Back to Blog

Risk is More Than a Four-Letter Word

Posted by Dorothy Gjerdrum on January 23, 2015 at 3:08 PM

When I say “a four-letter word,” you think I’m going to say something bad, don’t you?  For many years, risk management took that same approach.  Risk was something to be avoided, transferred away, segregated and minimized.  We worked hard to minimize the adverse effects of losses and claims, transfer or prevent them when possible and finance them when necessary.  We treated risk like a bad, four-letter word and in some instances, we still do.

But what happens when a risk is worth taking? Can we treat risk like a good thing? When we should embrace risk or even optimize it?  I can think of a personal example.  Twice in my career, I have taken huge personal risks when I’ve pursued a new job that was outside of my comfort zone (one even involved a cross country move before I had the final job offer).  I was excited about these opportunities – even though the outcomes were far from certain.  Job changes are never without challenges, but looking back, I am grateful for taking those big risks that helped me embrace new career goals.  They enabled me to achieve much more than I would have if I had played it safe

But how does this apply to public sector risk management?  Insurance companies tell us that only 20-25% of public sector risks are insurable (and they are only talking about risks that are threats).  That leaves 75-80% of uncertainty on the table, “unknowns” that could be opportunities.  Some of that uncertainty could provide great outcomes, if the risks are worth taking.  The 2009 ISO/ANSI/ASSE 31000 standard on risk management defines risk as “the effect of uncertainty on objectives.”  Those effects could be good or bad or both. Taking a broad approach, an enterprise-wise approach, to risk, rather than trying to contain, transfer or prevent it, can help you understand when and how it makes sense to take on risk.

Managing risk in such a way can lead to better decision-making and can help us achieve our (personal and professional) goals. The ISO/ANSI/ASSE 31000 standard on risk management introduces a new language of risk, expanded way beyond a bad, four-letter word.

And for me, my next big career risk is taking on this blog! I hope you’ll engage with me by joining this discussion by leaving a comment. I’d love to hear what risks have you taken lately that have resulted in a positive outcome? What are some things that can result from taking an enterprise-wide approach to risk?


Mick McBride

February 9, 2015 at 9:57 AM

Congratulations on another milestone in you career. I appreciate your comment about only 25% of municipal risks are insurable. I have always held the belief that the primary function of a risk manager is to establish a financing plan to cover any contingency that might occur while maintaining cost effectiveness. I do not consider myself to be a risk averse person so I have long subscribed to alternative financing techniques. Personal risk is minimized if you purchase insurance. You can always blame the insurance company. Alternative financing plans, in my opinion, fall within your definition of a risk worth taking.

Kate Wood

February 10, 2015 at 1:38 PM

You have raised a number of intriguing topics in your first blog. But I too was struck by your comment that only 25% of public risk being insurable. I’d like to hear more discussion about that number. How do risk managers talk about uninsurable risk? What is not insurable? And how can we help our organization deal with it? I know you are hoping to engage us in looking at opportunity risk as well. And, in a way, strong loss prevention is an “opportunity”, even though we are still dealing with hazard and loss. I think it is a great place to start the enterprise discussion.

Liz Miser

February 10, 2015 at 8:32 PM

Dorothy, I look forward to reading your blogs, keep them coming!

Dorothy Gjerdrum

February 11, 2015 at 8:45 PM

Kate - great questions and comments. I think most traditionally trained risk managers hesitate to talk about "big risks" or un-insurable risks because it means engaging in a broader conversation. It's a conversation where we (risk managers) don't have all the answers. It's a conversation that requires that people start to define "risk" in a different way. I once had the executive director of a port authority tell me that she was not going to even consider risks that were beyond her control. How is that going to work, exactly? Isn't that like covering your eyes and pretending that no one can see you?

Dorothy Gjerdrum

February 11, 2015 at 8:46 PM

Thanks for the comments and congrats, Mick! I have a challenge for you: If your primary function to focus on risk financing, then how are you addressing the 75% that are not insurable??