Home Systemic Risk Management Risk Data



Risk Data

Risk Data is simply "information that helps to identify, understand or manage risks" 

One common example of raw risk data is engineering or technical  information suitable for analysis using well-established techniques. Another example is historical data, such as is used by the insurance industry to determine premiums.  

When seeking to understand risks to an organisation's success, a key question is how to collect meaningful raw data that can then be analysed to provide evidence and insight into the risks faced.  Reported performance data is one possibility, but such data is highly filtered by current culture and systems.  For example, it is unlikely to provide evidence of risks or issues that are difficult to report.

From a systems thinking perspective, the best risk data is information that reflects how people (leaders, staff, stakeholders) experience the organisation.  If it is assumed that those leaders and staff are trying to fulfil a necessary role, anything that makes it harder for them to do their work is evidence of risk to organisational performance or success.  For systemic risk analysis, therefore, the best raw data is provided by asking one simple question of anybody and everybody in the organisation:  "what makes it hard for you to maximise the value you create through your job?"

The answers provided to that question are necessarily opinion based and different people may well have contradictory views.   From a systems thinking perspective, this is not a problem - it is just part of the real complexity involved.  The challenge lies more in how to collate and analyse such data to create new insight into the factors that are driving organisational performance. 

It should also be noted that:

  • The raw data provides evidence both of threats and of opportunities, since the focus is on "maximising" the value created. 

  • The stress on 'evidence' is important.  The individuals will be able to describe personal experiences and events that they have observed.   This links the conclusions of the analysis to observable, factual evidence even though much of the data collected will be opinion based.

  • This kind of data can be gathered in one-on-one interviews, and also in workshops.  Both methods have advantages, and an effective systemic risk analysis will seek to use both.  The design of the workshops and the design of the interview process are important.

  • If the aim is to identify and understand the key systemic or strategic risks faced, the amount of data gathered does not have to be large.  This is because truly systemic drivers of risk are pervasive influences, and evidence of each will emerge from almost every interview or workshop conducted.

Comments  

 
0 #1 Phil Hunt 2011-04-15 01:53
I agree with the above approach. When gathering raw risk data I use the facilitated workshop methodology to "establish the context" by brainstorming an examination of the external and internal environments & the people and processes that are integral to the organisation. The knowledge sharing that occurs in such a workshop environment means that the resultant risks that are identified are understood by all attendees who represent a cross section of that organisation. It is then more meaningful to analyse those risks and develop strategic controls that all participants agree with. The resultant residual risk ratings are also agreed to cooperatively so that those risks with a high residual rating are on everyone's radar and are reviewed and relevant controls actioned as required.
Quote
 

Add comment

Security code
Refresh