#LoungeTalk: The myth of rational risk management
In the last weeks a topic kept "popping up" on my desk that I'm especially interested in: Rational and irrational behavior in all its aspects. My favorite reading on this is the fantastic book by Dan Ariely "Denken hilft zwar, nützt aber nichts!". I do not know the English title but there are several books by him on irrational behavior when taking decisions and Dan is showing great examples of that.
Having read in this book during travels I stumbled about an article in the German newspaper Handelsblatt during breakfast titled "The myth of a rational enterprise". The common dogma they said that an enterprise in a free market economy always has the goal of maximizing long term profit can be refuted by several experiments and observations - for example may companies have strategic advantages by not optimizing profit. And often other less rational considerations are prominent. A board member in automotive was cited: "Let's be honest, officially our goal is profit. But if we lose 0,1% market share heads will roll, if profit goes down 20% nobody cares!"
Another irrational behavior I stumbled across was in an article on cloud computing and changes coming with it. A company spokesman said: "We will never give the data about our development out of the company, that's to great a risk!" Well there are two things to be said about this, first security level in a controlled environment like a cloud provider is usually much higher than in any company network I have seen. And secondly the same company was giving all their sales information to salesforce.com - the risk of losing money here in this case was much higher than loosing a little bit of ever changing source code (which by the way is already offered in China on DVD for little money).
I felt that's like my day-to-day experiences concerning risk management! Very often I encounter strange discussions and observations with regard to company risk. I will try to give you an analogy I found outside business on an blog called "Nothing for UnGood" about German quirks from an American perspective. (very nice blog by the way) One post was about the German Autobahn and related behavior in which I found many parallels to enterprise risk management and the attitudes towards it.
Just think about it: We have an environment where we are allowed to drive as fast as possible without limits. Maximum profit. But as we are (as Germans by definition) caring about our environment we always feel bad when pressing the accelerator down because of gas wasted and environment polluted or worse hitting an unfortunate fox crossing our way. We also feel very strongly about security so we install a lot of signs that tell us how fast we should drive safely (blue ones) or how fast we are allowed to (red ones). Internal control. And in addition we put up black ones next to the road telling us what happens when we drive to fast making us all feel bad when trying to get home to our family after long business days. But still we need around 400.000 green clad people to control our traffic. Audit.
Does this ring a bell? Feel like you have something similar in your company? Unfortunately I do not have a lesson learned for you on this rather than accepting this part of reality and finding ways to work around it. But I hope you enjoyed reading my two cents … have a good week!
Ah, and if you still look for more reading: www.grc-lounge.com!