The Evolution of Risk

Since I last wrote, I have interviewed three companies and have learned all about their risk models.
The companies included a large well-known communications company, a large highly technical corporation and one very well-known cancer charity, of which we will call company x, y and z respectively.

All three companies have a process in place that roughly mimics the PIMs (Probability/Impact Matrix) model. Company x had the most formally developed model and was seeking ways to be more flexible and provide their employees with the opportunities to allow for individual management of separate projects. Company y has a less formal approach to risk management, but there were still some processes that had been developed to get the message to executive management. Company z, the charity, had the least developed risk management system, yet it still found a way to successfully stay out of trouble. The conclusion? All models seem to work to some extent! So, how what do three very different risk models have in common, that equal success?

This is where the topic of risk almost broaches the science of psychology. If people inherent in a culture are tasked with a project, regardless of the level of formality of their risk model, they will take responsibility to make sure it gets done with a modicum of safety measures. They will protect their own. The only time risk becomes potentially damaging is when those risks are imposed on the environment unbeknownst to the people responsible for its execution. In short, the issue of risk, boiled down to its lowest denominator, is in fact, an issue of communication.

How you facilitate that communication is what is up for debate, and is the area in which best practice effort should be placed.

Risk Management is only as good as its organisation’s communication channels. Generally speaking, as long as executive management is made aware of every risk in the company, they will have control of insuring these risks have mitigation strategies in place. Furthermore, it is the top-down communication, from the executive level down to the divisions, that will enable those divisions to either protect the firm from those identified risks or expose them to dangers. Here is where we encounter a simultaneous need for bottom-up communication – those divisions must be intelligent enough to report the risks that are posed through their activities. If not, the risk can go undetected, leaving the company open for potential threat.

Executive management must also encourage risk management throughout the organisation. Without this expectation on its divisions, even the most risk-savvy in house lawyer will have his hands tied. For example, with one of the companies I interviewed, their executive management did not welcome any input form their divisions but made their own isolated assessment as to what the company’s main risks were. If a particular division thought that one particular risk was worth flagging, they could make the extra effort, but then they themselves risked being put on the spot and perhaps criticised for taking up executive management’s time for something that they thought was important. To me, this is an obviously narrow view and one that can easily cause the company to overlook risks that either pose significant risks or opportunities.

In order to get your divisional input heard at executive level, there must be an identified pathway to counsel them. If a division has to pave its own way and are expected to do so, it is arguably the fault of executive management if something goes wrong. However, let’s not get negative here. One must keep a positive outlook on things. So, if you are part of an organisation that expects you to spoon a tunnel to them, perhaps through gentle coercing you could help them see the need for their efforts as well.

The conclusion to all of this is that communication is a two-way street, it takes two to tango. What goes up must come down. The main tool that is needed to accomplish successful risk symbiosis is language itself – the parties involved in a risk dialogue must be speaking the same language. Has your organisation spent time establishing common parlance for high risk and low risk factors and how to measure or detect them?

In House Legal Departments and Risk

My next project is to work on a best practice guide for in house lawyers that focus on the difference between legal risk and commercial risk. What’s the fundamental differences? Mainly perspective. Legal risk is everything that considers the legal implications of a decision (like a project or any action). For example, if you decide to open an office in China, the knowledge of the regulatory environment will give you a very clear idea of what’s legally possible and what is off the menu. Commercial risk involves the risk associated with a product or service and the decision to put it out to market. For example, if you are a toy manufacturing company and decide to issue to new girly doll for children ages 8-11, the implications could be that you risk cannibalising any other offerings you already have out to that market, or that perhaps you are spending time and resource on a product that has not necessarily proved it can achieve expected ROI.

The problem with in house lawyers is that they are fluent in legal risk but barely proficient in commercial risk. Or, more apt, their focus dwells in the legal risk arena and rarely wanders over to the commercial risk side. There are missed opportunities all over this reality.
For starters, aside form your Risk department, I can’t think of any other corporate animal more designed for Risk analysis. Lawyers have genetic make-up to detect risk and sniff out the holes in any plan. If given the opportunity, I’m sure they’d be able to apply that same instinct in a commercial capacity. But, in order for them to be able to do this, they first need some support.

First, in house lawyers need to feel an expectation from the organisation to offer strategic insight. Whether this is the In house lawyers fault or the CEOs is not the point. Both can make an effort. The in house lawyer can work to offer an opportunity for every negative impact identified, and the CEO can open the floor for the lawyer to put forth his or her strategic ideas.
Second, whilst trolling through the in house lawyer’s usual pile of work, a forma risk model can be applied, which practically forces them to consider what opportunities can come out of negative risks that are being identified. This is a super important point and one I am learning most in house teams do not adhere to. If you do one thing, make sure that your team is using a basic risk model to assess projects. Ask your risk team to help you create one or learn PIMS (Probability Impact Matrix) so you can start speaking the lingo.

