This past week I shared a Huffington Post article regarding agile risk management, in which it was suggested that “risk agility is the key attribute of the survivors”, and that “compliance…is not an adequate form of risk management for the twenty-first century”.
I thought it a fitting article because it tied nicely to a couple of the themes I had planned on discussing:
- complexity causing an amplification of risk, and
- a reliance on historical methods, data, and false-positives to reassure ourselves that we have effectively managed our risks.
This article suggested that we should be willing and able to monitor and manage risks according to how they arise, to make decisions as our risks shift and change over time. The author wrote,
“Aversion to risk is dangerous and implies being stuck in another era and held at a standstill by the inertia of fear.”
Given, the context of the article is that risk averse businesses will not survive.
But what of the things that need to stand the test of time, regardless of the changing conditions that they may be exposed to? What of those things, like infrastructure we might design and build, that are more permanent, and might be difficult or even impossible to make adaptations to, once they are complete?
How can risk agility be applied in that context?