Aimed at project professionals at all levels of experience, a packed audience attended an excellent interactive presentation at the BAWA Leisure complex in Filton, Bristol on the evening of 20th June 2018. The presenters for the evening, Will Foulds and Phil Jakubowski, explored how the risk management discipline has changed during their careers. The presentation delivered a range of excellent insights on the emerging trends they are currently witnessing in the marketplace against a setting where risk management is now seen as a significant enabler of decisions and no longer just about ‘tick-box’ compliance.
Time for Change
Will explained that a great deal has been achieved by the ever-growing army of risk practitioners, yet this advancement has not been plain-sailing, and arguably, the discipline has not advanced or matured at the pace that it should have.
Traditionally, implementing risk approaches and solutions particularly in large public organisations isn’t easy and can very often be an emotive topic. When you also consider that the backdrop to applying ‘fit for purpose’ risk management is one of an ever increasing demand for efficiency, greater communications and better management of increasing project complexity, the need for improved levels of risk-based situational awareness for decision-makers and project assurance are even greater. Given these challenges, it was stated that ‘risk management is the answer’. But what is the question? Perhaps now is the time to look at new and innovative ways of answering the question on the assumption that risk management must be a key contributor to effective business change and it must deliver in terms value-add and enabling the optimisation of business benefit.
Phil explained the underlying characteristics of the very thought-provoking risk comparison graphic below. The graphic reinforced the differences between the current ‘assurance’ focused risk management ‘RM1.0’ for external stakeholders where risks are managed very directly and specifically, and the ‘RM2.0’ ‘decision-support’ approach where focus is applied to achieving organisational and project objectives, and making decisions with risk in mind. Quite a shift in approach but it makes perfect sense when you think about it.
Insights and perspectives
Both Will and Phil explained the concepts and characteristics behind a range of new risk perspectives. The following list provides a general summary of some of these views from the presentation.
- Making risk-based decisions are best made with consideration of backward-looking performance, current situational awareness and future uncertainty;
- We must generate meaningful information from collected data to support improved decision-making. Information must be used at the right time by the right people;
- Where we decide to respond to risks, the responses must become part of the plan;
- You can’t look at life through a straw! A portfolio, top-down approach is required where multiple projects can manage parts of the same risk if necessary with ownership at the right levels, described as ‘portfolio-isation!;
- Risk isn’t a stand-alone process, it must be integrated in to the fabric of all project and business change scenarios and activities;
- Manage the business with risk in mind;
- The project or programme setting and context are crucial as the risk approach will be set by the environment, stakeholders, compliance and surroundings;
- Risk information and assets must be visual, accessible and consumable;
- Decisions, decisions, decisions! (see the graphic below);
- The use of the right (and simple) language is very important. Getting it wrong can turn people off e.g. ‘cruciality’, ‘correlation’, ‘criticality’;
- Risk data is very often static. Risk solutions must encapsulate the need for more dynamic and visually stimulating views and perspectives through the use of technology. Decision makers need information but it needs to be in a format they understand;
- We must embrace generation Y, those who have an innate use and familiarity with communications, media and digital technologies, so that we can use data in more informative and efficient ways for the future;
- There is too much focus on risks events rather than uncertainty;
- There is a need for a fundamental change in mindset; and
- New techniques around systemic issues, testing assumptions and scenario based SRAs are likely to be more beneficial to projects and programmes than simply focusing on specific risk events.
To be frank, there were lots of take-aways for the audience to think about back at the desk. Overall, risk management is fundamentally changing. It is now seen as a significant enabler of decisions and no longer just about compliance. There is also a realisation that risk and uncertainty are different commodities and therefore have to be addressed in different ways. Furthermore, is there really a need for complex documentation, registers, tools and databases? Surely a flexible schedule risk analysis and simple modelling approach with easy to consume graphics offer the best value? Importantly, the risk mind-sets of investors, customers and users are also changing; from managing risk events to managing uncertainty that matters, from compiling data to analysing information, from ticking boxes to enabling decisions and from ‘what are the risks in my project’ to ‘how risky is my project.
There is a fundamental need to redress the balance between compliance focussed risk management and decision focussed risk management.
It’s all about mindset
Ultimately though, there is a real need for a fundamental shift in mindset and behaviour in and around the risk management discipline and competence areas and, very importantly from a customer perspective, understanding the exam question and being able to derive clear, unarguable and relevant answers by embracing new and innovative techniques and approaches that deliver what is actually needed.
The presentation given by Phil and Will can be viewed on the APM SlideShare page or as shown below.