Lastly, what may need some work on the in house lawyer’s behalf is revamping their internal brand image. Let’s face it; entrepreneurs in the company don’t want to speak to the lawyers in their initial thought-phases because they are afraid their ideas will get poo-pooed from the get-go. Resist that urge! Identify the entrepreneurs in your company, invite them out for coffee and let them know that you want to help them, or maybe learn how you can support their good ideas. Encourage them to engage with you by engaging with them.

The areas that are still a little unclear for me are, the difference in how in house lawyers see themselves regarding strategy in the UK and the US – I know that in many US companies, the GC is the CEOs right hand man, often hands deep in implementing projects and not just drafting terms and conditions, whereas UK lawyers seem to be more the latter. Is this a cultural barrier or one which in house lawyers prefer in the UK? What is preventing in house lawyers in the UK to take a more strategic position in their companies?

Second, in terms of risk models, I am putting feelers out all over the place to find examples of ones that work. PIMS is a great basic model, but where are its derivatives? What companies have impressive risk models that show a direct impact on the company’s performance?

If you have any thoughts on this subject, please do get in touch.

Managing Partners/CEOs and Performance Management

It is time for industry to realise that performance management is not a concept of dangling a generic carrot in front of a team of multi-skilled workers, but a specialised process that should seek to perfect the ratio between organisational goals and individual skill set and task. For partnerships, Managing Partner/CEOs are in prime positions to either hinder or help the performance management process in their firm. They can either empower the process by supporting and valuing it firsthand or neglect it and let it wilt.

There is no doubt that Performance Management processes can offer tangible rewards, despite its traditionally fluffy reputation. Today, the concept of performance management is capturing the attention of mainstream headlines. The Harvard Business Review, for example, ran an article in June 2006 entitled ‘The Destructive Potential of Overachievers’, which emphasised that in the global economic climate of today, managers must be clued in on what motivates their staff, and provide appropriate incentives for them to achieve optimal performance. Delivering to employees motivational expectations will ultimately achieve the performance target every organisation idealises. The case for performance management is that it is premised on a foundation of people, and in order for it to work, organisations must pay attention to each individual’s motivation as well as their skill set. This point beckons new light on the firm’s relationship with its marketing and HR functions, but that’s another story (which hopefully I’ll pick up on that thread in near future).

As leaders, Managing Partner/CEOs can either initiate or support a performance management process that focuses on both personal motivation and skill set. What is required from them is formal support, which can include assessing the current performance management process, designing a new process that works, liaising with human resource professionals within the firm and, on a broader level, understanding how performance management ties into the wider operations of the organisation, including that of knowledge management. Whatever the trajectory your firm chooses, valuing clear communication, recognition and reward, equality, development and progression throughout, are all essential success factors to sustain.

Unfortunately, for those Managing Partner/CEOs with gruelling and demanding schedules, there is no cookie cutter performance management solution. Direct involvement and support of your HR staff is essential, as well as your public approval of the initiative. The reasons for this are twofold: your knowledge of the firm as a whole can allow application of the bigger picture to ensure a successful performance strategy, and the inherent power in your position will undoubtedly direct much needed attention in the right direction.

Attention lingers in the area where HR and Marketing meet with the management who spearhead Performance management initiatives – how do these dynamics affect the outcomes of quality of staff retained?

Performance equals knowledge

I am currently working on a best practice guide for Managing Partners on Performance Management, and one of the most interesting points I have stumbled upon is from a consultant named Chris Lukes who said: "Performance Management, in the traditional sense, is obsolete. The progressive debate is now about Work allocation, how to manage talented people who expect to be partners, but who can't be because the business model does not allow for the numbers, and also if you want to keep talent who can't be partners, how can you do it? Firms need to make their career ladders transparent to prospective talent, let them know what they are getting and allow them to construct their own leanring platform within the firm and that platform needs to be supported by the firm. Who's dealing with what and how to allocate work considering each individual career path is the right way forward. You can really only do this with an accurate inventory of individual career goals and a performance management system that makes things transparent within the firm." Considering this, I am beginning to realise that the broader picture is really about Knowledge Management. the art and science of organising information so that it can improve processes is headlining practically every industry I can think of, including public sector. The fear of knowledge management and performance management being classified as 'fluffy' areas is quickly dissipating as more and more firms champion big projects in both arenas and reap the reward, which believe it or not, does show up on their bottom line alot quicker than one would expect. If done properly, the spedd of internal buy-in from the firm is incredible. The key for firms to cash in on these areas is to make sure they are doing it right. This means they need to consider the concept of Change Management while implementing any new process or function. I have decided to open this blog to record my illuminations as I study and create best practice guides for our network, and I also hope to connect with like-minded people and hear their questions, theories and hypotheses. Stay tuned...