Posts Tagged Listening
Rational Versus Rationalized Risk Taking
Posted by Sonia Jaspal in Enterprise Risk Management, Risk Management, Strategic Risk Management on April 27, 2012
Devdutt Pattanaik in his Economic Times article “Malady of Interpretation” narrated an interesting story from Mahabharata. Bhisma, leading the battle in Kurekshetra on behalf of Kauravas had the boon of death by wish. As he couldn’t be killed, Pandavas couldn’t win the battle. Then Krishna devised a ploy to trick Bhisma into lowering his bow. Pandavas knew Bhisma would not fight a woman, hence asked Shikandi, a transgender, to participate in the war. Shikandi was born a woman, hence Bhisma interpreted that he cannot shoot at a woman, whereas Pandavas considered him a man. If Bhisma had rationalized that Shikandi was a man, Pandavas may not have won the battle.
Rational or Rationalized Risk Taking?
This is thought provoking; do we do rational risk taking or rationalize risk taking? Risk analysis is significantly subjective, and a whole lot depends on the judgment of the decision maker. The financial crises occurred as most financial institutions rationalized the risks of selling the CDOs as minimal. With hindsight, most question the decisions and fail to comprehend the rational for taking these risks. Therefore, let us look at the situations that prompt us to rationalize risk taking.
1. Boss’s view
If the boss says so, most juniors will agree, even if the business decisions tantamount to jumping in a well. Depending on the organization culture and boss’s authoritative tendencies, juniors will rationalize risk taking decisions. Juniors show higher tendency to rationalize when they believe that their voice is not going to be heard, will be penalized for giving contradictory viewpoint or rewarded for blindly agreeing to boss’s ideas.
2. Group think
When group think sets in, then tendency for rationalization increases tremendously. Group members agree for getting along and not rocking the boat. The attribute of looking at one’s own plans objectively and skeptically is completely missing among the group members. A voice shouting at the top of his/her lungs is also not going to be heard. On the other hand, anyone who gives a rational view may get attacked by the group members.
3. Self-interest
When we fall in love, we fail to see the negative attributes of our object of adoration. Our overwhelming pride in our ideas can make us believe our own hyperbole. There are many mountaineers who attempt to climb Mount Everest without adequate preparation and training, as they consider themselves unbeatable. While passion and commitment is good, if a person is not open to debating their ideas, then it can become their waterloo.
Taking into account the extent to which social context, individual psychology and organization culture play a role in business decisions, it isn’t surprising that organizations are failing to manage risks. The devil is in the detail and management ideally should form decisions backed by data. But, quite often management takes decisions based arrogance, optimism and gut feel. Hence, rational thinking is compromised for rationalized thinking.
Therefore, other obstacle for rational risk taking is that it requires a whole lot of information. Usually, decisions are based on inadequate information and research. As Sun Pin says that to win a war, the general should know strengths and weaknesses of his own army, the opponent’s army and the terrain. A general should draw the battle plan after taking all risks into account and get into battle only when victory is assured. However, in business this wisdom is ignored and business managers tend to rationalize while preparing corporate strategies.
Closing thoughts
The human psychology works on the premise that when we say “Mirror, mirror on the wall, who is the most beautiful of all?”, the mirror responds “You”. Dissenting and uncomplimentary views are hard to accept. The first reaction many a times is a desire to stuff something down the other person’s throat to stop their criticism and negative feedback. However, for rational risk taking the dissenting thoughts and critical feedback are worth gold. These prompt executives and risk managers to view strategies, business decisions and implementation plans dispassionately and objectively. Rather than deny the possibility of risks occurring by saying “this is not going to happen”, executives must ask – “how is this going to work?”.
One question for the readers – Can rational and rationalized risk taking co-exist?
References:
Devdutt Pattanaik in his Economic Times article – Malady of Interpretation
Like this:
Risk Management Failures in Kingfisher Airlines
Posted by Sonia Jaspal in Financial Risks, Process Risks, Risk Management, Strategic Risk Management on March 14, 2012
Mr.Mallya with KFA Air hostesses
The king of good times is facing hard times. Launched in 2006, with much fanfare by its Chairman, Mr. Vijay Mallya, Kingfisher Airlines (KFA) is presently in dire financial straits. After the euphoria abated, KFA’s strategy, performance and financial health has been questioned from mid-2008. Now the company is facing major financial and operational problems. The press statement from KFA, on 12 March 2012, highlights the challenges:
“The flight loads have reduced because of our limited distribution ability caused by IATA suspension. We are therefore combining some of our flights. Also, some of the flights are being cancelled as a result of employee agitation on account of delayed salaries. This situation has arisen as a consequence of our bank accounts having been frozen by the tax authorities. We are making all possible efforts to remedy this temporary situation.”
KFA is a good case to understand the impact of failure in risk management. The management ignored the warning signs of stormy weather and failed to navigate the company into safety.With hindsight, some of the important decisions made by the airline appear incorrect. Let us analyse the top 5 risks.
1. Strategic Risk – Market Analysis
KFA was launched as a premium business class airline. That was the first mistake, a lack of understanding of customer requirements and basing a decision that luxury sells in airlines. Organizations focus on reducing costs and usually just CXOs are allowed business class travel. Rest of the staff mostly travels by economy class. Moreover, buying most expensive business class tickets doesn’t go down well when seniors aim to project the image of walking the talk.
Even consultants, whose travel tickets are paid for by clients, hesitate to book KFA tickets. It appears that they are abusing privileges. Hence, the market size for business class tickets is small in India.
Secondly, internationally Southwest Airlines operating model has proven successful. It is a low-cost airlines, provides minimum frills to customers at reasonable rates. Mr. Mallya, highly successful in liquor business, didn’t comprehend the differences in customer preferences within the two industries. Customers may buy expensive alcohol, but not airline tickets, since the total cash outflow is higher. It is a price sensitive market. Therefore, KFA adopted an incorrect strategy from the start as it failed to understand the market dynamics.
2. Strategic Risk – Merger with Air Deccan
KFA acquired Air Deccan, a low-cost airline in 2007. Five years of operations is a key criteria for an airline to fly internationally. Hence, KFA acquired Air Deccan’s international flying rights and simultaneously entered the cheaper market segment. It made the following announcement in September 2008 financial results commentary:
“The merger of the two operating airlines into one corporate entity has also enabled savings on operating costs such as Engineering and Ground Handling, Insurance and Catering. Employee costs have also been addressed through an integrated organization which enabled the Company to terminate the contracts of most expatriate staff and impose a hiring freeze on new appointments.“
After the merger, first signs of trouble cropped up. As per a Business Today article, it became the largest Indian airline with 27.5% market share, and domestic travel increased by 30%, however it didn’t make profits. Despite the fact the its main rival – Jet Airways – continuously showed profitable quarters.
