When I saw this question pop up in my “People also searched for…” list of a Google search the other day my immediate, somewhat flippant, response was: “very badly”. But the more I thought about it the more I began to feel that the answer was, as any good agile coach or scrum master would say: “it depends”.
It depends on how you evaluate a risk management system.
If you evaluate it by the presence of policies and guidelines, appetite statements, governance forums and reporting, issue and action management frameworks and risk profiles then for the most part, yes, they tend to manage it very badly. But if business is all about managing risk (and it is) and the success of your business depends on how well you manage that risk (which often it does), then the fact that at least some entrepreneurs are successful must mean that there is a degree of success in their risk management approach – even if by accident.
The thing about most entrepreneurs, in my experience anyway, is that they don’t think about risk as a thing – it is entwined in the very fabric of their business because much of the decision making is very closely held by the entrepreneur themselves. This model works for them because they don’t need a widely distributed set of frameworks, policies or appetite statements. They hold all of these in their head – not so much in a specific metric or threshold, but in a gut feel of comfort – and they use this gut feel frequently when making day to day decisions in their business. In reality, they are managing risk in their business without even knowing it.
But… – there’s always a “but” – there are two flaws with this approach – how big they are probably depends on the type of industry or business that the entrepreneur finds themselves.
One of the challenges for (and most frequent criticisms of) entrepreneurs is that they spend an inordinate amount of time working IN their business and insufficient time working ON their business. This is often due to a desire to minimise costs and they do more work themselves rather than employing staff – and that is completely understandable. What that often means, though, is that entrepreneurs often don’t have a particularly long lead time into challenges in their business because they haven’t spent the time to develop or understand the key metrics or indicators that could warn them when things are not fully on track. As a result, many entrepreneurs run their businesses in a state of persistent crisis, lurching from one potential disaster to the next. Sometimes they get it right and sometimes they aren’t so lucky. Subtle indicators that could alert them to problem areas in parts of their business that they aren’t necessarily focused on at that time could allow them to make decisions to correct or solve problems before they become crises. This results in an overall smoother operation as there is more sustained focus and attention on what matters without distraction from the latest crisis.
The second flaw with this approach is that if you are making decisions based on gut feel then your decisions will vary based on how your gut happens to feel at the time – with no clearly articulated or documented parameters. This results in inconsistency in that decision making and what felt like good decision today, may not be tomorrow. You could even end up being presented with the same, or similar, situation at different times and end up with two completely different decisions resulting in two completely different outcomes and have no idea why you did what you did.
Many businesses, small and large, pride themselves on their agility, their ability to be nimble and adapt deftly to the circumstances and obstacles that are presented to them. If you follow the principles of lean six sigma or agile or any number of other efficiency processes, you will know that they all share a dogma around minimising task switching as a pathway to efficiency in the way the brain approaches work.
I recall attending a post incident review meeting at a large organisation I was working with on one occasion and the comment was made that we should be careful to introduce a risk assessment step ahead of a significant change because the engineers were all busy and this would distract them and take up their time. I looked around the room and couldn’t help but draw attention to the number of people sitting around the table and on the phone, their roles in the organisation and what their hourly rate must be for the hour or two that the meeting was scheduled for. Robust risk assessment may be a distraction at the start of the process, but it’s not nearly as distracting, time consuming or expensive as it is to fix the problem afterwards.
The same can be true for entrepreneurs or small businesses in general. Establishing robust risk frameworks and clearly articulated appetite settings (coupled with good and regular reporting and analysis of the same) can all sound very over the top and time consuming, but often not nearly as much as fixing the problems presented after the fact because you didn’t notice a problem in time or because you lost good staff who got tired of the state of constant crisis or the inconsistency within which they were operating as the basis of decisions seemed to change from hour to hour, day to day.
Therein lies the trick to good risk management. You can’t (and shouldn’t) just lift and drop a standard solution from one business to the next. It needs to be tailored to suit the needs, the size and scale of your business and the entrepreneur is pivotal to that process – because NOBODY knows the business as well as you do.
Risk Strata is a sound risk advisor and partner that you can trust to help you work through these complexities and the process to understand your business risk, articulate your risk appetite, build appropriate risk metrics and implement right sized risk policies and processes. We specialise in supporting small and medium businesses with outsourced risk management services. Send us a message from our Contact page if you’d like to have a more detailed discussion in confidence.