Jiles Smith’s Answers to Questions Asked about the ‘Quantifying and Understanding Risk ’ Interview at RAG Toronto 2019

Do you believe that risk without responsibility should already be considered an issue?

Yes, there’s a level of risk in every endeavor people take, from taking a shower – understanding there is a possibility you could slip – to something more complicated, like going to the moon. How you recognize, deal with or prepare for these risks is the real challenge.

Regardless of the complexity of the process, there should be a level of accountability to either mitigate the possibility of loss or to eliminate it. A team member who is injured at work should not believe that the injury was caused by fate or something spurious.

In any endeavor the calculations of the possibility of any and all risk are essential. Going into any situation blindly and expecting a positive result without accounting for the possibility of hazard or harm can put any person or organization at risk.

Do you feel employee engagement is overrated when it comes to culture change?

Employee engagement is essential. Some say that getting leadership buy-in is the most important, but as my father would say, a leader without any followers is just taking a walk. Management can set goals, allocate funds for safety, and give guidance, but the true nature of an effective risk program is the ability, will, and determination of the front line team member to change or alter the company’s culture. Are they empowered to address other team members when doing things improperly? Too many times, companies focus on corrective action by supervisors who can’t see everything, and therefore they are reactive or dealing with issues after an accident has occurred. I believe is it more powerful when the team member next to you tells you to slow down or be careful. It shows a level of authority, commitment, teamwork, and general caring for what is best for each other. Therefore, how team members are engaged in is critical.

Remember, “we are what we repeatedly do, excellence then is not an act, but a habit” – Aristotle

What do you take into consideration when deciding to terminate people managers that may undermine your strategies?

Terminating a team member, for the most part, is the last act you would like to take. Most companies spend thousands of dollars on hiring and training team members. The ultimate example of failure for a supervisor or manager is termination. That means you could not persuade a person to buy in or failed to train them, properly supervise or simply hired the wrong person. This element of failure not only costs the company money but has an eroding effect on the culture of the organization. These managers should be given the opportunity to adapt with the clear understanding that failure to comply has consequences. Great organizations have safety as a condition of employment.

I take into account several key elements before deciding termination is the only resolution.
1) Was the message clear? Did they fully understand the goal of the organization?
2) Are there competing priorities set by other leadership which could cause confusion?
3) What is the person’s ability to adapt?
4) Are they willing to buy into the culture?
5) If the goals were clearly understood and the manager still did not buy in after receiving continual formal and informal counselling, as well as praise, for the good of the company changes must be made. No team member should be surprised during a performance review. Companies don’t hire people to fire them.

What’s the greatest risk you see that is usually forgotten about?

The biggest area that is seldom talked about is reputational risk. A company’s reputation can be damaged by the actions of a few, if not just one person. The development of systems to protect corporate reputation is something enterprise risk managers should embrace to protect one of their most valuable assets.

Companies like Facebook discovered the value of reputation and the potential cost of its loss many times. Most companies don’t have a way to quantitatively measure the importance of reputation. Another example, in the matter of Weinstein and Company, the board was too close to the alleged perpetrator to be able to distance itself from the ethical breach. Stakeholders expect that, even with a strong CEO, a company’s board will be able to exercise appropriate oversight. As a result of being found culpable in the court of public opinion, the firm was not salvageable.
Each day in this global economy, companies face new and emerging risks. From an oil spill in the Gulf of Mexico costing millions or a telecommunications company having its customers’ data being stolen causing a reputation hit and loss of market share. Being a company that is entrusted with sensitive information of our customers, customers have a heightened sense of expectation that we would protect their data; therefore one misstep can damage a company’s reputation.

These new risks are becoming more prevalent and more costly. The old practice of simply reacting to a change in risk with control methods, financing, insurance markets, and environments needs to be replaced by a proactive, enterprise approach to risk management, managing what does not exist today by techniques which have not been created yet, to solve problems that have not yet occurred.

What do you consider when determining your risk management strategy?

Consider the risk tolerance of the organization, the company’s goals, culture, and beliefs, the expertise of the leadership to include frontline supervisors, the level of accountability throughout the organization for safety or risk, and the passion that the team members have for managing risk. Risk management is a large complex set of tasks, challenges, threats, strengths, opportunities, and analysis that is conducted on a daily basis in business. As a risk manager, it is very important to develop a comprehensive and a coordinated plan for the business.

“The most elegant forms of managerial decisions involve problems that never have to be solved because they are prevented from occurring… they are anticipated and side-stepped. The deliberate non-catastrophe is one of the most effective contributions a manager can make.”
– James, Martin, British Information Technology Consultant and Author

What risk areas is one expected to focus on?

In the United States, most risk managers have been programmed to focus on losses, ie: workers’ compensation and liability costs. We spend most of our time reactively addressing these areas of concern and less time in planning how to avoid them. Most organizations are segmented or have silos to prevent a free-flow of information that can benefit the company. An example would be safety reporting to one vice president, risk management to another and HR to a third vice president. This lack of a cohesive process creates waste in most organizations. In reality, the more risk manager professionals prevent losses through assisting in the hiring process, safety, and training, the more durable and innovative your risk program will be.

It’s likely that something unlikely will happen – Aristotle