"Ineffectual and impalpable Excel-drills"

Misconceptions about risk management

1. Risk management is an obscure exercise in quasi-mystical futility

In it’s most common usage, the word “risk” is often understood simply as a synonym for a failure. Even in the more measured situations, it’s understood as a proverbial promise of an eventual failure or threat. This being the case, it is understandable that the unpalatable associations the concept of risk conjures into existence make approaching risk management reluctant and burdensome.

Undoubtedly, even the most impulsive daredevil thinks twice before deliberately seeking risk, and in no situation welcomes it heartily.

Even among those who emphasise the role of reason over sentiment and intuition in the decision-making process, it’s by no means uncommon occurrence to eventually end up favouring knee-jerk reasoning over systematic analytical approaches when discussing risks. Disconcertingly often this ends up obscuring the matter and leads to more uncertainty about the simple nature of risk management. Which is that the risk management’s fundamental objective is to assure that uncertainty does not deflect the endeavour from the business goals.

It is of utmost importance that everyone demands from themselves a degree of fortitude to accept the existence of risks. And at the same time, it’s vital to comprehend that occasionally the realisation of risks cannot be avoided by any means. However, in this regard, it’s important not forget that all successful business decisions are based upon measured, systematic and calculated risk-taking, i.e. risk management.

It’s a pity that one of the core pillars of successful business practices is continuously overlooked when outlining the current business environment. Everyone involved with making business decisions should come to terms with the notion that risk is a part of the most fundamental actions any business or organisation takes every day. There are no separate risk management decisions, isolated from the core business, there are only business decisions where the risk has been taken into account or not.

2. Risk management is only an additional expenditure that doesn’t have any commercial benefits

From the previous entry, one might come to the conclusion that assessing and evaluating risks is something that doesn’t come very naturally to people and requires endless amounts of hours and effort to be actually adopted. Which would be a gross miscalculation when we consider that each and every one of us constantly, even though partly unconsciously, operates with a whole set risk definition and risk management on a daily basis. For example, when we adapt and optimise our clothing choices in accordance to weather, or when we weigh our commuting options. The most noteworthy difference to the risk management in the business environment is that the financial impacts of business risks are often significantly bigger. For this reason, it would be preferable to device a more systematic approach for such eventualities.

Unfortunately, the possible outcome of risks realizing and the awareness of this more often than not results in the overemphasised investment in security measures and disregard for as necessary contribution to the management of risks. This inclination stems from the urge to accomplish an unshaken and absolute sense of security when in reality such a thing is a virtual impossibility. No one can provide it, and there are no resources enough in the world to achieve it on any level.

This being the case, it’s easy to understand why it feels easier buy-in and pay for the sense of security rather than invest in the tools and services that enable business-oriented, managed risks to be taken.

3. Risk management is too complicated to be properly implemented

Taking into account the challenges stemming from the attitudes, mental dispositions and accustomed business practices that have been explored above, it probably comes as a no surprise that proper and effective risk management measures aren’t carried out where their value for the business is not understood. And where it is carried out only in as a reaction to a regulatory requirement due to the need for compliance, risk management is understood narrowly, as a restrictive, necessary evil that needs to be rendered away from the way of the actually profitable manoeuvres. In doing so, of course, all essential risks end up managed, but all the potential benefits and new business prospects that can be derived from them are missed.

It could be said, that there is a highly probable risk that the benefits of risk management will not materialise. The reason for this is the lack of understanding between the risk management experts and the uninitiated decision-makers, managers and even staff.

Fortunately, the situation is in no way insurmountable. There are valid, accessible and effortlessly adaptable solutions for rectifying this state of affairs. The implementation of these ideas is possible as soon as the cohorts of risk management experts orient themselves to do risk management for the benefit of their employer, instead of a solitary exercise performed for its own sake, or for the sake of the risk management community. The potential of risk management is only manifested when it is put in to practice.