Home > Risk > Why do some take risks while others do not?

Why do some take risks while others do not?

February 4, 2016 Leave a comment Go to comments

Every time you breathe, you are taking a risk – but usually, the potential for harm is greater if you don’t breathe. (There are exceptions, such as when your head is under water without a breathing mask.)

Every time you make a decision, you are taking a risk – creating or modifying the level of a risk.

So we are taking risk all the time, in pretty much every facet of our personal and professional lives.

But, I think we all know that when faced with the same situation, some will act one way and others another way.

They may have assessed the risk differently (if they go through that process). They may have made different decisions as to whether the risk is acceptable, and also which fork in the road they should take to address it.

Yes, it’s fine to have defined risk criteria or appetite statements, but they rarely cover every decision or action that a manager has to take. So the manager has to make the decision based on what he or she thinks best. Again, different people will make different decisions.

A number of experts will point to risk culture as the answer. They seem to believe that some organizations are more risk averse than others.

But organizations are composed of people: different people in leadership roles, with different backgrounds, experiences, and bias. Organizations are not homogeneous. In fact, sections of an organization are not staffed with people who are identical in their attitude towards risk.

For example, if a decision has to be made whether to select vendor A, B, or C, or a combination of the three, different people are likely to make different decisions. Manager X may have had a bad experience at another company with vendor A, while Manager Y used to work for them. Manager Z may have lived through a disastrous experience where the sole source vendor failed, so he will opt for a combination of two or more vendors.

Manager Z may have suffered a loss on the stock market that affects his desire to take risk, while Manager X has just heard he is a grandparent again. Their state of mind can influence their risk decision.

It’s not only that different people will make different decisions in the same situation, but each one may make different decisions at different times.

This is important, because as risk professionals we want to obtain a level of assurance that decision-makers will take the level of risk that top management and the board desire.

It’s not just that we want to ensure people don’t take too much risk; we want them to take a desired level of risk. If managers don’t take risk, the organization will die.

We need to know the temperature and overall health of the organization and its decision-makers.

  • Who are we relying on to take the risks that matter most to the organization’s success?
  • How can we obtain assurance that they understand the desired level of risk?
  • How can we obtain assurance that they will act as we desire?
  • How will we know when their risk attitude changes?

A periodic survey will, perhaps, give you a moment-in-time view. But, people change. Managers and executives leave; new ones join; people’s perspective and desire to take risk changes – especially if they see their compensation or termination likely to be affected by their decision.

This is a complex issue that risk professionals need to understand and then assess within and across their organization.

Richard Anderson and I will be discussing this in our Risk Conversations coming up in April in London and Chicago. Details are at www.riskreimagined.com.

In the meantime, how do you address this?

How do you know that your decision-makers will take the desired level of risk?

  1. Richard Fowler
    February 5, 2016 at 5:47 AM

    How do you know that your decision-makers will take the desired level of risk? That’s a very good question! The bottom line is, you don’t. Instead, you rely on the fact that they have made the appropriate decisions in the past and should continue to do so.

    There may be outside influences that change the decision maker’s perspective, and we can monitor such aspects as their family circumstances, the overall economy, related-party transactions, local crime reports and random drug testing, all of which may reflect some of those influences. But unless we are willing to have every decision made by a committee, we are unlikely to have much documented evidence of what prompted a particular decision.

    As auditors, we are fond of saying that “Trust is not a control.” But for a business to run smoothly, there must be an aspect of trust between the board and management and between management and the employees. And while we also like to say “Trust but verify,” some decisions can only be validated in retrospect and by the decision maker’s own description – there may not be an independent verification available.

  2. February 5, 2016 at 10:28 AM

    How do you know that your decision-makers will take the desired level of risk?
    By determining how successfully objectives are being achieved.

  3. February 9, 2016 at 2:59 AM

    Finally human side of risk management gets the attention it deserves. Very well written Norman.

  1. February 6, 2016 at 11:17 AM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: