept of a ‘near miss’ event has gained increasing popularity and more importance than it should have. A risk manager's priorities should be based on recognizing the potential consequences of a near miss event, not on determining the cause of the event. While causality is important, due to today’s complexity and the nonlinearity of events, determining causality can become an exercise in frustration. Instead we need to focus on consequence analysis and recognize that as risks evolve change begins to occur, collateral factors come into play, uniqueness is created in the way that the evolution of risk occurs. Nonlinear evolution of risks combine with reactions to events to transform potential risk consequences.

I don't disagree that analysis of near miss events can benefit the organization and facilitate progress in reducing risk exposures in the future. Investigating near misses is often hampered by the nonlinearity and opaque nature of the event itself. Thereby rendering any lessons learned less than helpful in reducing risk exposure and more importantly risk realization consequences. Near miss events will not have exactly the same chain of causality as a risk event that actually materializes into an impact with unforeseen consequences.

Recognizing and analyzing all near miss events isn't a realistic option. This is due in part to the fact that we do not experience events uniformly. A near miss to you might be a non-event to someone who deals with similar situations regularly as the event becomes transparent to them.

Concluding thoughts

We're limited not by the amount of risk we can identify, but by how inventive we are about how we think about risk and how much we're willing to buffer against risk realization. Here are seven identified needs for today’s risk managers:

  • Techniques for identifying permanent versus cyclical changes in the external operating environment;
  • Techniques for spotting and buffering risks so that the organization has the ability to leverage risk management activities for competitive advantage;
  • Tools for stimulating the creation of options, particularly where change is occurring rapidly and the scope for risk management action is shifting;
  • Tools for stimulating the understanding of opaque risk forces that are truly dynamic, with multiple orders of consequence effects;
  • Proven tools for improving strategy, risk management, business continuity and competitive intelligence processes, breaking inertia, and jolting conventional risk management thinking;
  • Techniques for generating and harnessing insights from big data about risks that customers, competitors, and suppliers present to the organization;
  • Techniques for identifying and focusing the top team’s attention on new or poorly understood risks—before it is too late and the risk materialize (risk realization).

I have found it useful to adapt Michael Kami’s 12 Steps (from his book ‘Trigger Points’) to the application of beginning to think like a commodities trader. A brief summary of the 12 steps is depicted in worksheet form below:

Trigger Point Analysis Worksheet

Step 1

Where Are We?

Develop an External Environment Profile

Key focal point: What are the key risk factors in our external environment and how much can we control them?

 

 

 

Step 2

Where Are We?

Develop an Internal Environment Profile

Key focal point: Build detailed snapshots of your business activities and risk exposures as they are at present.

 

 

 

Step 3

Where Are We Going?

Develop Assumptions about the Future External Environment

Key focal point: Catalog future influences systematically; know your key risk challenges and threats.

 

 

 

Step 4

Where Can We Go?

Develop a Capabilities Profile

Key focal point: What are our strengths and needs?  How are we doing in our key results and activities areas?

 

 

 

Step 5

Where Might We Go?

Develop Future Internal Environment Assumption

Key focal point: Build assumptions, potentials, etc. Do not build predictions/forecasts. Assess what the future situation might look like.

 

 

 

Step 6

Where Do We Want to Go?

Develop Objectives

Key focal point: Create a pyramid of objectives; redefine your business; set functional objectives.

 

 

 

Step 7

What Do We Have to Do?

Develop a Gap Analysis Profile

Key focal point: What will be the effect of new external forces?  What assumptions can we make about future changes to our environment?

 

 

 

Step 8

What Could We Do?

Opportunities and Problems

Key focal point: Act to fill the gaps.  Conduct an opportunity-problem feasibility analysis; risk analysis assessment; resource-requirements assessment.  Build action program proposals.

 

 

 

Step 9

What Should We Do?

Select Strategy and Program Objectives

Key focal point: Classify strategy and program objectives; make explicit commitments; adjust objectives.

