Risk Management in Practice
Topics
Risk has been a top-of-mind consideration since September 11, but corporations are also concerned with less catastrophic forms of risk: customer credit problems, labor strikes, changes in market acceptance or energy prices — any type of uncertainty that could cause their businesses to stray from plan. The increased pace of change in the business environment not only accentuates risk, but also shrinks the time available for planning, evaluation and adjustment.
Academic research into the role of uncertainty in strategy formation frequently delves into modern portfolio theory to explore frameworks for factoring risk into strategic decision making. Nevertheless, the gap between theory and management practice remains large, according to a 2002 working paper, “Risk: A Neglected Component of Strategy Formulation.” The paper is by Eli Noy, an adjunct lecturer of strategic management at Tel Aviv University, and Shmuel Ellis, a senior lecturer of organizational behavior and management at the same university.
In a 1999 survey of 93 senior executives from manufacturing companies in Israel, the authors found that the managers used few basic components of risk calculation or assessment — such as efficient frontier estimations or maximum accepted risk exposure — in their decision making, and few companies reported they had formal risk strategies. “We found to our surprise that [managers] are very aware of the question of risk in strategy,” Noy explains, “[but] they are not using any of the tools.”
In follow-up interviews with 21 survey respondents in 2000, the authors found some managers were simply not familiar with risk-assessment models. Others believed their experience and intuition to be more reliable than models based on forecasts. And a third group relied on more conventional calculations, like simply adding in a fudge factor or using sensitivity analyses. Some managers felt that risk-assessment tools were the sole domain of the finance department, where such quantitative analysis is more finely honed and widely accepted.
The study also determined that most companies did not pursue holistic risk strategies. Indeed, the authors' research produced a second paper, which asserts that the formation of risk strategy typically varies across the organization. In “Corporate Risk Strategy: Is It a Unified Whole or Does It Vary Across Business Activities?” Noy and Ellis conclude that the majority of companies are risk averse when forming strategies for non-core-competency functions, such as finance, but welcome risk in research and development, marketing and operations deemed essential for competitive advantage. That suggests that different risk-assessment strategies are appropriate in different functional areas of the corporation. One survey respondent remarked, “You shouldn't have a comprehensive risk strategy. It depends on the activity as well as the phase of the company's life cycle.”
But Noy and Ellis found that even for discrete functions involving core competencies, such as the development of a new product line or entry into new geographical markets, there was a distinct lack of acceptance of risk-evaluation techniques. The authors conclude that managers must improve their understanding and use of even simple techniques for assessing risk. “Forecasting is getting more and more difficult,” says Noy, “but doing without it is worse.” In other words, not using risk-assessment tools could be the riskiest proposition of all.
Full-text versions of both papers can be accessed at http://recanati.tau.ac.il/faculty/ellis_shmuel.htm.