Musings by the Tao Of Risk

Potemkin Villages and Risk Culture

A Potemkin Village is a term used to describe situations where a thinly veiled facade is created with no underlying substance. Legend has it that Grigory Potemkin became Governor of Southern Ukraine and Crimea after the Russian takeover in 1774. Potemkin was assigned to rebuild the areas after a series of wars between the Ottoman Empire and Russia. In 1787, the Russian Empress Catherine II and her entourage embarked on a six-month trip through the Ukraine and Crimea. To assure his continued favor with Catherine II, Potemkin is reported to have built a fake portable settlement along the banks of the Dnieper River. Each night after Catherine II and her entourage passed the village, Potemkin would have the village disassembled and reassembled further down river to give the impression of a thriving, prosperous economy however, reality was quite different. Many people question the authenticity of the legend but, true or not, the fact still remains that organizations do construct facades with very little substance behind them.

Disciplined Execution

disciplined smallA disciplined process with emphasis on simplicity and flexibility yields a highly effective process that is dynamic and can quickly adapt to changing market conditions.  An effective risk management program includes both a strategic and a tactical component.  The strategic component of risk management begins with a set of risk management principles that includes management acknowledgement and support, recognition that risk management is an inexact science, and recognition that a disciplined approach yields significant value to the organization.  Another key principle is recognition that, even though risk management is an inexact science, the risk management process must be disciplined and systematic.  A disciplined and systematic risk management program facilitates continual improvement and creates true value for the organization.  A disciplined and systematic risk management approach also helps avoid overspending on risk management.  It doesn’t make sense to spend $100,000 to treat a risk with a $20,000 impact. A disciplined risk management approach will quickly identify cases where the cost to treat a risk exceeds the cost of the impact and can divert the remaining effort to higher priority risks.

Organizational Culture and Risk Management

When you are standing in front of the mirror preparing for the day, how many people think to themselves "I will do everything I can to save the company 57 cents including putting customer’s lives at risk." Or how about "I will lie to, deceive, and obstruct anyone who attempts to uncover product faults so our company can save $130 per unit." As bizarre and unthinkable as it may seem these two scenarios occurred recently. Checkout my RIMS 2016 presentation to learn more about these scenarios and how organizational culture can drive organizations to ignore or cover up risk that cost pennies to treat but can result in billions of dollars in exposure if ignored or left untreated.

Simplicity is the Key to Success

simplicity smallMany organizations and tools tend to complicate risk management by utilizing complex prioritization schemes, algorithms, and procedures.  I have found no evidence or studies to indicate that complex prioritization schemes provide more effective risk management capability than simplistic prioritization schemes or processes.   Organizations that focus on simplicity and risk management fundamentals tend to be very successful because they can easily and quickly adapt to changing market conditions.  The ability to quickly adapt to changing market conditions is clearly a critical success factor in our current global economy.  The epic rise and fall of BlackBerry is a striking example of what happens when an organization does not recognize and adapt to rapidly changing industry trends.