When I say “a four-letter word,” you think I’m going to say something bad, don’t you? For many years, risk management took that same approach. Risk was something to be avoided, transferred away, segregated and minimized. We worked hard to minimize the adverse effects of losses and claims, transfer or prevent them when possible and finance them when necessary. We treated risk like a bad, four-letter word and in some instances, we still do.
But what happens when a risk is worth taking? Can we treat risk like a good thing? When we should embrace risk or even optimize it? I can think of a personal example. Twice in my career, I have taken huge personal risks when I’ve pursued a new job that was outside of my comfort zone (one even involved a cross country move before I had the final job offer). I was excited about these opportunities – even though the outcomes were far from certain. Job changes are never without challenges, but looking back, I am grateful for taking those big risks that helped me embrace new career goals. They enabled me to achieve much more than I would have if I had played it safe
But how does this apply to public sector risk management? Insurance companies tell us that only 20-25% of public sector risks are insurable (and they are only talking about risks that are threats). That leaves 75-80% of uncertainty on the table, “unknowns” that could be opportunities. Some of that uncertainty could provide great outcomes, if the risks are worth taking. The 2009 ISO/ANSI/ASSE 31000 standard on risk management defines risk as “the effect of uncertainty on objectives.” Those effects could be good or bad or both. Taking a broad approach, an enterprise-wise approach, to risk, rather than trying to contain, transfer or prevent it, can help you understand when and how it makes sense to take on risk.
Managing risk in such a way can lead to better decision-making and can help us achieve our (personal and professional) goals. The ISO/ANSI/ASSE 31000 standard on risk management introduces a new language of risk, expanded way beyond a bad, four-letter word.
And for me, my next big career risk is taking on this blog! I hope you’ll engage with me by joining this discussion by leaving a comment. I’d love to hear what risks have you taken lately that have resulted in a positive outcome? What are some things that can result from taking an enterprise-wide approach to risk?