KFA showed growth in numbers while having lost the strategy. With the merger, it lost its brand image of a premium business class airline. It expanded with the speed of a jet without building a base and resolving the post merger challenges. This set the course for a bumpy ride.
3. Strategic Risk - Investment in Planes
According to 31 March 2011 ending annual report, KFA flew 366 domestic flights and 28 international flights. It owned 67 aircraft.
“Aircraft Engine/Lease Rentals: Aircraft/engine lease rentals stood at Rs. 984 crore (USD 197 million) during the twelve month period from April 2010 to March 2011. Your Company operated 67 aircraft (scheduled and non scheduled) in the year under review, 13 of which are owned through finance leases and 54 are held under operating leases.”
Business Today article mentions that presently the airline owns 63 planes and a few have been returned to the lessors. However, the plane financing problem isn’t new. In September 2008, after the merger with Air Deccan,in financial results commentary KFA stated the following:
“Two aircraft have already been returned to Lessors with no additional cost, and the Company is in discussion for the return of a further eight aircraft. The impact of this capacity contraction will be visible during the second half of the Financial Year.”
After the merger, according to the Business Today article, the airline refused to take delivery of 5 Airbus A340-500. It had over 90 aircraft in Airbus books and no delivery was taken after 2008. This is a case of investment plans made under a cloud of unknowing.
4. Financial Risk - Excessive Debt
In the December 2011 quarter unaudited financial results, signed by the Chairman Mr. Mallya, the following note is given:
The Company has incurred substantial losses and its net worth has been eroded. However, having regard to capital raising plans, group support, the request made by the Company to its bankers for further credit facilities, planned reconfiguration of aircrafts and other factors, these interim financial statements have been prepared on the basis that the Company is a going concern and that no adjustments are required to the carrying value of assets and liabilities.
KFA posted a loss of Rs 1027.39 crore (USD 205.95 million) in December 2011 quarter. As of 31 March 2011, its net worth was negative at Rs 3633.08 crore (USD 728.29 million). It was last positive in March 2008, and now the picture is dismal. Presently, KFA has a total debt of Rs 7057.08 crore (USD 1414 million) and total accumulated losses of Rs 6000 crore (USD 1202 million). The banks refuse to extend further credit as the non-performing assets (NPA) will jeopardize the profitability and liquidity of the banks.
Here it is a clear case of excessive debt and poor cash flow management systems. The situation has gradually worsened from March 2008 and in three years the capital is completely eroded. A better financial risk management may have helped mitigate the problem. It appears no one in the company was monitoring the risk dashboard. Maybe they were flying high on optimism.
5. Operational Risk – Fuel Costs
It’s a well know fact in aviation industry that most airlines nosedive due to high fuel costs. The rise in fuel costs are an uncontrollable risks as the price of petrol is set internationally. Additionally, in India, states charge heavy sales tax on petrol. Hence, the fuel costs are much higher in India. KFA annual report of 31 March 2011 acknowledges this issue:
Aircraft fuel expenses: Expenditure on fuel stood at Rs. 2274 crore (USD 456 million) during the twelve month period from April 2010 to March 2011 accounting to 28% of the total costs. While the average fuel prices have come down from a high of Rs. 74 per litre in August 2008, prices have steadily risen through the year and ended 34% higher than prices at beginning of the year.
As given in the commentary on the results for the half-year ended 30th September 2008, KFA was aware of the problem.:
The Aviation Industry is going through a challenging phase globally, driven primarily by spiraling fuel costs, which hit an un-precedent USD 147 per barrel in July 2008. The Indian industry was hit more adversely due to the cumulative impact of Customs Duty and Sales Tax on account of this sharp increase in international fuel prices. The average price of ATF in the six month period from April to September 2008 increased by about 60%. The impact on Kingfisher Airlines alone was to the tune of Rs.640 Crores (USD 128 million).
Most airlines to recover fuel costs increase the number of seats in the aircraft by better use of space. KFA couldn’t do it, as it projected itself as luxury class. Despite enjoying an occupancy rate of 75-85%, the company failed to break-even. Although the management was aware of the truculent factors in aviation industry it failed to take preemptive measures timely.
Closing Thoughts
A look at the 31 March 2011 year-end annual report reveals that KFA had 7-8 directors, with just one executive director. The audit committee had 3-4 directors and didn’t seem active, since there were just 4 meetings during the year. Since inception of the company, three CEOs have come and gone. Mr. Vijay Mallya, the Chairman, controls the company. The board of directors have not actively participated in charting the route of the company. Hence, pilot of the company is responsible for the downward spiral of KFA. As the banks and government refuse to give a life jacket to KFA, the probability of safe landing is low.
References:
- Kingfisher Airlines - Media statement 12 March 2012
- Kingfisher Airlines – 31 March 2011 Annual Report
- Kingfisher Airlines – 31 December 2011 Unaudited results
- Kingfisher Airlines – Commentary on results for half year ending 30 September 2008
- Losing Color – Business Today article.
Program Change Management Risks
Posted by Sonia Jaspal in GRC Dept. Functioning, Management, Methodologies & Procedures, Process Re-engineering, Process Risks, Risk Management, Strategic Risk Management on February 19, 2012
Organizations invest huge amounts in running numerous programs to improve operations, culture and profitability of the company. For instance, programs cover technology implementation, building social networks, improving employee engagement and corporate social responsibility initiatives. Some programs give good return on investment while others dwindle without much success. The success and failure of a program appreciably depends on effective change management.
Even for information technology programs, various survey reports show success-failure ratio as 50-50 percentage. Failure results in cost overruns and delay in project schedule besides low employee morale. A few reports indicate just around 20% of the programs are successful in the first effort in all respects. The differentiating factor, with technology and implementation capability being the same, is change management skills. Lack of focus on change management risks results in program failure.
Before discussing some key aspects of program change management risks, let us understand the reason for the same. Change causes insecurities to surface, hence sows the seeds of conflict and discord. On start of a program, people do not understand the reason for change. They are unable to assess what is at stake and what success looks like. Moreover, people respond differently to change. Idea of change gets supporting, skeptical and scornful reactions. If not handled carefully, different groups within the organization prepare battle plans to sabotage the program.
Hence, change management strategy is an essential component of program implementation. Given below are some of the risks on the same.
1. Senior Management Involvement
For approval of the program, the program manager shakes hands with all the senior managers to get their buy-in. Managers assume that the senior management commitment will continue after approval. However, this is rarely the case. With time, commitment will wane if senior managers do not understand the direction of the program and/ or start giving priority to other programs. Hence, program managers need to monthly/ fortnightly update the senior managers through review meetings and reports on the status and plans of the program.
Additionally, users and employees need to see senior managers demonstrate commitment to the program i.e. walk the talk. Program managers need to leverage opportunities to show senior management support for the program. Develop a leadership plan to ensure senior managers become champions of the program.
