Michael D. Moberly    May 12, 2015   ‘A blog where attention span really matters!’

In my corner of the business world where 80+% of most company’s value and sources of revenue lie in – evolve directly from IA’s (intangible assets), it’s routine for me to cross paths with very astute, experienced, and financially successful company management team members (c-suites). Somewhat ironically, at least through my lens, many quite cavalierly express the view that it’s impossible to eliminate all (business) risk. I have come to interpret, quite correctly I believe, that mantra is symbolic of the subjective manner in which many c-suites treat risk.

My response to such views is usually to politely hedge a little by suggesting it is possible to mitigate a large percentage of most business’ risk! However, and here comes the hedging part, the resources a company may have to dedicate – reallocate to a (risk) mitigation initiative, and the resulting restrictions, subjective as they may be, would likely be embedded with some untenable impracticalities.

Regardless of how subjective risk mitigation may be, at least how I see it being practiced. Few organization decision makers would knowingly assume risk mitigation practices that would…

• impede operation effectiveness and efficiency or disturb the flow and integration of IA’s,
  • particularly intellectual, structural, relationship, and competitivity capital.

Any company doing so would rapidly find its viability, profitability, and sustainability substantially undermined, if not ‘go to zero’, unless of course, those assets were transferrable.

Through my lens, there are a significant, but actually unknown percentage of companies in which their tolerance – appetite for risk…

• varies over time and is often circumstance – transaction specific, i.e., influenced by…
  • the products – services a company produces, delivers, and its target customers.
  • the perceptions – beliefs held by c-suites and boards regarding business risk climate.
  • a prior adverse experience or shared anecdote from another company.
  • the manner and locations in which a company interacts with – engages its primary markets, i.e., customers, supply chains, and myriad stakeholders.

According to Dr. Marc Siegel, a globally respected organizational resilience specialist, there are ways to measure and assess a company’s tolerance – appetite for risk. Most, Siegel says are dependent on their

1. Experience, e.g., the confidence level held by company management teams’ acquired largely through their familiarity with current and over-the-horizon risks, coupled with their (perceived) capabilities to effectively manage (prevent and/or sufficiently mitigate) such risks.

 2. Resiliency – e.g., if or when a significant (business) risk materializes, are there policies and practices in place to (a.) mitigate – minimize the criticality produced by the risk, and (b.) rapidly return the company to a state of operational and financial – revenue normalcy in a reasonable time frame before risk resiliency is irreversible. Achieving such a desired level of risk resiliency includes minimizing the fragility and vulnerability of company’s – business unit’s intangible assets, particularly intellectual, structural, relationship, and competitive capital for the duration of the risk event.

A related question I routinely pose to management teams, focuses on how they (presumably) achieved consensus to accept or tolerate particular levels of risk relative to a specific transaction, new venture, strategic alliance, etc.?  The answer is frequently some variation to the proverbial…

‘risk is an inherent feature of doing business and all successful business persons are inherently risk takers’.

I approach business risk a little differently in terms of understanding why and how I may respectfully influence management teams, boards, and c-suites, already inclined to have a greater appetite for – tolerance of certain (business) risks and not others. I find it’s frequently due to…

• types and levels of risk are subjectively measured – assessed to be low, in terms of vulnerability and probability, but extraordinarily high in criticality,
  • making the cost of mitigation, i.e., risk transfer, etc., exceed potential (prospective) benefits, thus self-insurance or elevated tolerance for risk appear to be the prudent, near term option.
• the asymmetric nature of business risks, i.e., their magnitude, frequency, criticality, and cascading potential, while factoring the type of product or service a company produces, is beyond the capabilities of most to consistently prevent or mitigate.
• companies’ anticipated – projected business opportunities associated with assuming a certain level of risk, outweigh risk exposures to the point that a management team can justify – rationalize executing a particular transaction or new initiative and therefore assume a substantial portion of the risk.

(This post was inspired by the work of Dr. Marc Siegel and his work related to organizational resilience on behalf of ASIS International.)