Home > Risk > Risk Leadership: A review by Felix Kloman of a new book by David Hancock

Risk Leadership: A review by Felix Kloman of a new book by David Hancock

January 27, 2012 Leave a comment Go to comments

Felix Kloman is one of the most respected gurus of risk management, someone whose views always merit thoughtful consideration. He recently sent a group of us this review and graciously agreed to let me share it with you, here.

Dave Hancock’s ideas are stimulating and I hope you will share your comments after reading Felix’s summary of the highlights.

Felix’s Review

Last October I submitted to a whim and bought a new UK book, simply on the strength of its title: Tame, Messy and Wicked Risk Leadership (Gower, Farnham 2010) by David Hancock, the Head of Project Risk of London Underground and a visiting Fellow at Cranfield University.

Now admit to me, that title is intriguing! So I opened its 88 pages and thought, a “walk-through.”  Unfortunately, other, better-written tomes intervened and I’ve only now finished it.

Hancock starts by re-defining risks as four types: (1) tame – “straight-forward, simple, linear causal relationships” that can be “solved” by analytical methods; (2) messes: with “high levels of system complexity”; (3) wicked problems:  “with high levels of behavioral complexity”; and (4) wicked messes: in which “behavioral and dynamic complexity coexist and interact. While I like these titles better that the ones we’ve been using, I really wonder: are not all risks “wicked messes?” Do we over-simplify too many situations?

But after trudging through these redefinitions, Hancock does come up with a few zingers:

  • “Behavioral and societal aspects of risk are under-represented in risk management processes.”  True!
  • “Risk management, constructed in accordance with the rules of probability, can give the illusion of control and understanding when in fact there is only further confusion.”  We think we know what we are doing!
  • “The general perception among project and risk managers that we can somehow control the future is, in my opinion, one of the most ill-conceived in risk management.”   Agree!
  • “Risk in our world is nothing more than uncertainty about the decisions that other human beings are going to make and how we can best respond to those decisions.”
  • ” . . . remember that risk can be considered our friend (opportunity), not just our adversary.”  We must always consider the plus side.
  • ” . . . risk (is) an illusory concept that exists in the consciousness of individuals developing a solution.” It is inherently a human perception.

It is Hancock’s summary on page 88 that makes this book worthwhile. He suggests a new title — Risk Leadership — inasmuch as we cannot “manage” risk, with the following characteristics (all direct quotes):

  1. Recognizes the possibility of different outcomes and tries to ensure that risk activities are directed towards making an acceptable set of outcomes more likely.
  2. Uses concepts and images which focus on social interaction among people, understanding the flux of events and human interaction, and the framing of projects within an array of social agenda, practices, stakeholder relations, politics and power.
  3. Develops behaviours (sic!) and confidence in teams through scenario planning and team-building to identify and respond to risks and opportunities. (my italics)
  4. Understand the ‘many acceptable futures’ proposition and manages risk to produce the changes needed to achieve acceptable outcomes.
  5. Practitioners as reflective listeners (great point!). Learning and development facilitate the development of reflective practitioners who can learn, operate and adapt effectively in complex project environments, through experience, intuition and the pragmatic application of theory in practice.
  6. Applies concepts and frameworks which focus on risk management as value creation, whilst aware that ‘value’ and ‘benefit’ will have multiple meanings linked to different purposes for the organization, project and individual.
  7. Adapts the risk process to overcome major political, bureaucratic and resource barriers to develop change in behaviours (sic again!) through trust and managing expectations.
  8. Based on the development of new risk models and theories that recognize and take cognizance (sic) of the complexity of projects and project management at all levels and that the model is only part of the complex terrain.
  9. Has learned to live with chaos, complexity and uncertainty, and leads through example to a successful conclusion.

Isn’t this the beginning of a restatement of the [risk management] discipline? We can certainly simplify and abbreviate these nine points, but I see some new ideas at last. And “risk leadership” is a positive approach in contrast to the heavy burden of negativism that weighs down our discipline these days!

What do you think?

  1. January 28, 2012 at 5:31 AM

    At last, some sanity about risk management and no mention about ISO 31000. All, and I mean all of the CEO presentations to the investor community I review, talk about value creation. It is healthy to see a mention about that in #6 above and we deliver our services around value creation and value preservation (value management) so risk management is way to help get there, but not the end-all

    David Hancock must be frequent to the great London theater scene (Wicked).


  2. January 28, 2012 at 6:57 AM

    I really like the points made, but there is so much invested in our current “Complicated” mode of thinking about risk and very little in a “Complex” mode of thinking about risk. (Think of all the MSc. programs in Risk and their content) I have been talking about this for a while, and the need for more of the points above. For instance having sociologists (not behavioural economists) involved in risk management. The only thing that gets me any credibility in saying this though to my clients is that I was trained as a physicist. Ask a sociologist to bring these issues up and they get laughed out of the place.

  3. January 28, 2012 at 9:34 AM

    Could not agree more that behavioral aspects of risk have been historically ignored in preference to the mechanical, almost deterministic “rational actor” model. Societal aspects, particularly as they relate to group influence on individual values and choices, are equally under-represented. This leaves an enormous opportunity to improve risk management, including compliance risk management, simply by paying attention to what we know from the behavioral sciences and instantiating corporate cultural and management attributes that are designed to resonate with, engage and motivate actual human beings, as opposed to the homo economicus of theory.

    (And anyone who has ever leaned in their seat in order to route a baseball around a foul pole can understand the “illusion of control”.)

  4. Ck6
    January 28, 2012 at 5:14 PM

    The restatement of risk management actually began in the mid-1990’s. This was proven my my own research which was subsequently verified by an independent Oxford University study in 1998. The financial market issues of the mid-2000’s not only reset the effort, but has put the field squarely in the middle of the boardroom.

    In my opinion the correct term is Risk Management. Risk Leadership applies to the C-level effort within the organization.

  5. June 8, 2012 at 6:45 AM

    yes! love it! some day we will look back at ideas like this and realize what a dark place we have all been on the subject of risk management. Another example of this is the notion of what the best way is for organizations to improve the overall quality and reliability of risk information by perhaps co-locating safety, quality assurance, business continuity and compliance functions within a risk management house as the norm……the prospects are both challenging and exciting. These are still early days in our profession.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: