The fifth response to risk | IS Survivor Publishing

Previous Post: / Next Post:

The fifth response to risk


We need to add a response. The risk management profession lists four ways to deal with risk. There’s: Prevention (which can mean reducing the odds of an occurrence as well as eliminating them) … Mitigation, limiting the damage that occurs should the risk turn into reality … Insurance, spreading the cost of any damage that […]

By Bob Lewis | June 14, 2010
Topics: Business Ethics, Industry Commentary, Leadership, Office Politics, Organizational Effectiveness | 6 Comments »


We need to add a response.

The risk management profession lists four ways to deal with risk. There’s:

The fifth response … which isn’t new at all … is deny, which is what NASA chose for shuttle launches before the Challenger disaster, British Petroleum apparently chose preceding the Gulf of Mexico disaster, and some friends chose when they disabled their firewall and antivirus software because it was slowing down their systems too much.

We don’t yet have all the facts regarding the Gulf of Mexico disaster, nor have we experienced even a tiny fraction of the spin that is to come. (Media stupidity, on the other hand, has been in full view: Really, does President Obama’s visible anger or lack of same actually merit air time?)

Based on the limited information we have thus far it seems BP followed a popular risk trajectory in allowing this mess to take place: Its management interpreted successful prevention as absence of risk — the essential feature of the deny response.

To illustrate this dynamic, go back to January 2, 2000. Millions of information technology professionals, working in just about every organization on Earth, had completed perhaps the most effective preventive effort in history. No disaster ensued and very few businesses failed because everyone involved did a thorough and professional job.

And so a sadly large number of people who should know better concluded the whole thing was a sham.

They interpreted successful prevention as the absence of risk.

Here’s how it happens:

Take a car owner driving on bald tires and ask whether she’s concerned one might deflate. She’d most likely say yes, and unless she was in deep financial straits, she’d buy replacements.

If, six months later you asked her whether her new radials had prevented a flat, she’d answer “Of course.” That the risk might have been a sham, the product of the “alarm industry” or tire manufacturers, would never occur to her.

The same would be true for the manager of a corporate fleet. Ask if leaving bald tires on any of the company’s cars is too risky to allow and he’d certainly answer in the affirmative.

As he’s running a cost center, though, he can’t stop there. He predicts the useful life of each car’s tires, adds an estimate of how many tires per year experience punctures and other forms of damage, and does the math to forecast the annual cost of new tires. That’s his replacement budget. A few years go by without incident. Everything is groovy.

Then the company embarks on a continuous improvement program. Now, executive bonuses depend on finding costs to cut. The tire replacement budget is one of them, and in spite of warnings from the fleet supervisor, it’s reduced by five percent.

Per year.

Fleet makes do. It buys cheaper replacement tires that don’t last as long. It patches tires that should be replaced. Every year the fleet manager warns Mr. Continuous Improvement the risk of a tragedy is increasing.

And every year Mr. Continuous Improvement delivers the usual reply — one replete with “business realities,” the need to live within the company’s means, the uselessness of throwing money at problems, and, most important, the “evidence”: Cutting the budget hasn’t resulted in a tragedy, has it? Of course the mechanics want to replace the old tires with shiny new ones. They think like technicians, not business people.

It’s interpreting successful prevention as the absence of risk.

Until there’s a blowout and a fiery car crash.

Here’s what’s tricky: Without continuous improvement programs, organizations become complacent, mistaking the way things are for the way things have to be.

Where companies blow it is using the budget as a bludgeon, forcing cost center managers to find “improvements” whether or not they’re actual improvements or just cost-shifting game-playing.

The budget is the wrong tool for the job. The right tool: Culture change — for managers, a culture of honest inquiry so they don’t interpret successful prevention as the absence of risk.

And for all employees, a culture of innovation so they don’t mistake the status quo for what’s inevitable.

6 Responses to “The fifth response to risk”

  1. Ed Gould says:

    You needed a fifth response.

    #5 Who else can we blame for this?

  2. Adam Hartung says:

    Excellent Blog, good interpretation of the risk of the “seemingly riskless” continuous improvement. And the downside of management that believes there is always “fat to cut.”

  3. Aaron Lance says:

    Denial being acceptance without the accountability. It’s amazing how we can avoid the facts to hang on to what we wish were true instead of what we fear is true. And if we just somehow forget to ask the questions that would confirm our fears then we can’t be held responsibile. The one thing I hear most, and usually first, after a failure like this is “I never thought. . .”. Translation “I realize we blew it but you wouldn’t have done any better”. A little more thinking and a lot less CYA is required in these cases. Plausible deniability is no more a strategy than is hope.

  4. K. A. Boriskin says:

    “They interpreted successful prevention as the absence of risk.”

    I can’t even count the number of times I’ve tried to make the same point, whether in regard to Y2K or other situations, usually without success. The successful prevention = absence of risk mind set is just too strong, or I’m just not articulate and persuasive enough. Maybe your excellent short description will help me in the future, although I won’t hold my breath.

    Thank you for yet another great column.

  5. Brad Mitchell says:

    Great observations (and assessments) as always, but I would like to make an additional point. The focus should be on continuous process improvement, not just cost improvement (reduction.) In the example, the process is modified to add additional inspection time (versus the replacement clock), manual effort (to apply the patches), training (to learn how to apply the patches) and quality assurance to ensure that the training took. Those additional process actions also have opportunity costs. The key is to ensure that cost reduction actions truly do yield a net cost benefit, not just an “improvement” in my budget line item.

my photo

Visit our store to buy books authored by Bob Lewis.

my photoBob Lewis is a senior management consultant with Dell Services. He has published these columns once a week in one form or another since 1996.

Disclaimer: All opinions, statements, representations, allegations, images (if published) and anything else that appears here is the sole responsibility of the author. Dell has and had nothing to do with it, other than saying it's okay to continue publishing KJR.

Recent Posts