All Posts in Strategy and Tactics

|In: Policies and Procedures|Last Updated:

President Donald Trump, at a March 19th briefing, said, “Nobody knew there’d be a pandemic or an epidemic of this proportion.”

This is not an accurate statement (see, for example, last year’s Worldwide Threat Assessment of the US Intelligence Community, 1/29/2019), which, given President Trump’s falsehood rate of 15 per day since taking office shouldn’t be all that surprising.

And yet, in Donald Trump’s defense (you have no idea how hard it was to type those words) …

But before we get to that, here’s a quick recap of how organizations plan their risk responses. It isn’t, in principle, particularly complicated: Risk managers:

  • Establish their planning window.
  • Enumerate the relevant risk categories and specific risks.
  • Estimate each risk’s probability of occurrence within the planning window.
  • Forecast the harm should each risk become real.
  • Determine the logical level of investment for dealing with each risk.
  • Decide which of the four responses to risk is most logical (or are most logical — combinations are allowed):
  • Prevent, also called “avoid” — reduce the likelihood of the risk becoming real.
  • Mitigate — reduce the harm should the risk become real.
  • Insure — for a fee, share the financial harm that occurs when the risk becomes real with a third party.
  • Accept, also called “hope” or “ignore” — do nothing.

Speaking of risk, I’m taking on quite a bit with the above analysis, namely, that members of the KJR community who are more knowledgeable about the subject will blister me for such a ghastly oversimplification. If you’re among them, please share what you know in the Comments.

Where was I? Oh, yes, the Trump administration’s response to the threat of a pandemic, which was to ignore it, in spite of, as explained last week, its statistical inevitability.

Among the questions this raises: How many businesses insured themselves against the threat of a pandemic, prevention being impractical for your average business, and mitigation … for example via supply chain diversification … having severe scope limitations.

My guess: Not many.

The plain, sad fact of the matter is that most businesses, most of the time, have to accept more risks than they respond to through prevention, mitigation, or insurance. Among them:

  • Nuclear war.
  • Stray asteroids.
  • Your sole remaining IMS expert calls in rich from the Caymans.
  • Malware invades the GPS system, resulting in randomly calculated driving routes that disrupt shipping for your products and supply chains.
  • IT’s planners didn’t know their predecessors “solved” their Y2K problems through the use of a “pivot year,” which solution expired last year (and thanks to Al Vyssotsky for bring this to our attention in last week’s Comments).
  • The company you outsourced IT to pulls an Enron and goes toes up.
  • A voice in your CEO’s head tells him to slaughter the rest of the executive leadership team with a machete during its annual planning retreat.
  • Mutant chimpanzees declare war on humanity.
  • Two words: Disco revival.

It’s something you can count on: The next risk that turns into reality will, in all likelihood, be a risk you Accepted because, like most businesses, you can’t afford to plan for every risk you can think of; probably you can’t even afford to plan for all the ones you know are serious and likely.

Does this mean risk management is a pointless discipline? Of course not.

But along the way to effective risk management, before making specific plans for specific risks, should be commitment to these management basics for any Accepted risk that had the poor manners to become real:

(1) Don’t deny; (2) focus your best experts on the problem, whether or not they occupy the most appropriate boxes on the organizational chart; (3) give them whatever resources they say they need without quibbling or negotiating; (4) clear away any institutional roadblocks they bring to executives’ attention; and (5) set the right example — shut down any and all attempts to blamestorm the cause of the situation.

While your experts dig in, you and your fellow leaders should be communicating honestly and directly with employees about what’s happening, what the company is doing about it, and what to expect, to the extent you’re in a position to know what to expect.

Meanwhile, I’m going to take my own advice about not blamestorming our current situation.

No matter how hard I have to bite my tongue to take it.

# # #

But feel free to bait me in the Comments section!

Comments

|In: Cognitive Enterprise|Last Updated:

Think of this as KJR’s pledge week.

No, I’m not asking for donations. I’m asking for your time and attention before you let yourself read this week’s missive.

Specifically, when I decide what to write about each week I’m doing too much guessing based on too little information. I’m asking you to let me know what you’d like me to cover this year in KJR, and, almost as important, what I should be writing about so your non-KJR-subscribing colleagues would find it more compelling.

