Call for Examples: Bad Risk Management Decisions made by Executives

turbyfillI am soliciting real examples, suitably camouflaged, in response to this post.  Examples can be of decisions made by a variety of people with a known motivation (i.e. well-intentioned, malicious, irresponsible) or an unknown motivation.

Included below is an excellent blog post about flaws in Decision Making from an IEDP blog.  In true HR and non-threatening consultant style, the analysis assumes that the decision maker is well intentioned.  I have certainly seen people, who are sincerely doing the best they know how to do, make flawed decisions.  However, the world has its share of thieves, psychopaths, addicts and simply unethical people who make harmful, if not disastrous, decisions.

From my own experience, I can attest that truth is stranger than fiction.  I will include one real-life example from my own experience (where the names have been changed or omitted to protect the guilty).

Once upon a time, there was a Vice President of a Division, (pseudonym Fosco), who shut down a QA person, (pseudonym Jester),  by pulling him into a conference room and telling him to stop bringing up issues with a certain product.  Fosco informed Jester that he was just biding his time until retirement and did not want to be bothered with problems.  Some time later, Fosco was quietly fired because he had been funneling consulting money to a firm in which he had an undisclosed interest.

In the aforementioned example – seeing someone actually get their just deserts is a welcome, but very rare, outcome.

An excellent general discussion about decision-making from the International Executive Development Programmes (IEDP) May 3, 2011 blog:

http://www.iedp.com/Blog/Four_Decision-Making_Red_Flags

“Four Red Flags in Decision-Making”

RESEARCH: Prof Sydney Finkelstein, Steven Roth Professor of Management at Tuck School of Business, Dartmouth College
Decision-making is at the heart of strategy, and business. Yet, how many times have we seen leaders make decisionsincurring unacceptable (to someone) risk and consequences?The problem is that no matter how smart the manager, we are all human and hence, all potentially vulnerable to a series of fundamental biases that influence how we process information and make decisions.
Our research has uncovered four key red flags in decision-making that should warn us that we are going down a dangerous path.
• Overestimating the quality of our experience. When we rely on our personal experience as managers, we are making an implicit assumption that what we have done in the past will be a useful guide for the decision at hand. However, when the situation we face is only superficially analogous to our experience, we are at risk of applying our know-how in precisely the wrong way. This is one of the reasons so many acquisitions go wrong. We rely on past M&A experience, but because every target company is different, relying on that past experience to make a new acquisition work is fraught with danger. Even targets in the same industry will vary by culture, systems, processes, people, and often strategy. Why should our past experience necessarily be the best guide?
• Letting self-interest dominate the decision-making process. Self-interest is not an unusual thing in business. People are always trying to get ahead, to protect their turf, to maximize their compensation, and so it is natural to expect self-interest to play a role in decision-making. The problem becomes even worse when we realize that much self-interest operates at a subconscious level such that we are often not fully aware of how we are behaving. Consider the accountants who seem more likely to acquiesce to management when the prospect of future work is dangled as a carrot. Or even the medical researchers, who, studies have consistently found, are more likely to report the efficacy of a molecule or drug when their research is supported by pharmaceutical companies. It’s not that they are consciously doing anything unethical, but … self-interest is a powerful thing.
• Sticking to a pre-judgment about what is right and what is wrong. People do this in every walk of life, and so it’s not that surprising that decision-makers in organizations sometimes stick with a plan of action regardless of what the data are saying. Actually, the telltale sign of a pre-judgment is when someone gravitates to supportive data and ignores or denies data that are inconsistent. From Enron to BP to the Japanese national electric company, the business landscape is littered with leaders who live by such selective attention to data.
Allowing personal attachments to bias our view. Personal attachments are to people, places, and things that have meaning to us, and as a result, we allow these attachments to take precedence over more objective decision-making. When Jerry Yang of Yahoo refuses to accept a takeover offer from Microsoft that would have created $30 billion in value for Yahoo shareholders, he is allowing his attachment to the company he founded to influence his decision-making in highly detrimental ways.
In the end, careful attention to these red flags is critical to reduce the odds of falling into these traps. But we can do more. We can make sure that we have people around us who are willing and able to ask the tough questions. We can ensure appropriate governance mechanisms to enable more objective oversight of our key decisions. We can carefully monitor the progress of a decision so that mid-term corrections are possible. And we can strive to become more self-aware of how we think and who we are, lifelong pursuits to be sure, but with importance impossible to underestimate if we really care about making the best decisions we can.

Bio:

Dr. Turbyfill has been head of engineering organizations and software architect with 20+ years of experience in: Security (Cyber and Physical); Risk Management; SDLC; Development Methodologies; Enterprise Products and Services; Compliance; Database, Strategy and Roadmaps; management of multiple groups in domestic and international locations; startups and turnarounds.  Dr. Turbyfill has a consistent track record of delivering quality products within budget and on time and has consistently built leading edge technologies and products including:

  • First database benchmark using experimental design techniques, the Wisconsin Benchmark;
  • One of the first wireless LAN’s with radio, antenna and IP Layer encryption;
  • First Firewall Appliance, SunScreen SPF 100 which also included  a certificate authority and one of the first commercial IP Layer VPN’s, SKIP;
  • First round-trip email marketing systems with interactive Java applets;
  • First Managed Security Service at Counterpane Internet Security;
  • First virtualized automated test environments for application stacks, the StackSafe Test Center.
This entry was posted in Cyber@Risk™ and tagged , , , by Dr. Carolyn Turbyfill. Bookmark the permalink.

About Dr. Carolyn Turbyfill

Dr. Turbyfill has been head of engineering organizations and software architect with 20+ years of experience in: Security (Cyber and Physical); Risk Management; SDLC; Development Methodologies; Enterprise Products and Services; Compliance; Database, Strategy and Roadmaps; management of multiple groups in domestic and international locations; startups and turnarounds. Dr. Turbyfill has a consistent track record of delivering quality products within budget and on time and has consistently built leading edge technologies and products including: First database benchmark using experimental design techniques, the Wisconsin Benchmark; One of the first wireless LAN’s with radio, antenna and IP Layer encryption; First Firewall Appliance, SunScreen SPF 100 which also included a certificate authority and one of the first commercial IP Layer VPN’s, SKIP; First round-trip email marketing systems with interactive Java applets; First Managed Security Service at Counterpane Internet Security; First virtualized automated test environments for application stacks, the StackSafe Test Center. She is currently working on Software Defined Networking and CERM for Cybersecurity.

Leave a Reply

Your email address will not be published. Required fields are marked *


*

* Copy This Password *

* Type Or Paste Password Here *

30,647 Spam Comments Blocked so far by Spam Free Wordpress

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>