2. User/ Employee Adoption
The program managers gear most of the programs activities towards adoption by the users. For example, in building a risk culture, adoption of risk assessment template is a milestone. The point is change agents view program activities in isolation for pre-go-live stage without considering the overall impact on the organization. Programs influence strategy, process, technology, and people. Without synchronizing the four aspects, even with user acceptance, the program will be unsuccessful in the long run.
Second aspect to consider is the handholding and support after the go live stage. After implementation of a program, the users may still face some challenges or new problems and risks may arise. For continued success of the program a team is required to support it, else it will fizzle out.
3. Multiple Communication Channels
A program requires a good communication plan and failure in communication jeopardizes the program. Communication messages must be clear, straightforward and from the heart. The corporate jargon and meaningless mantras does not get buy in from senior management or users. For example, do not have a mission statement for an ethics program that sounds like this:
“The company’s mission is to be the most ethical organization in the world by adopting best practices, making it a great place to work and rewarding meritocracy”
Employees will roll their eyes on the above statement and consider it as management hyperbole. There is nothing actionable or measurable in the statement. Neither are the steps linked to ethics.
Another risk is failure of communication from senior management. Program managers assume that employees understand senior management commitment from strategy and other generic documents. However, adopters need to hear from senior management, their views and aspirations regularly.
Moreover, when programs run into problems, the initial reaction is to hide the bad news from the adopters. Clear concise communication on challenges being faced by program managers and support required, gets the program back on track. Communicate more often when program is running into trouble.
More importantly, change agents sometimes fail to listen to the adopters. Adopters’ feedback is critical for the success of the program. Understand their angry reactions, criticism and challenges. Develop plans to address them and not ignore them.
4. Training Plans
Standard training material is the bane of most programs. Change agents believe that once the training is imparted, their job is done. Some pieces are overlooked in training plans and I have mentioned these before in a post. These are:
- People have different learning patterns.
- People are at different stages of learning – beginner, learner, manager, and expert.
- People do not remember the training for long unless they start using the information in practical work.
- Old habits are hard to break; hence, people revert to old patterns of working if not monitored.
Last but the not least, is the content of the training. For example, fraud awareness training is a double-edged sword. The users, who didn’t know a word about fraud, now have some idea on how frauds are conducted. The information can be misused. Moreover, an overload of information may create panic reactions in users. Hence, when to deliver training and what information to give are critical decisions for successful program implementation.
5. Reward & Recognition System
For a program to be successful, set up a clear system about reward and accountability for the adopters. Failure to establish a system will result in rewarding mediocrity rather than meritocracy. Further, without implementing a penalty criterion, there is no downside for wrongdoing. Hence, maintain a balance between reward and punishment.
For instance, in an ethics program, build a system of bonus points at time of appraisal for meeting business objectives in an ethical way. If a manager had the option of choosing an unethical means to achieve an objective faster but selected an ethical way though had to work harder, award him/her bonus points. On the other hand, award penalty points to a manager who chose unethical means.
6. Dealing with Failure
Sometimes, despite best efforts the program team stares at the face of failure. People adopt inflexible approach and refuse to acknowledge the logical benefits of the program. They foresee their personal and political agendas negatively impacted, hence refuse to contribute to the shared purpose of the organization. The situation reminds me of an old joke.
A man bought a parrot as a pet. To his dismay, the parrot had a bad attitude and spoke foul language. The man tried to teach the parrot to behave but the parrot refused to change. One day in a fit of anger the man put the parrot in the freezer. He heard the parrot screaming and abusing for a couple of minutes, then there was silence. The man opened the door of the freezer, the parrot trotted out and said – “I beg your forgiveness for speaking rudely. I promise to behave properly.” The man was amazed at the transformation. Then the parrot said – “May I ask, what did the chicken do?”
To avert sudden failure periodically conduct organization surveys to understand the acceptability of the program and organization readiness for the next stage. Measure the behavior and sentiment change due to the program. Do not rush to the next stage without ensuring that adopters connect with the program in the existing stage.
7. Awareness of Retaliation
Situations can get out of hand when people start retaliating against the program manager and his/her team. Some programs are launched for appearances sake. For example, senior management may approve a program for business ethics, diversity or employee participation. However, when the change agents sincerely attempt to run the program to bring about a cultural change in the organization, they get mobbed by the employees. In this case, the junior employees start complaining that the change agents are pressurizing, bullying and forcing them to change. This impacts the heart of the program and the change agents spend most of the time defending their actions. The senior management doesn’t really want change, hence looks the other way or gives tacit approval to derail the program and mob the change agents.
In such cases, the change agents have to pay a high price, but the seeds of change are sown. People recognize that there is a better way of doing things, and gradually move towards light.
Closing Thoughts
Change is difficult. We ourselves find it difficult to change, so getting others to change is an obstacle race. As Mahatma Gandhi said on leading the non-violent Indian independence movement – “First they ignore you, then they laugh at you, then they fight you and then you win.” Being a change agent is a test of stamina, perseverance, discipline and sacrifice. There are no low hanging fruits to pluck, no short-term rewards, no personal glory, however, in the end organization benefits.
Strategy to Execution – A Risky Path
Posted by Sonia Jaspal in Financial Risks, Human Resource Risks, Management, Organization Culture, Process Re-engineering, Process Risks, Risk Management, Strategic Risk Management on January 22, 2012
Some companies fail and some succeed spectacularly in the same market conditions. The question for successful companies is – what did they do differently? On the other hand, failure is attributed to either poor strategy or pathetic operations. A popular notion among managers is that if company is not achieving targets, then review the strategy, something must be wrong with it. If the strategy is found reliable, review the operations and focus on it to be successful. Is the explanation for failure that simple?
In my view failures occur because complexities of the situation are either ignored or misunderstood. The third-fourth-fifth dimensions are normally missed and must be looked into. The overall strategy might be right, the execution flawless, and the company may still be staring in the face of failure. According to me the path from strategy to execution is very risky. Below are my views on the same, do you agree with them?
1. The Human Dimension
Let me give you an example, that most employees are familiar with:
Objective of the company : Make the organization a “Great place to work”.
Strategy to achieve the objective : Focus on diversity, work-life balance and good leadership pipeline.
Execution plans : Hire 25% women, promote 10% women to senior levels, issue policy of work life balance , introduce 360 degree feedback and balance score card system.
All the execution plans were implemented, however employees are still cribbing and consider the organization one of the worst places to work. So what went wrong?
Now let me give you a few situations that occurred in the organization :
a) A gorgeous looking woman was placed in a senior management position who was rumored to be having an affair with a CXO. Employees down the line didn’t like her personally as she did not have a reputation of high professional caliber or ethics.
b) A few employees in the 360 degree feedback, gave honest negative feedback about their bosses. In less than a quarter the bosses with help of human resource department terminated or demoted the employees.
c) Bosses allowed the employees to leave office premises by 6 pm. However, they asked employees to work at home and deliver reports the next morning at 9 am.