 

 

 

Step 10

How Can We Do It?

Implementation

Key focal point: Evaluate the impact of new programs.

 

 

 

Step 11

How Are We Doing?

Control

Key focal point: Monitor external environment.  Analyze fiscal and physical variances. Conduct an overall assessment.

 

 

 

Step 12

What’s not Working?

Revise, Control, Remain Flexible

Key focal point: Revise strategy and program objectives as needed; revise explicit commitments as needed; adjust objectives as needed.

 

 

 

The author

Geary Sikich, Entrepreneur, consultant, author and business lecturer
Contact Information: E-mail: G.Sikich@att.net or gsikich@logicalmanagement.com.

Geary Sikich is a seasoned risk management professional who advises private and public sector executives to develop risk buffering strategies to protect their asset base. With a M.Ed. in Counseling and Guidance, Geary's focus is human capital: what people think, who they are, what they need and how they communicate. With over 25 years in management consulting as a trusted advisor, crisis manager, senior executive and educator, Geary brings unprecedented value to clients worldwide.

Geary is well-versed in contingency planning, risk management, human resource development, ‘war gaming,’ as well as competitive intelligence, issues analysis, global strategy and identification of transparent vulnerabilities. Geary began his career as an officer in the U.S. Army after completing his BS in Criminology. As a thought leader, Geary leverages his skills in client attraction and the tools of LinkedIn, social media and publishing to help executives in decision analysis, strategy development and risk buffering.

A well-known author, his books and articles are readily available on Amazon, Barnes & Noble and the Internet.

References

Apgar, David, Risk Intelligence – Learning to Manage What We Don’t Know, Harvard Business School Press, 2006.

Davis, Stanley M., Christopher Meyer, Blur: The Speed of Change in the Connected Economy, (1998).

Jones, Milo and Silberzahn, Philippe, Constructing Cassandra: Reframing Intelligence Failure at the CIA, 1947–2001, Stanford Security Studies (August 21, 2013) ISBN-10: 0804785805, ISBN-13: 978-0804785808

Kami, Michael J., ‘Trigger Points: how to make decisions three times faster,’ 1988, McGraw-Hill, ISBN 0-07-033219-3

Klein, Gary, ‘Sources of Power: How People Make Decisions,’ 1998, MIT Press, ISBN 13 978-0-262-11227-7

Sikich, Geary W., Graceful Degradation and Agile Restoration Synopsis, Disaster Resource Guide, 2002

Sikich, Geary W., ‘Integrated Business Continuity: Maintaining Resilience in Times of Uncertainty,’ PennWell Publishing, 2003

Sikich, Geary W., ‘Risk and Compliance: Are you driving the car while looking in the rearview mirror?’ 2013

Sikich, Geary W., ‘Transparent Vulnerabilities’ How we overlook the obvious, because it is too clear that it is there” 2008

Sikich, Geary W., ‘Risk and the Limitations of Knowledge’ 2014

Tainter, Joseph, ‘The Collapse of Complex Societies,’ Cambridge University Press (March 30, 1990), ISBN-10: 052138673X, ISBN-13: 978-0521386739

Taleb, Nicholas Nassim, ‘The Black Swan: The Impact of the Highly Improbable,’ 2007, Random House – ISBN 978-1-4000-6351-2, 2nd Edition 2010, Random House – ISBN 978-0-8129-7381-5

Taleb, Nicholas Nassim, Fooled by Randomness: The Hidden Role of Chance in Life and in the Markets, 2005, Updated edition (October 14, 2008) Random House – ISBN-13: 978-1400067930

Taleb, N.N., ‘Common Errors in Interpreting the Ideas of The Black Swan and Associated Papers;’ NYU Poly Institute October 18, 2009

Taleb, Nicholas Nassim, ‘Antifragile: Things that gain from disorder,’ 2012, Random House – ISBN 978-1-4000-6782-4

•Date: 8th October 2014 • US/World •Type: Article • Topic: Enterprise risk management

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here