A concept I learnt to apply only failry recently in life, is to embrace mistakes. This life adjustment came with night sweats, hightened anxiety and plenty of tears- but it noticeably adjusted the way I work and interact with people for the better and garnered surprisingly positive results. Being right is easy, it makes us feel justified and gratified. But being wrong is everything we are told not to be in life and at work, it’s against the grain- reconditioning is incredibly hard. The catalyst for me was reading Kathryn Shultz book- “On Being Wrong”, which will continue to be a reference to me in work and life. I have become a huge advocate to admitting failure where it’s due, learning from failures, talking about failures and finding ways to handle failures better.

Why is this important for Risk Managers? It’s failry obvious really- risk management is about uncertainty and potential failures. If a RM has no confidence in rising to meet these failures, if they feel undermined by hierarchy to influence potential failures then it’s unlikley they will add any value to managing risks. By no means am I an expert ‘wrongologist’, it’s not easy and at times still rather daunting; but I can say that it has allowed me to see and appraoch everything I do with far more confidence, clarity and foresight than I ever had before.

So challange yourself to say- “wow that was a real f-up, how cool!”, then break it down and create a new way to avoid the mistake in the future. It’s going to be hard and you’ll be scrutinised and possibly called into meetings with the big bosses, but by cultivating a positive culture around mistakes it should organically flow into a positive culture towards risk management.

Watch “On Being Wrong” on TedTalks by Katheryn Schultz:

The more time I spend reading about risk and talking to people about risk, it is obvious that most organizations and people don’t speak the same risk language. This poses a number of (fairly obvious) problems in risk management. But more on that another time, for now let’s start at the beginning:

To date there is no agreed definition of the concept of risk (Aven, 2012). The etymology of ‘risk’ opens a myriad of interpretations and points to significant issues for organizations attempting to create risk reports or set out risk mitigation strategies. According to Althaus (2005) the origin of the word ‘risk’ is disputed in both literature and in the detailed analysis provided by the Oxford English Dictionary, which described thirteen definitions of the word across cultural origins. For example, the French risqué: danger or inconvenience, predictable or otherwise; the Spanish riesgo: conflict or disagreement and the Arabic rizq: boon, lot, chance or fortune. Never mind standard definitions, there are also different philosophical associations to the term- Thompson (1986) describes 5 of these associations: subjective; objective; real; observed and perceived. According to Slovic (2000) “human beings have invented the concept of ‘risk’ to help them understand and cope with the dangers and uncertainties of life”. One can argue that the natural human need to survive includes certain risk avoidance measures, the innate part of our everyday response to staying alive is not an invention in itself.  And let’s not forget the opportunities risk-taking has and will continue to provide us. This is certainly essential both in personal and business advancement.

Because of the dynamic use of the term, companies have attempted to standardize the term ‘risk’ over recent years. The most recognized is that of the International Organization for Standardization (ISO) which outlines risk as “the negative effect of uncertainty on objectives” (ISO, 2009b). Although they provide a basic guideline, you need to go a step further and ensure that the definitions of ‘uncertainty’ and ‘objectives’ is sufficiently understood in your organization as well. A description I particularly like, is provided by Douglas Hubbard who defines risk as a “state of uncertainty where some the possibilities involve a loss, injury, catastrophe or other undesirable outcome.” Hubbard continues to explain that ‘uncertainty’ is the one true outcome which is not known and that there is existence of more than one possibility. This use of ‘uncertainty’ seems to work well as a foundation of what a risk is as a concept; ‘uncertainty’ is less complicated- most people know what is certain and what is not. Even when we know risks to be a certainty, we won’t know their timing or impact for a fact until they occur, and therein lies the uncertainty. If risks are known, good decisions require logic and statistical thinking whereas if some risks are unknown or there is uncertainty, good decisions also require intuition (Gigerenzer, 2014).

Aven (2012) hypothesizes that there has been a gradual change from narrow risk perspectives to broader non-probability based definitions between risk as a concept and how it is measured. ‘Risk’ is then either the uncertainty that the activity has some undesirable consequence or the activity itself. Researchers continue to attempt to lock down the best definition of risk or at least explain the concept best, but till this day concepts and the term ‘risk’ are a source of considerable confusion, even among experts in the field (Hubbard, 2009).
So ‘risk’ is highly subjective and often an emotive, fear driven construct. It can be considered either positive or negative, a noun or a verb (Aven, 2012). The question then to organizations is how do they ensure that what they are saying and meaning is being interpreted the same way by their staff and stakeholders? Can you see the issue of embarking on risk management without defining your risk language first?