The missing component – the human dimension – was overlooked. The culture of the organization didn’t change with the strategies and plans. The messages that employees received were – ”One gets promoted if one sucks up to the boss, merit doesn’t count, honesty has a huge downside and bosses will harass. Nothing has changed.” The tone at the top remained the same and no one was seen walking the talk. Hence, though everything looked good on paper, and all execution deliverables were achieved, the execution team met the key performance indicators, the objective wasn’t accomplished. People make the difference, hence analyzing culture, messages and in some situations even the grapevine is helpful.
2. The Organization History
The often ignored impediment in failure of strategy is the organization history. History – good and bad - makes a difference in success and failure of strategy as it directly impacts commitment levels. If the organization has had bad incidents or history, a host of issues become undiscussable. These undiscussable issues make communication superficial, hide negatives in the wood work and portray a picture that management wants to hear. In a globally connected world, even a small incident can become a historical landmark. To bring clarity to my point, I am narrating an incident that I experienced.
I was working in an organization in which one of the core values was “respect for everyone’s time”. The offices were open plan, with no difference between a CEO desk and an admin desk. All meetings were conducted in various conference rooms and room bookings were done through an intranet application. The cultural guideline was – do not overstay in a room as it may be booked by another group/individual. There were no reserved conference rooms for senior managers.
One day a new employee with his group saw that the people in the conference room he had booked for a meeting continued in the room after their meeting time elapsed. He knocked on the room, and asked the team inside to leave. The other employees outside were horrified. After 5 minutes, when he saw no action, he again knocked. The team inside walked out and all employees were red-faced. The poor chap had just evicted the Global CEO and his executive team out from the conference room.
News traveled globally within a few hours of the incident. The mathematical geniuses developed statistical models on probability of the new employee being asked to leave. Others like me, indulged in simple betting. Within a week the CEO sent a global message appreciating the employee for adhering to the organization values. He said that he felt good that induction training was effective, HR was doing a good job in recruitment & selection, and employees were fearless in confronting seniors on core organization values. All employees were absolutely jubilant on losing their bets. The incident became part of organization history and employees were inspired by the leadership. Commitment to a strategy comes from the heart and not by the numbers given in a Powerpoint presentation. In some situations analyzing the past history of the organization and failure rate of strategies might be helpful.
3. Reliance on Performance Management Systems
Norman Marks in his post – “The inter-relationships of risk, objectives, strategy and performance“ rightly said that “performance management without considering risk is flying blind.” I agree with this statement. However, my question is – are organizations really measuring the right stuff ? If not, are organizations deluding themselves into believing that they are monitoring and as all performance indicators show green status, everything is great.
Let me narrate here my pet peeve on risk management performance indicators. Tell me, how many of us have filled a balance score card or prepared an annual plan stating the number of risk management reports issued during the year. Additionally, recall numerous times assurance has been given to senior management based on the reports issued and their findings.
According to me, these performance indicators for a risk management department make limited sense. Better indicators would be :
a) To calculate the amount of loss averted from timely risk mitigation. Or,
b) Counting the number of days organization risk was higher than the established risk appetite of the company.
However, only a few companies keep these performance parameters because these are difficult to calculate and require robust management systems. So we rely on parameters that are actually not telling us anything more than the fact that some work is being done. Therefore, my contention is that even if a the risk of not issuing 12 risk management reports (a performance measure) during the year would be available, it may be irrelevant risk identification. A good idea when doing management by objectives, is to check what the company is measuring.
4. The Organization Structure & Systems
The focus is not developing the strategy and operation plans, however the point that is missed is – whether the organization structure and systems are conducive towards accomplishing the envisaged operations efficiency.
The prime example of this is establishing backoffice operations in emerging markets or outsourcing processes. Most organizations initially off shored to save on costs. The cost-benefit analysis was done considering the explicit cost of labor and other costs in mind. However, the implicit cost of managing the operations remotely, variance in customer service quality, breakdown of services and increased risk of fraud were not considered. Quite frequently, the same process was outsourced without much re-engineering for outsourcing the process. This resulted in cumbersome and long processes, higher management time and more risks. In rare cases only the organization structure was aligned to outsourcing activities and managing the complex relationships.
In this case, the strategy was fine, effort was put in setting up back office operations properly. However, the interlinked impact on various functions and activities was ignored. Basically the problems arose due to structure and systems, as these were not considered at the strategy formation stage.
5. Strategic Risk Management
Finally, the concept of strategic risk management is gaining popularity, though it still has a long way to go. Problems sometimes arise in implementing a strategy, because at the time of formulation the strategic risks were not identified and assessed. Hence, the organization has a rosy picture of the strategy.
The additional challenge is when strategic risks are identified though not properly. Some hold the opinion that strategic risks are best identified by the top management or chief risk manager. The frontline operations teams do not have a role to play. My view is that while strategy may be developed at the top, the risks need to be captured at all levels and rolled up to the strategy development team.
To illustrate, let me share with you the venture of international fast food joints in India. KFC, McDonalds etc. made losses in the Indian market initially. The reason for entering the Indian market was clear – a huge educated middle class provided a good customer base. They replicated their operations model in India. However, they really didn’t understand Indian tastes. Indians preferred spicy food and didn’t appreciate the American bland taste. Secondly, Indians initially took these meals as snacks and not for lunch or dinner. Hence, were willing to spend much less than they would in an Indian restaurant. It took the companies 3-4 years to understand the difference in customer tastes and expenditure patterns, and change the menu accordingly. Customer risk was local whereas the strategy was formed globally. Strategy failed due to lack of understanding of local market.
Hence, in my view strategic risk management is not a simple exercise undertaken at the top of the company pyramid. A robust enterprise risk management system aligning objectives, strategies and risks is definitely beneficial. If an organization is not meeting its key performance indicators, even when their are no obvious problems with operations, a through analysis of risks at all levels sheds light on quite a few issues.
6. Impact of Systemic Risks
Another aspect that is least understood in organizations is systemic risks. Organizations adopting enterprise risk management assume that since the key risk indicators are showing low risk, everything is running smoothly. However, as seen in the financial crises, the impact of systemic risks is huge. Underestimating it or ignoring it can nearly wipe out the organization.
Turner report highlighted the impact of systemic risks in the banking sector with the following lines:
“Five key features of this new model played a crucial role in increasing systemic risks, contributing to the credit boom in the upswing and exacerbating the self-reinforcing nature of the subsequent downswing:
(i) The growing size of the financial sector.
(ii) Increasing leverage – in many forms.
(iii) Changing forms of maturity transformation.
(iv) A misplaced reliance on sophisticated maths.
(v) Hard-wired procyclicality.”
