The Failure of Risk Management. Douglas W. Hubbard

Чтение книги онлайн.

Читать онлайн книгу The Failure of Risk Management - Douglas W. Hubbard страница 13

The Failure of Risk Management - Douglas W. Hubbard

Скачать книгу

basic straw man model introduced in chapter 4. We will discuss the basic concepts behind better methods, including how to think about probabilities and how to introduce scientific methods and measurements into risk management. Finally, we will talk about some of the issues involved in creating a culture in organizations and governments that would facilitate and incentivize better risk management.

      Throughout this book, I will offer those who require more hands-on examples sample spreadsheets on this book's website at www.howtomeasureanything.com/riskmanagement. Those who prefer the 10,000-foot view can still get a good idea of the issues without feeling dragged down by some technical details, whereas those who prefer to get more information can get specific example calculations. The website will also give all readers access to evolving risks, new ideas and a community of other professionals interested in commenting on those.

      See this book's website at www.howtomeasureanything.com/riskmanagement for detailed examples from the book, discussion groups, and up-to-date news on risk management.

      1 1. My use of placebo effect requires a qualification. The placebo effect in medicine is the tendency among patients to experience both subjective and, in some cases, objectively observable improvements in health after receiving treatment that should be inert. This is a purely psychological effect but the improvements could be in objectively measurable ways—such as reducing blood pressure or cholesterol. However, when I refer to a placebo effect, I mean that there literally is no improvement other than the subjective impression of an improvement.

      2 2. Capt. A. C. Haynes, “United 232: Coping with the ‘One-in-a-Billion’ Loss of All Flight Controls,” Accident Prevention 48, June 1991.

      People who don't take risks generally make about two big mistakes a year. People who do take risks generally make about two big mistakes a year.

      —PETER DRUCKER

      Before we start changing any system, it's a good idea to get a reading on its current state and to figure out how it got that way. Risk management is a very old idea that has changed dramatically just in the past few decades.

      The history of any idea brings its own baggage that often limits our current thinking on the concept and risk management is no exception. Institutions evolve, standards are codified, and professions mature in such a way that it causes all of us to think in more limited ways than we need to. So before we consider the current state, let's see how we got here.

      But throughout most of human history, risk management was an unguided mitigation of risks. Choosing what risks to prepare for was always a matter of gut feel. What differentiates risk management since the start of the Age of Enlightenment is a more systematic approach to assessing the risk. The development of probability theory and statistics in the seventeenth century enabled risk to be quantified in a meaningful way. However, the typical context of these mathematical investigations were well-defined games of chance. These powerful new tools would be adopted only in select industries for select applications and, even then, only slowly.

      From the eighteenth century to the beginning of the twentieth century, the quantitative assessment of risk was exemplified in—and largely limited to—insurance and banking. Although the term actuary predates even probability theory, it was not until the mid-nineteenth century that actuaries became an established profession with accreditation requirements and their methods had risen to earn the title of actuarial science.

      By the 1960s, new methods and tools were being adopted by professionals outside of traditional insurance: engineers and economists. The emergence of computers and the ability to generate thousands of random scenarios with quantitative models made it possible to do the math with uncertain inputs. Engineers in nuclear power and oil and gas were among the first to adopt methods like this outside of insurance. Economists were influenced more by mathematical fields of game theory and decision theory, which provided for the mathematical description of common decision problems, especially decisions under uncertainty. The methods of engineers and economists were both connected to the fundamental ideas of probability theory, and they were largely developed in isolation from actuarial science.

      By the end of the twentieth century, a fourth independent set of methods were being used as part of risk management, and these methods had almost no connection to the previous ideas developed by actuaries, economists, or engineers. Struggling to keep track of emerging risks, executives were hungry for a simple way to summarize the risk landscape, without necessarily adopting the more quantitative (and, at the time, more obscure) methods that came before them.

      By the 1990s the major consulting firms promoted an early version of a common risk communication tool known as the risk matrix as well as various qualitative risk ranking or risk scoring methods. These were simple to use and simple to communicate. In some cases, pressure to adopt some sort of risk analysis method quickly encouraged the adoption of the simplest method without regard to its effectiveness. Once one approach gains momentum, prudent executives had a growing interest in using a method that everyone else was using. Every shock to the system, such as natural disasters, recessions, terrorism, emerging cybersecurity threats, and more, encouraged wider adoption of whatever simple method was gaining a foothold.

      If executives needed any more incentive to adopt risk management,

Скачать книгу