First a BIG thank you to Jamie Notter and Maddie Grant for including me in their book, Humanize in their discussion of “risk” (see page 70). My contribution is that people perceive risk differently and react accordingly. However, I disagree with the authors’ statement that “… most organizations could be characterized as risk averse.” I think most people are risk ignorant (they don’t know what the risks are) and are prey to misguided perceptions of risk.
First, I don’t think most people or their organizations really consider risk in their decision making. So they aren’t risk averse or risk prone. The decision makers may fear change or even have a knee-jerk reaction that something is “too risky” but I’m not sure risk analysis affects their decisions. A risk averse organization (meaning they want to avoid or minimize all risks) would have an extensive risk management program (few do), business continuity and disaster recovery plans, succession plans and include risk analysis as a part of their decision-making process. Similarly if people were risk averse they would all eat right, not smoke, wear seatbelts, not drink and drive, not drive while distracted and always have an umbrella.
We need to reframe the risk discussion – risk and fear are not synonymous. Risk is the possibility of loss or injury, while according to Webster’s Seventh Collegiate Dictionary (1969), fear is “an unpleasant often strong emotion caused by anticipation or awareness of danger.” A specific risk can create fear for one person – while someone else is quite comfortable with it.
I encourage people to adopt a new definition of risk arising from the enterprise risk management movement where we evaluate both risk and opportunity. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has written extensively on enterprise risk management. COSO’s Integrated Framework is the basis of risk assessment by most accountants. COSO’s Enterprise Risk Management – Integrated Framework: Executive Summary states “Enterprise risk management is a process, …, designed to identify potential events that may affect the entity, …” (p.4). In other words a “risk” is the possibility that some future event may cause unexpected results. The unexpected results can be positive, negative or neutral.
The practice of enterprise risk management can help people become more comfortable with uncertainty. We won’t know what will happen when we introduce a new product or service, redefine membership, restructure the organization or engage our members via social media but through risk analysis we can speculate potential outcomes. We need to consider both the risks and the opportunities associated with the idea. Most people still only focus on the negative outcomes but that new initiative could be successful. We need to be prepared for success.
We need to assess and analyze the risks and opportunities of any new initiative and compare it to the pros and cons of maintaining the status quo. Through risk analysis, we can select the option with the best expected results. Don’t just identify what can go wrong but consider what can go right for the idea to be successful. Perhaps then we won’t be so afraid of change.