Although, in the blame game the investment bankers are being labeled as culprits for playing in the CDO market, the interconnections between retail and investment banking resulted in the crises. The retail bankers gave home loans to individuals with doubtful repayment capacity to leverage the boom in real estate market. Simple explanation is that the collapse of real estate market negatively impacted recovery of loans which resulted in making the CDOs worthless. The key lesson to learn here is that strategies can fail majorly if they are not protected against the impact of systemic risks.
7. Leadership Quality
The quality of leaders makes the largest difference to an organization’s success. Can one imagine GE’s tremendous success without Jack Welch? He accomplished a lot as a leader, though he portrays himself modestly in his book “Straight From The Gut” . He narrates -
“I came to the job without any external CEO skills. I had rarely dealt with anyone in Washington, even though the government was more into business than ever. I had little experience dealing with the media. My only press conference was scripted session with Reg on the day GE announced I would the the next chairman. I had only one or two brief outings before the Wall Street analysts who followed GE. And out 500,000-plus shareholders had no idea who Jack Welch was and whether he would be able to fill the shoes of the most admired businessman in America.”
Jim Collins in his book “Good to Great” analysed the impact on companies that had level 5 leaders. Organizations with level 5 leaders showed consistent performance and a far better share holder return than their industry counterparts. Hence, if either strategy or operations are failing, the quality of leadership should be looked into.
8. Assessment of Strategy Formation Process
Last but not the least is a discussion on strategy itself. Two thoughts come into mind – how should a strategy be assessed for effectiveness and when should the strategy be modified or changed? The quality of strategy itself is in doubt sometimes.
The key reasons for adopting a wrong or misguided strategy relate to some of the points I had mentioned in my earlier posts on strategic risk management :
a) Very few organizations have a proper process for strategy formation. For most it is an end of the year data accumulation practice from different business units. An organization level strategy considering all interconnected aspects of business may not have been devised.
b) Board and CXOs generally do not negate a strategy given by the CEO or fellow colleague. The political repercussions of challenging a CEO/CXOs strategy can be huge, hence most keep their opposing opinions to themselves.
c) If the organization culture is not focused on creativity, ideas and learning, new strategies will not be presented for fear of being mocked or run over. Hence, contrary to popular perceptions the strategy pipeline is quite dry.
d) Moreover, the choices of strategy selection with CEO/CXO are limited. They receive ideas which people down the line have collectively agreed to. These might not be the best ideas as the popular ones generally do not shake people out of their comfort zones.
Understanding these circumstances for assessing the quality of strategy can be difficult. Senior management in such situations has to start from scratch to develop a strategy formation process. If the formation process is full of loopholes or ineffective, the probability of having a good strategy is low.
Closing Thoughts
In nutshell, getting the strategy and operations right is critical for organization success. However, these two components itself do not guarantee success, they are just the building blocks. Other management and organization parts need to be aligned properly to the objectives and strategy of the organization. A holistic picture is required to accomplish objectives. In case of failure in achieving objectives, a review of strategy and operations is definitely beneficial. However, aspects underlining these should be delved into deeply to do a proper root cause analysis. Looking beyond the obvious helps.
References:
- Turner report – A regulatory response to global financial crises – Financial Serivices Authority, UK
- Straight from the gut- Jack Welch with Johm A. Byrne
- Good to Great – Jim Collins
- Norman Marks Blog
Like this:
Risk Management Induction Training to Business Teams
Posted by Sonia Jaspal in Good Reads, GRC Dept. Functioning, Human Resource Risks, Management, Methodologies & Procedures on November 27, 2011
I had joined a new company and was taking the induction training. I thought it would be a good idea to get fellow participants perspective.So I asked a young employee – “How did you find the risk management induction training?” He responded – “Was that training? It sounded more like a rulebook of corporate prison.” The training had bored me to death and I shared his opinion. I wondered whether risk management team took feedback seriously or were purposely designing trainings to turn off new employees.
Normally in India, a trainer reads out from the presentation the various dos and don’ts of the organization’s code of conduct, regulations impacting the organization and technicalities of business ethics. To enhance interest further some provide detailed information of GRC organization chart. The training comes to a dramatic end when in the last few slides, the trainer delivers the key message to the participants – We will fire you if you do not follow all this.
The newcomers already have butterflies in their stomachs. To add to their woes, we present a dry subject in a dull and boring manner. Then we expect them to imbibe the messages in their daily working life. Let’s face it, we are facing competition from Lady Gaga. Gen Y is more likely to remember the lyrics of her song, than risk management training. To get their attention we need to reframe risk management training. There is no rulebook that says trainings must be without any rammatazz and unimaginative to the core.
Yeah, that's a HR Management book
I contacted Peter Cook, an unconventional and creative business author, speaker and consultant, to get his views. He is reinventing the art of human resource management. His recent book “Punk Rock People Management” is a winner. He innovatively connects human resource fundamentals with music. Unbelievable but true, you have to read one of his books to find out how he does it. His perceptive views on induction enormously impressed me. Here is my favorite paragraph from the book:
“Post-punk princesses Madonna and Lady Gaga unwittingly stumbled upon the problem of induction with their songs ‘Like a Virgin’ and ‘Bad Romance’ as did punk group The Boys with their minor hit ‘It’s my first time’. However good your hiring of people is, failing to induct people properly can cost you in thelong run. Classical HR induction sessions emphasize all the statutory stuff, such as health and safety and getting your corporate identity badge (whilst losing your identity). But they generally fail to establish what is called a ‘psychological contract’ between the new recruit and the company, which leads to long-term performance and commitment. The costs of NOT doing this include rapid turnover, poor performance, corporate sabotage and mental sabbaticals (the lights are on but no-one’s at home) etc.”
Peter makes an excellent point about psychological connection. Risk management trainings fail to positively influence the participants. The lines below highlight the ridiculousness of expecting participants to be gung ho about the training.
“Imagine what would happen if this approach were adopted when you fell in love. You would have a ARRSE (Adviser – Romance Risk Strategy Executive) come along to show you some PowerPoint slides on the risks of falling in love,issuing you with badges to say you are officially in love, and so on. So, why does common sense go out the window when we enter the crazy world of work?”
This prompted me to pick up three most applicable points for risk management induction training from Peter’s book and I requested him to share his views on the same.
1. Understand the audience
The one-size fits all doesn’t work for risk management training. For instance, in Indian ITES sector, new employees join right after school. To them, terms like audit, fraud, ethics are practically incomprehensible. Their head will spin if we give them a download on various laws and regulations in the first training session.
The same applies in other industries also.The choice is ours – to be either amused or appalled at their naiveté. The story below depicts the level of understanding of a fresh recruit.
An experienced purchase manager working in food and beverages industry was offended with a new junior. The junior had accepted a gift from a supplier in their first meeting. The purchase manager called the junior to his room and asked in Hindi –“Do you understand ‘AAchar’ (ethics)?“ The junior replied in English– “Of course sir, it means pickles (Achar).”