One more thing: My ManagementSpeak inventory is running low. After 23 years of one a week it’s entirely possible there just isn’t all that much more bafflegab to translate. So instead, if you don’t hear something that deserves the ManagementSpeak treatment, send me your favorite quotes instead.

I will ask you to apply one filter on these: As with all things KJR I’m looking for what’s off the beaten path — dictums that haven’t yet been widely discovered but deserve to be read by a discerning audience.

Okay, that’s enough Pledge Minute. Back to this week’s KJR.

—————————————-

The private sector has discovered data. Where a decade ago, business leaders were encouraged to trust their guts, they’re now encouraged to trust their data scientists.

It’s role reversal. Back then, governmental policy-making was heavily data-driven. As Michael Lewis (no relation) explains in The Fifth Risk, an extensive, intensive, and essential responsibility of many cabinet-level agencies is the collection of highly valuable data and managing the databases that contain them.

Just in time for businesses to invest heavily in data collection, management, analytics, and interpretation, the federal government is shifting much of its policy-making to a more instinctive approach, and in doing so is shifting budget and resources elsewhere.

Here at the Keep the Joint Running Institute, the Joints in question are organizations of all sizes and shapes; our charter is how to keep them running. As a general rule we (and that’s a royal we) stay away from political matters. Politicized matters? In bounds whenever they’re relevant.

And so (you were wondering when a point might emerge, weren’t you?) as your organization, for all the right reasons, embraces data-driven decision-making, here are a few cautionary notes you and your colleagues might find helpful:

Culture before tools: If you’re a longtime subscriber you’re familiar with the idea that when trying to institutionalize data-driven decision-making, a “culture of honest inquiry” is a prerequisite for success. In case you aren’t, the principle (but not its achievement) is simple: Everyone involved wants to discover the right answer to each question, not to prove themselves right.

Solving for the number: A culture of honest inquiry is what enlightened leaders strive for. While still on the journey, though, be on the lookout for someone using these new, powerful analytical tools to manipulate filters, choices of statistical techniques, and thresholds to support their pre-determined preferred result — for ammunition, not illumination.

GIGO: “Garbage In, Garbage Out” was widely recognized back when IT was known as the Data Processing department. That Big Data lets organizations collect and manipulate bigger piles of garbage than before changes nothing: Before you release your data lakes into the watershed, make sure your data scientists assess data quality and provide appropriate cautions as to their use.

Ease vs Importance: When it comes to data, some attributes are easier to measure than others. Even professional researchers can fall prey to this fallacy — that hard to measure means it doesn’t matter — without the blind spot ever quite reaching the threshold of consciousness.

Interpolation is safer than extrapolation: Imagine a regression analysis that yields a statistically significant correlation. And imagine that, in your dataset, the lowest value of x is $20 and the highest value is $200. Predicting the outcome of spending $40 is a pretty safe bet.

Predicting the outcome of spending $10 or $300? Not safe at all. Straight lines don’t stay straight forever. They usually bend. You just know where the line doesn’t bend — you have no idea where it does, and in what direction.

Machine guts need skepticism, too: Machine learning depends on neural networks. It’s the nature of neural networks that they can’t explain their reasoning — mostly, they’re just very sophisticated correlation finders. They’re useful in that they can plow through a lot more data than their human counterparts. But they’re still correlations, which mean they don’t imply causation.

But of course, to us the unwary, they do.

Courage: Take a timid business — more accurately, a business made timid by business leaders who consider avoiding risks to be the pinnacle of business priorities. Now add data and analytics to the mix.

What human data scientists and their AI machine-learning brethren do is spot potentially useful patterns in the data. These patterns will sometimes suggest profitable actions.

When all is said and done, when a pattern like this, along with the potentially profitable actions, are put in front of a timid business leader, much more will be said than done.

It’s unfortunate but not uncommon: Taking action is inherently unsafe, an insight that’s true as far as it goes.

What it misses: Playing it safe is usually even more of a risk, as competitors constantly search for ways to take your customers away from you.

Play it too safe and not only won’t you take customers away from them. You’ll fail to give your own customers a reason to stay.

Comments