The Guiding Principals of "Risk-Wise"® Risk Management
Rather than address the principals of risk management from either a personal, enterprise, business or investment perspective, the "Risk-Wise"® Risk Management Principals listed below apply to effectively managing virtually any kind of risk.
1 - Risks can be managed, but never eliminated.
2 - Your definition of risk is absolutely CRITICAL
- It can make your risk management efforts more challenging, frustrating, and disappointing or easier, more positive, successful, and effective.
-It's the cornerstone & foundation on which all you risk management efforts and plans will be built. If your foundation is weak or inferior, whatever you build on it will not stand the harsh test of "unforgiving real-world conditions.
So, be absolutely certain to dedicate significant time and effort to identifying, embracing, and actively use a positive, powerful, effective and “empowering” definitions of risk. Doing so will make your risk management job easier, more effcetive, and more rewarding.
One of the best & most empowering definitions of risk we've discovered & have since adopted at "Risk-Wise"® Investor & "Risk-Wise"®Advisor was first articulated by Peter Oppenheimer. As the Chief Risk Officer of Apple, Inc. he observed that:
RISK is: “The degree to which an outcome varies from expectation”
3. Risk & risk management are very personal, critically important, individual life skills.
-The very same risk occurring can affect each individual person, organization or entity very differently, based on each of our individual levels of…
Knowledge of and familiarity with the risks & management of those risks we each individually face
Understanding of a given risk(s) potential personal likelihood and impact (should it occur) plus our personal resilience (ability to bounce back from a risk occurring)
Advance preparation to reduce the personal likelihood of a risk occurring and personal impact should a given risk actually materialize
4. Risk identification, assessment, management, preparation, and ongoing monitoring are a perpetual, ever evolving, never ending, long-term process…They are NOT a "ONE TIME" event.
5. It’s impractical & impossible to identify & manage every single risk you face
-Risk management has a cost. So working to protect against everything is a futile, because once you've accomplished that objective, although you're protected on the down side, you've also got little or no upside.
-Also....Since all risks are not created equal, and risk management has a cost...Risks must be prioritized as to which risks to 1-Avoid, 2-Which risks to accept & manage, and 3-Which risks to accept outright.
6. “Risk” is imbedded in the very fabric of the universe, as articulated via the 2nd Law of Thermodynamics.
-Simply stated, this physical law describes how the natural tendency of any system is to degenerate from “order to disorder” or “hot to cold” over time, and not the other way around (Unless external energy is added back into the system)
-As those familiar with "Murphy's Law" know..."If anything can go wrong, it will go wrong, and usually at the worst possible time."
7. To effectively manage any risk, it absolutely critical to focus on identifying and managing the “ACTUAL RISK" itself, rather than attempting to manage the secondary or tertiary results of a risk.
-That’s why medical students are taught not to treat disease symptoms, because doing that never solves the underlying problem....Rather, they are taught to use the symptoms as clues to identifying & treating the actual underlying disease which is much more effective
8. Risks are always with us. There are risks in “taking action” as well as in “not acting” or “deferring action”
9. Risks we’ve identified, fully understand, and are thoroughly prepared for can be “neutralized,” and can even be transformed into opportunities if we wish
10. Since both “Negative” and “Positive” risk exist, we must consider the management of both types of risk…
Yes! Too much of something can be as a big a problem as too little…i.e.
-An example: Too little water (a drought) is a risk and too much water (a flood) is a risk as well
11. Risk & Reward are generally equally balanced.
-However, with knowledge, understanding, experience, and preparation for risks, we can “tilt” the risk/reward equation to our advantage...
-In this way we can work for greater rewards, while taking less risk
12. We must deal with both major types of risk
-Exogenous (External) risks, and the even more insidious form of...
-Endogenous (Internal) risks - biases, incomplete information, risk misperceptions & decision making) risks
13. Since risk management has a cost, and its impractical to manage every single risk, it becomes critical to prioritize the risks we face and determine which risks to AVOID (if possible) which risks to ACCEPT and MANAGE, and which risks to ACCEPT with no special risk management initiatives in place
Risks with the “highest” impact are usually “surprises” that we don’t expect or believe are unlikely, and as result, are not prepared for in advance
14. It’s much more effective and less costly to prepare for risks in advance.
-Working to avoid risks (if possible), and to reduce their likelihood, and/or limit their potential impact when they materialize is much more effective and less costly than waiting until after the fact to recover from the effects of risk occurring that we were totally unprepared for because we assumed they were very unlikely
15. Risk preparation steps include...
Avoiding factors or situations that expose us to a given risk/set of risks in the first place
If we must accept a risk(s) in order to achieve a given objective the following steps need be compeleted…
1- Identifying the risks we’re exposed to
2- Fully understanding the context, likelihood, impact and our unaided resilience to recover from the impact of risks that occur
3- Then put practices in place to reduce the likelihood of risk(s) occurring & minimizing their potential impact when they actually materialize, and improving our resilience
4- Continually monitor those risks, and the effectiveness of initiatives we have in place to manage them ... While also being vigilant for any established risk(s) that develop new risky characteristics...plus new emerging risks that can "pop-up" as the result of the unintended consequences generated by innovations in apparently unrelated fields.