This is the risk managers’ starting point for training. Therefore, prepare a training calendar with various sessions over 6 months to bring them up to speed. Peter mentioned that there are 57 ways to train besides classroom training – workshops, e-learning, mentoring, storytelling, etc. Identify the staff learning styles and develop the training accordingly.
2. Make training fun
I know it is tempting to give a few thousand pages to read to the participants. That is what we, as risk managers had to do. But remember the training participants haven’t signed in for a risk management professional course. Don’t give them manuals in the name of e-learning. That’s only going to make them panic. Make it simple and fun. Peter succinctly put this point across in his book. He says create an environment where people are naturally engaged. For example, he wrote:
Pubs do NOT have mission statements that say:
“We aim to encourage sociosexual networking and leverage mission critical knowledge, skills and wisdom through the use of addictive depressant substances in a relaxing lifestyle environment that encourages the suppression of societal norms of decency and so on”
If you read this statement while entering a pub, will you immediately fall in love with the pub or hesitate to enter? Same rule applies to induction training. Why not explain the statutory stuff without using the corporate and risk management jargon?
3. Help participants succeed
The biggest obstacle in the successful implementation of risk management training, is the attitude of the risk managers. The managers sometimes focus more on the numbers covered so that they can tick off from their to-do list and report to compliance that training was conducted. The trainers are not accountable to make the business teams effectively manage risks.
Sometimes, when the classroom training is over the participants do not know whom to connect with if they have questions when they start working. In some e-learning courses the same problem is exists.
Peter gives some good advice here. He says - “Make sure that new people understand on the first day exactly what they can do to succeed. Connect the new members with the people who can help them do their best”
Closing thoughts
Use induction training as a starting point to develop risk awareness and culture within the participants. Don’t make it a big ruse to cover numbers. If the training is good, the new employees will become unofficial ambassadors of risk management. By creating the right chemistry, risk managers will have long term allies in business teams. Make the start a memorable and happy one for the new employees, and they will keep coming back for more.
Like this:
Leading Risk Management Function with Emotional Intelligence
Posted by Sonia Jaspal in Good Reads, GRC Dept. Functioning, Management on July 15, 2011
Have you ever felt as a risk manager that business teams don’t want you around them? Behind your back business teams in three words describe you as “critical slimy burger”, in two words “painful preacher” and in one word “#@$&^@#$”. Your ideas and opinions are strongly opposed and good ones too sink due to death-by-association syndrome.
Sometimes, from top to bottom levels of the organization business executives stonewall risk managers’ efforts and the risk management team faces this antagonistic attitude.
Ascending the Maturity Curve - Economist Intelligence Unit
Even the Chief Risk Officer (CRO) and other risk managers fail to cut ice with senior management. A recent report “Ascending the Maturity Curve” published by Economist Intelligence Unit shows that just 28% of business executives consider CRO and other risk oversight members as usually helpful in achieving business objectives. The adjoining graph reflects that thought process of business executives about risk managers.
In light of this, it is clear that risk managers face a challenging and conflicting relationship with business executives. These issues make risk managers’ jobs notoriously frustrating and thankless. Hence, risk managers need a solution to be effective.
I thought it might be a good idea to study why business teams react negatively and how to make then think positively about risk managers. I read Daniel Goleman’s book – The New Leaders, which covers ways to use emotional intelligence in leadership. It sheds light on disastrous leadership outcomes when leaders deal with teams without sufficient emotional intelligence. There are a number of lessons for risk managers to learn from the book and here are some of them.
Briefly, Goleman has described resonant and dissonant leadership styles. Resonant leaders attune to other people’s feelings and communicate emphatically to move their feelings in a positive direction. While dissonant leaders fail to recognize feelings of the people they are dealing with and create negative emotions – anger, frustration, fear – in them. He has defined six leadership styles, four are resonant and two are dissonant. In my view, risk managers reflect these leadership styles and a better understanding of it will help them in building relationships with business executives and within the team.
1. Visionary style
According to Goleman, visionary leaders articulate the purpose that rings true for themselves, and attune to the values shared by the people they lead. This also initiates transparency by removing barriers and smokescreens within the organization. However, the downside is that visionary leaders sometimes sound pompous and overbearing.
In my view, when CROs and other risk management seniors adopt visionary leadership they facilitate business teams in seeing the bigger picture. The risk management functions are perceived negatively as they adopt a check box mentality and highlight small regulatory issues as major problems. They sometimes do not spend adequate time with business teams articulating how risk management will benefit them in achieving business objectives. Hence, business executives are resistant to suggestions, as they have limited idea on how their risk management ties up to the overall corporate mission, vision and strategy.
Here, the takeaway is that risk managers need to sell the bigger picture of risk management functions and trust the business teams to identify and mitigate risks. Understand the need of business teams to feel important that their work matters.
2. Coaching style
Goleman states coaching style builds rapports and deep emotional relationships; however, most leaders tend to ignore it. It is a resonant style if done properly. When executed poorly coaching looks like micromanaging or excessively controlling. He further adds managers are inept at giving performance feedback that builds motivation and not fear and apathy. Hence, give coaching that makes the employee feel that it is in their best interest rather than feel manipulated and attacked.
According to me, this is the crux of the problem. Risk manager’s role – especially the compliance and governance – demands identifying weaknesses in business operations. Frequently, risk managers issue draft and final reports to senior management without really explaining the details to the middle and junior level executives. This causes anxiety and fear in business teams.
Psychologically, mild anxiety results in attention and energy to the job, prolonged distress hampers work performance. Secondly, chronic anger, anxiety and sense of futility cause emotional hijacking. Considering this aspect, it isn’t surprising that in long-term audit or investigation assignments, the business teams are distressed. If risk managers do not provide periodic updates on their observations, the continuous anxiety results in negative reactions. Here regular coaching becomes essential.
Therefore, risk managers must attune themselves to the emotions created by their work and communications in the business teams. Give feedback in a way that doesn’t diminish the value of work being done by the business team. Not in a manner where the person feels that, s/he is the problem.
3. Affiliative style
In Goleman’s view, affiliative style represents collaborative competence in action. This style is good for relationship building as it promotes harmony and friendly interactions. It allows a person to be kind along with being candid. However, the negatives of this style are that it can drive down performance if constructive feedback is not given or if used in a disaster scenario, the person may appear clueless.
In my opinion, risk managers can use this style to build relationships with CEO, CXOs and Board. The risk managers are not getting a seat at the board level or do not have sufficient visibility with the CEO. Hence, a few organizations have a slip-shod approach to risk management.
The messages given by senior management on risk management build the risk culture within the organization. According to Goleman’s study – “Roughly 50% to 70% of how employees perceive their organization’s climate can be traced to the actions of one person: the leader”. Hence, CEO’s actions and sentiments towards risk management get reflected throughout the organization. Therefore, relationship building is critical at this level for risk managers. Become a friend of the CXOs.
