Since its birth, it seems that the human kind has to run risks for its own survival. ISO 9001:2015 revision recognizes this as opportunity or upside risk.
Jared Diamond in some of his books describes how running risks is instrumental to humanity’s survival, and history tells us the same, too.
As I had the occasion to write before, risk is some kind of enemy with which we have to live with. We have to fight against it but we cannot eliminate it.
FIGHTING RISK
On the contrary, if we try to eliminate it, it will be born again out of its ashes, like the mythical bird.
We have therefore to carefully plan how to properly fight or mitigate risk, through the right strategies and tactics.
Strategies start first by recognizing that fighting risk means running risks at the same time, including the risk of failure, the risk of running short of resources, the risk of inter- and intra-personal conflicts on strategies and so on.
In many historical conflicts, inter- and intra-personal relationships were instrumental to win or lose the conflicts themselves, much more than resources or logistics.
Disagreement among the people in command or slack leadership or too strict leadership can all result in poor fighting risk.
D. J. Wheeler in his Quality Digest’s June 10, 2014 article “What is an Alpha-Level” suggests stop using the term “significant results” and replace it with the term “detectable signals”.
It might look like a subtle difference, which in fact is not, especially if we think in terms of risk.
We keep thinking that risk can be abated by means of documented procedures or operational instructions or training.
THE BULLFIGHTER
But risk is just like a bull in a Spanish or Mexican arena and we are the bullfighter. I find this kind of fighting particularly cruel against the animal. But I understand that either the bullfighter kills the bull or the bull hurts its adversary very badly.
Risk is just like a bull and the arena is our management system, whatever it is.
But while bulls are grown up and trained to fight, risk is almost unconsciously fed until it grows to a size that cannot be controlled anymore.
Nobody compels us to enter any arena to fight a bull but if and when we do it we must be prepared to run risks.
Tactics is a lower level approach to fighting risk as compared to strategy. While strategy belongs to the people in high command, tactics belongs to a lower but not less important level of command. In Wheeler’s words, strategic signals are immediately detectable while the second’s a bit more subtle.
In my bullfight example, once the bullfighter has strategically decided to enter the arena, he has to be clear in his mind how he will deal with the bull.
The operational level is a further more detailed practice that deals with “action” on the field.
Risk cannot be fought by sitting at a desk – strategical thinking – or looking at a map – tactically thinking – only. It has to be fought on its own field, therefore running the involved risks.
Operations require – let me say – bodily intervention. While strategy can be “played” “behind the enemy lines”, and even tactics too. Operations require to look into enemy’s or risk’s eyes.
Our bullfighter will thus have to feel all of the bull’s powerful force and rage. He will have to be physically engaged with the bull, one against the other. Both have to forget there’s an audience watching them.
So it’s the same with risk. In ancient Crete (Greece), prizes were given to those who took bulls by their horns. So it is nowadays in Provence (France), where the young bulls’ horns are decorated with sausage and we have American rodeos.
There’s always a prize for those who successfully run risks.
RISKS WON’T GO AWAY
The three process levels to deal with risk, that is 1. Strategy, 2. Tactics and 3. Operations, have to be clear in the mind of any risk fighter. If he or she is not ready to run risks, they are going to fail and are simply nuts for even trying to fight risk.
The song “Fight Fire with Fire” could be paraphrased to “fight risk with risk”. I personally don’t see any other way to go about this problem.
There’s almost nothing in man’s activities that has no side effects or risks whether they are diets, medicines, places to live, entertainment, social and private choices, just to name a few.
The worst risk of all is not to be aware of the risks that have to be run when making any choice. Choices are all about intelligent risk taking.
And, besides strategy, tactics and operations when fighting risk, there’s the golden rule that cant be ignored: “expect the unexpected”, or “expect the un-expectable”.
What above broadly applies to managing systems such as risk detection or risk prediction, the same applies to managing quality systems. ISO 9001:2015 introduces the concept of risk. And it applies to environment management systems considering the changes this planet is undergoing due to climate change. Also, risk is being applied to safety, security, food safety / HACCP management systems, medicine testing and production, medical devices development, testing and production and so on.
The use of non-oil based sources of energy will imply ever safer plant-producing energy, hydrogen or nuclear energy, thus making risk management an ever greater priority.
We can’t afford not to confront technical or scientific risk. We are aware of its existence, that we aren’t risk-exempt.