While evaluating business risk companies usually turn to sources of external threats. Often however, self-induced weaknesses outnumber those caused by factors outside the organisation. Remaining unnoticed, many of them become gradually accepted as a norm - some stay hidden behind departmental doors, and others are being lost in overcrowded information systems. Accumulation of these invisible threats usually manifests by ‘sudden’ ‘unexplainable’ disruptions, later defined as unavoidable or the result of business complexities. They are not only damaging for business but have wider social, economic and environmental implications. Recent examples in banking and airline industry sectors well illustrate the seriousness of problems that could arise by poor evaluation of business risk.
Businesses are becoming more complex and are operating in a more uncertain environment than ever. The inherited postulate that company must always grow to be successful, without much consideration for infrastructural and resource limitations brought in more disruptiveness and instability, making successful management and business control a daring task.
The dynamics and complexity of airline industry makes a good example for examining the consequences of these practices. For many years, the industry development has been mainly driven by traffic growth and short term profit, with less interest in synchronised development with airports, ATC (Air Traffic Control), investment in people and other less visible but not less important components necessary to ensure business longevity. These are the main reasons for big industry losses and deterioration in quality of airline services at busiest world airports.
All these and other inherited problems cannot be repaired overnight. We need to accept that they are here to stay for years to come and find out how to cope with them more successfully, gradually improving the system efficiency, and minimising the business risks.
One of the less explored but powerful ways of achieving this goal is through process of disruption risk management. It focuses on critical disruptions, and works backwards towards their true, multiple, interconnected origins spread across the organisation. During this process, explicit and tacit information need to be used to evaluate business risk and contribute to more responsible governance. This process doesn’t require big investments, the method is not complicated, and it doesn’t take long before the first results show up.