4. Democratic style
Daniel Goleman says that democratic style is generally the most successful resonant leadership style. Leaders discuss issues, listen to others, take feedback and then make a collective decision. The advantage is that there is limited backlash for harsh decisions as it builds trust, respect and commitment. The disadvantage is that over-reliance on this approach results in endless meetings without firm direction.
My outlook is that auditors and compliance officials cannot adopt a democratic style for conducting an assignment, as it will hamper independence.
Nonetheless, democratic style should be adopted for recommendations and improvements in business. For example, if process re-engineering or additional controls are being suggested, it is useful to listen to business teams and discuss the solutions to them. The business teams are closest to the problems. Hence, the style benefits when risk managers perform advisory or consulting assignments. It is also a useful tool to understand the business executives concerns and anxiety points. Let the business teams take decisions about risk management and ownership for the same.
5. Pace-setting style
Goleman says that in modern times pacesetters are thought of as good leaders since the leadership style adds to the bottom-line in short-run. Pacesetters focus on performance and excellence. However, if the leader drives employees too hard the morale plummets. Pace setting only works when employees are self-motivated, highly competent and need little direction. Meeting high standards of excellence has a cost, as it is task focused and not people focused approach.
There are two key insights to be gathered from Goleman’s analysis. The first one is that if CEO and board are driven by quarterly results and showing good performance, in the long run the organization is likely to pay a huge price. Hence, CROs need to monitor this form of leadership and culture, and guide the senior management.
The second aspect is the CROs and other risk managers need to ensure that they themselves do not become aggressive pacesetters in their functions. Sometimes the targets on number of reports, project timings, and quality of work become so critical that CROs ignore other aspects. In these situations, the star techie gets promoted who may not have adequate leadership and people management skills. Hence, there is burnout in the risk management team and conflicts with business teams. This is a dissonant style of leadership hence use it with care.
6. Command style
The command style though frequently used is the most dissonant style as per Goleman. It is a coercive style – do it because I say so – being the message that makes employees feel threatened and intimidated. It is least effective as an intimidating cold leader contaminates everyone’s mood and the quality of overall climate spirals down. Employees think of it as a reign of terror so stop bringing bad news as the bearer is killed. The upside is that in crisis this style is effective.
A risk manager may claim that their role is recommendatory in nature and they do not have line authority over business teams. Hence, this kind of situation would not result from their actions.
On the contrary, if risk managers start playing political games and use their negative findings to downgrade a business executive’s career, the same results will ensue. Hence, they definitely have responsibility to ensure that their actions do not intimidate business teams or make them feel threatened.
However, if they are doing a million dollar fraud investigation or detecting a data theft situation, this style will work. It will reduce panic in the business teams since someone is in command and is showing direction.
Closing thoughts
As I read the book, one message was clear – risk managers need a range of leadership styles to be effective. Risk managers emotional intelligence determines their success and failure in building relationships with business executives. In Goleman’s words –
“The triad of self-awareness, self-management and empathy all come together in the final emotional intelligence ability: relationship management. Managing relationships skillfully boils down to handling other people’s emotions.”
Here is a clue. Psychologically laughter is the easiest way to create positive emotions. So risk managers leave your serious-brow furrowed look and smile.
References
Images of a Chief Risk Officer
Posted by Sonia Jaspal in GRC Dept. Functioning, Risk Management on April 16, 2011
Indians are euphoric this April due to two major victories, one that is an Indian passion and the other is slowing making India hollow. Yes, I am talking about two most common words you are likely to hear this season – Cricket and Corruption. The elation of Indian cricket team winning the World Cut hadn’t died down when Anna Hazare launched his protest against the Lokpal Bill. Government bowed down to the public protest and both the wins made Indians proud.
The two events got me thinking. The Indian cricket team honored Sachin Tendulkar with the win. Each team-member said they wished to honor him for 20 years of dedicated commitment to Indian cricket. Sachin’s attributes are that he has domain knowledge of the game, an expertise few players have, he mentors and supports junior players, team depends on him for taking them out of tough spots and he is dependable and reliable. He doesn’t have a formal leadership role. He gave up captaincy when he realized he is not suited for it. Clearly a man who knows his strengths and limits!
If you see Anna Hazare, he is a 72-year-old man who enjoys the reputation of impeccable integrity. The government listened to his demands as he commands a moral authority, which few leaders enjoy. It is not that everyone can go on a fast-unto-death and expect the government to agree to modify a proposed law. People supported him because he led from the front; he has sacrificed his life for the community without any interest in power or money. Again, he has no formal authority as he is not an elected member of parliament nor does he hold any position. People respect him for his moral courage and commitment.
Now look at the qualities of these two men- Sachin Tendulkar and Anna Hazare. Aren’t these what a Chief Risk Officer (CRO) of an organization should be having? Risk managers generally complain that they have limited access to board and CEO and business team do not listen to their advice. Hence, they are struggling to be heard by senior management and business teams. However, if you think deeply does it not appear that senior management and business managers are not relying on risk managers because they might be reflecting incorrect attributes?
In my view, a CRO provides value to the board and CEO at strategy and policy level. The CRO is not the captain of the ship, but should be able to guide senior management in understanding the risks and address them. For business managers a CRO needs to mentor them in running business operations with minimum risks. To do so, CRO needs to have a combined reputation of Tendulkar and Hazare. S/He needs to have a reputation of impeccable integrity, domain knowledge and expertise, trustworthiness and reliability , a team player and with an ability to sacrifice personal agendas for greater good of business. If s/he has this reputation, probability is that both senior management and business managers will be more forthcoming in involving him/her to understand and mitigate risks.
Images & Shadows
This prompts me into thinking the second aspect of the problem. What are the images CRO have in the organization and how are these benefitting or negating them?
1. Nitpicker to Troublemaker
Most CROs complain that they are unable to get into CEO’s cartel. The challenges they face are that on one hand CEOs and board think that CROs are nitpickers who can’t provide much value add at strategic and business level. On the other hand, the CROs who do manage to attend CEO and board meetings may face significant resistance to their views. I had covered this aspect in the article “Independence of Internal Auditors – An Oxymoron”. As per KPMG Audit Committee report of 2010, 73% of Chief Audit Executives’ jobs are at risk if they hold a contrary view than the board. The attitude of the management is that ”we don’t need someone on our board who doesn’t appreciate our views.” In such a situation the CRO has a choice between the devil and the deep blue sea.
Auditing and advising are two sides of the same coin and CROs needed to fulfill both of them diligently to ensure organization risks are managed effectively. CROs can learn from Hazare and Tendulkar on how to lead senior management without holding formal authority. They need to develop a reputation of a “guy who can be counted on to give the right advice and support.” To do so they need to work towards changing the image of bean counters and focus on developing strategic perspectives at macro level.
