Get your free personalized podcast brief
We scan new podcasts and send you the top 5 insights daily.
Standard qualitative risk assessments like 'heat maps' are flawed. A quantitative approach, calculating the dollar value of a risk materializing, allows for objective comparison against the cost of controls and potential business value, a method borrowed from military risk management.
Related Insights
Leaders often conflate seeing a risk with understanding it. In 2020, officials saw COVID-19 but didn't understand its airborne spread. Conversely, society understands the risk of drunk driving but fails to see it most of the time. Truly managing risk requires addressing both visibility and comprehension.
Categorize risks to prioritize action. 'Tigers' are critical threats that will kill the project. 'Paper Tigers' are perceived risks that are actually under control, requiring only reassurance. 'Elephants' are the unspoken, uncomfortable truths that need to be surfaced for discussion.
Instead of creating a massive risk register, identify the core assumptions your product relies on. Prioritize testing the one that, if proven wrong, would cause your product to fail the fastest. This focuses effort on existential threats over minor issues.
Instead of a generic risk score, categorize "Best Case" deals by specific outcomes. An "Orange" deal is likely to push past the timeline, while a "Yellow" deal has risks that can be overcome to win. This creates a more actionable vocabulary for risk assessment.
To evaluate an AI model, first define the business risk. Use precision when a false positive is costly (e.g., approving a faulty part). Use recall when a false negative is costly (e.g., missing a cancer diagnosis). The technical metric must align with the specific cost of being wrong.
Instead of treating ESG as a subjective measure of corporate virtue, view it as a risk management framework. Its true value lies in identifying and quantifying material risks—like poor labor relations—that function as off-balance sheet liabilities, ultimately impacting a company's cash flows or discount rate.
Traditional risk registers are performative theater. Use a 'Learning Board' with three columns: 'Assumption,' 'Test,' and 'What We Learned.' This reframes risk management as a continuous discovery process and serves as a transparent communication tool for stakeholders, replacing bureaucratic documentation.
During crises, Blankfein’s team ignored predictions about likely outcomes. Instead, they focused exclusively on identifying all possible (even low-probability) negative events and creating contingency plans. This readiness allowed them to react faster than competitors when a tail risk event actually occurred.
A core discipline from risk arbitrage is to precisely understand and quantify the potential downside before investing. By knowing exactly 'why we're going to lose money' and what that loss looks like, investors can better set probabilities and make more disciplined, unemotional decisions.
In emerging markets, where 'six sigma' events happen frequently, statistical risk models like Value at Risk are ineffective. A more robust approach is scenario analysis, stress-testing portfolios against specific historical crises like 1998 or 2008 to understand true vulnerabilities.
