In 1986, two Canadian professors of management, MacCrimmon and Wehrung,  published a book titled Taking Risks. That book details the results of a survey that they did with over 600 business managers about their approach to risk.  Included in the book is their view of risk and risk management.  The risk management process is described with the REACT model:

  1. Recognize Risks
  2. Evaluate Risks
  3. Adjust Risks
  4. Choose Actions
  5. Track Outcomes

Their survey found that managers felt that they should be risk takers.  So all of their answers were probably shaded by an effort to fulfill that expectation. They also found that over 90% of managers were not satisfied to simply accept risks in the gambling model that game theory was based upon.  Almost all managers sought to adjust the risks that the might be exposed to.

Risk is seen by the authors to have three primary characteristics:

A.  Lack of Control

B.  Lack of Information

C.  Lack of Time

The adjustments to risk, step 3 above were defined as efforts to increase control, increase information and/or to increase time.

It is dangerous to ignore the idea of conscious and systematic risk management.  It is almost as dangerous to become complacent about your risk management because you have developed a state of the art systematic risk management system.

Riskviews finds that ERM systems are usually like a deck of cards.  The different ERM systems all use essentially the same deck, but they shuffle the cards into different piles and construct new names for the piles.  In the end, there is nothing new or even different, just a rearrangement.

The REACT model is just a reshuffling of the same elements.  However, this was published in 1986, so they were not copying off the same deck that ERM consultants have been using for the past 15 years.  What this shows is that the ERM deck of practices is older than ERM.

And the suggestion that risk comes from Lack of Control, Information and/or Time is something to think about.  What their study goes on to show is that for the most part, when managers are faced with a problem situation, they usually seek to increase their information, their control and to seek more time.

What about you?  Do you seek time,  information, and control?  Of course you do.


Explore posts in the same categories: Enterprise Risk Management

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: