Lyndon Bird FBCI |
Some
business continuity practitioners have argued that Risk Management techniques
provide a tried and tested approach to dealing with conventional threats, but
have limited effectiveness in identifying or evaluating rare but potentially
catastrophic issues.
There
has even been a host of terms that have entered our common lexicon simply to
try and define these types of high impact situations. The former US Defence Secretary Donald Rumsfeld
was much satirised when he talked about “known, unknowns” and “unknown,
unknowns” etc. but it is proving to be a useful way of distinguishing types of
threat.
The
idea of “Black Swans” to define things that are outside of personal experience,
and therefore missed when trying to register potential risks has also been much
debated. Many have treated “Black Swans”
as if they are the same as “unknown, unknowns”, but in most circumstances they
are more akin to “unknown, knowns” -
perhaps unknown to key decision makers but certainly not unknown to everyone.
For
example the volcano ash cloud which closed European airspace is often called a
“Black Swan” event – but every aspect of that drama was well-known by some
people - the volcano might erupt (meteorologists); there is a level of ash that
airplanes were not allowed to fly through (aviation authorities); and there is
a relatively high tolerance to ash levels in more recently designed jet engines
(aerospace engineers). So the problem
was less to do with lack of knowledge but the failure to share and assimilate
the significance of that knowledge.
This
is at the heart of the debates we have about apparent failures of risk
management; the Libor rate scandal; the sub-prime mortgage crisis that bankrupted
many banks; the collapse of the once impregnable Arthur Anderson global
business empire. All came as a great
shock at the time, not only to outsiders, but apparently also to the Board and
C-Suite executives of the organizations concerned.
Lack
of available knowledge was not the problem; lack of knowledge by those who had
the power to stop dangerous things happening was. Claiming such things as “Black Swans” helps
deflect blame on the premise that “how can we have done anything about it if it
was an inconceivable incident?” This excuse might work if a meteorite hits the
earth, but not if we simply have failed to look at signs, talk to people who
know what is happening and adjusted our behaviour accordingly.
I
wonder if there is now a risk that we are headed towards another problem which
is not being properly confronted at the right level. The Business Continuity
Institute and the Chartered Institute of Purchasing and Supply conduct an annual survey into how
well Business Continuity is being handled within the Supply Chain. As a basic question, we collect data about the
main causes of operational disruptions across the world. One item has been steadily rising up the list
until today this year it finished 3rd – after the perennial top-two
of Adverse Weather and IT/Telecoms failure. That factor is “failure or serious disruption
to services provided by an outsourcer”. In
the world of globalization, low cost manufacturing and just-in-time delivery,
we have treated outsourcing (and its close cousin off-shoring) as
self-evidently good things. It allows
management to concentrate on core business; it manages external costs better through
competitive bidding processes and it buys in a higher level of specialist
expertise than might be affordable in-house.
The
problem is that some of this accepted wisdom is being questioned by supply
chain and BCM professionals in organizations, but this message is not being
heard by those who could change it.
As
the global economy continues to stagnate, more and more pressure is placed on
cost-saving and often this leads to excessive price pressure on those
organizations bidding to gain or even retain their accounts. It also leads to more single source suppliers in
return for lower prices and service provision from more geographically,
politically and culturally unstable regions. This seems to be a trade-off between cost and
reliability, and some feel the balance has gone too far with significantly more
disruptions ensuing - which are then causing higher levels of dissatisfied
customers and eventual loss of business.
There
is always a need to make a judgment and a sensible balance between “no risk at
any costs” and “any risk at lowest cost” has to be taken – but for those who
favour the higher risk end of that scale do they really know what consequences
they might be facing. Is this perhaps
another “unknown, known” that top management might try to pass of as a “black
swan” if all goes wrong?
This is a great post, Lyndon. I think it is cowardice of the first order to claim that you could not "conceive" of a black swan. Especially if you are in the business continuity or risk business. It's like saying "I am too stupid and lazy to exert the effort to get over my emotional baggage and admit that the very improbable does occur, and very often at that!" I believe the failure to recognize black swans is really a way to avoid feeling scared and frightened and not in control of one's life or destiny. Human beings really do not like those feelings. But as BC professionals and/or senior managers I think that we DO have an obligation to get over these feelings of dread, or perhaps we would be better contributors in less critical function, where there would be less chance of getting burned eventually by those bad bets that are made for short-term gains. I am waiting to see the blowback from the clothing factory fires in Bangladesh and Pakistan on the purchasers of those services. The hit to their reputations will surely be more than what they would have had to pay to have a safer work environment. This is far from being a black swan -- it is a predictable effect in fact. Unfortunately, longer term risk sometimes gets lost in the demand for immediate gain. And therein lies the rub. I know that some senior decision-makers are reasonable, logical people. Perhaps the next big development will be the rise of complex models that demonstrate what we have been saying for years. Perhaps we will be listened to more seriously when the numbers in our models support our logical analyses....
ReplyDeleteAnd not to forget: Happy Holidays to All!
Kathleen Lucey, FBCI
I also think this is a great post. The purpose of looking hard at purported Black Swans is to identify the ones that we could/should have seen coming, even if that means just being poised to jump the right direction when they come. So often, we look only at what is biting our noses and not at the ripples on the horizon.
ReplyDeleteThis is a fantastic article and extremely well written.
ReplyDeleteBlack swans are actually quite rare events and the labeling of the term to specific catastrophes is often overused.
It is a disgrace in my opinion to blame poor risk management on a black swan when that is not the case.
Here are some examples of hugely impacting incidents which were NOT black swans but the outcome of either slack risk management or authorities missing the signal.
Fukushima nuclear disaster, Hurricane Sandy which hit New York, The Global Financial Crisis, The European Debt Crisis, Arab Spring, the Transocean oil disaster.
Re: Complimentary Invitations for The Business Continuity Institute.
ReplyDeleteHi Lyndon - Thanks for this useful community! I messaged recently about this.
Heres our new free training course we would like to invite you & your community members to .....
http://trainok.blogspot.co.uk/2013/04/linkedin-training-free-trial-click.html
We want to share useful knowledge in tough times & help grow our industries. We are TrainOK! & we have been organising learning events for 10+ years. Anyone interested is welcome to add their details to the guestlist on our website. Hope thats ok?
Kind regards, Zori - Organiser TrainOK!
Web: http://trainok.blogspot.com/p/about.html