2. Busybody to Watchdog
The employees of the organization sometimes view GRC staff as tale tattlers. According to the negative perceptions of business employees, the sole purpose of risk managers is to report to the management everything nasty to satisfy personal agendas and play political games. Generally, the image is formed when CRO is perceived as using audit and other risk management reports to gain political power and uses them negatively. With an image of Dr. Jackal and Dr. Hyde, there is significant trust deficit at all levels of the organization. The downside is that business teams instead of developing risk aversion, develop an aversion to risk managers. Here, the CRO fails to establish a reputation as a genuine business advisor willing to hand hold business teams to improve risk management.
CROs need to take a leaf out of Anna Hazare’s life. Anna Hazare gathered political support and led from the front in the Lokpal Bill protest. He garnered support as public understood that he was sacrificing himself for the greater good of the community. He showed he had the moral authority to lead others and protest against corruption on their behalf. The CROs should aspire to have a similar reputation where management and employees trust him/her to work for the benefit of the organization and be above petty politics.
3. Scholarly to Acerbic
Frequently business managers view a CRO as “S/he is theoretical, is woefully obtuse about the practical aspects of business.” Or worse, “S/he thinks the job is to criticize, is always thumbing his/her nose at business managers.” The problem results as CROs and their teams are unable to cut ice with senior management and business teams when their reputations are that they are paper pushers, paid critics, think others as lesser mortals or are amusingly ridiculous in their ideas. S/he is never on the guest list of the business managers meetings. Here, the CROs fail in establishing their expertise and domain knowledge; hence lack credibility.
Taking a lesson from Sachin’s case, would he enjoy team respect and fan following if he lacked domain knowledge and expertise. He has earned respect with his humble attitude and willingness to share his knowledge with teammates. The CRO needs to make their internal brand one of an enabler rather than a critic. The risk management technical expertise can be successful only if applied in addressing business challenges. Hence, a balance needs to be maintained between risk management and business issues. The willingness to train and mentor business managers on risk management aspects will go a long way.
In nutshell, risk managers should focus on their internal branding within the organization. We may rely on facts but perceptions matter. If senior management and business managers develop negative perceptions of the CRO, the organization and risk management teams suffer. People generally do not listen to people whom they do not respect and trust. Hence, CROs first task should be to develop a reputation of impeccable integrity, and being a good mentor and a domain expert.
Welcome your opinion.
Optimism Leads to Delusions?
Posted by Sonia Jaspal in Management on September 20, 2010
Since birth, the mantra taught to us about life is optimists do better in life as they think positive, are surrounded with positive people and generate positive energy. The example of the glass filled with some water typifies our thinking. Here are three examples of the statements people make and the general opinion formed by the public regarding the statements.
First person
Statement: The glass is half full.
Opinion: Give the guy an immediate pat on the back for being an optimist.
Second person
Statement: The glass is half empty.
Opinion: Well the guy is a pessimist and has negative thinking.
Third person
Statement: The glass is half full and half empty.
Opinion: This person is really picky, majorly into specifics.
Most of the successful people are optimists. Optimism gives them self confidence, a belief in their capability to execute a plan and a capacity to vibe well with people.
It is difficult to imagine a pessimist succeeding with life when he/she is always viewing the picture for the shortcomings.
Optimists on the other hand succeed while viewing the positives of the situation. The problem is that more successful an optimist is the likelihood of seeing the negative side decreases. The person starts believing that he/she is succeeding because the negatives of their personality are not really negative. For example, let us say that an optimist boss has a short temper and takes it out on his/her staff. You might hear the boss saying that it is a good trait as the staff is more careful about work.
The optimist doesn’t realize that he/she is succeeding despite the negatives. Hence, they do not focus on working on removing the negatives as they don’t believe they have them. This results in a number of blind spots. They look at it sometimes, when a major disaster occurs. Normally, because of their belief in themselves, they manage to hold the other party responsible for their own shortcomings.
You might be able to observe this, when you see an optimist friend who has married a number of times. The ex-spouse was always the problem. Their belief in institution of marriage doesn’t reduce with time. Neither do they think that they might be making wrong partner choices or having some romantic notions or impractical ideas of marriage. The option that they themselves may not be ideal spouse material is not going to strike them.
Optimism can lead to delusions which can be fatal for a successful life. You might still be thinking, is it possible. Watch the video “Problem of Coaching Successful People” of Marshall Goldsmith. He is the author of the book- “What Got You Here Won’t Get You There” and is an executive coach. In this short video he has described the four problems of getting successful people to change their behavior.
Mantra for the day is: Obtain feedback, understand your blind spots and work on removing them. Use your optimism to become better rather than blind.
Have a nice week.
Like this:
Auditor – A Listener!
Posted by Sonia Jaspal in Audit, GRC Dept. Functioning on July 14, 2010
I was watching the video on Tom Peter’s site (http://www.tompeters.com/books/little-big-thing/) regarding strategic listening. He mentioned that doctors interrupt the patient’s description of his/her problems within 18 seconds. Just 18 seconds, before a doctor starts formulating an opinion on the diagnosis. It got me thinking, the word auditor has two meanings specified in Oxford dictionary 1) a person authorized to perform an audit and 2) a person who hears; a listener. As auditors, are we listening?
I would say as auditors we are party to the crime of not listening properly and strategically. How much time do we spend in understanding the business strategy and objectives, mission and vision of the business owner/ department which we are auditing? How many of us conduct an informational interview with the teams to understand their business operations and the risks which are perceived by them? Taking a rather negative viewpoint, although would say depicting the real scenario, auditors have an introductory meeting with the business team and tweak their pre-developed audit program somewhat. An audit is conducted according to a standard program and checklist, and a report issued accordingly, sometimes the previous one modified apprpriately. I think we should hold ourselves accountable to Albert Guinon’s quote “There are people who, instead of listening to what is being said to them, are already listening to what they are going to say themselves.” Then as auditors, we are surprised that our recommendations are not implemented and the business teams are complaining that the audit has provided no value add.
I searched for data on time spent by auditors on various activities and the percentage of those spent on listening but could not find any. A report on MetricStream (http://www.metricstream.com/) states that 40% of the audit time is spent on documenting work papers and writing reports. The rule of thumb is that 60-70% audit time is spent on execution. To exemplify my point, I am taking one audit staff’s time distribution for conducting an assignment for a 10 man day period. The ball park figures are depicted in the chart below. Here, of course the assumption is that the meeting time was used to effectively listen. My guess estimate is that if we take 50% of the time as effective listening it would be more realistic. To conclude, on an average one audit staff spends 5% of time listening to the business team. Does this percentage surprise you?
The nitpicking can be done regarding the figures, however the point remains that auditors are not spending significant time listening to the business owners. To further illustrate the point, the top three aspects which we need to understand from the business owner before even preparing an audit program, are:
1. Business Strategy, Mission and Vision
What is the business strategy, mission and vision of the organization and the department and how do you plan to achieve it? Was it the same previous year or has it changed, and if so, what are the changes? Do you believe this is the right strategy to adopt or are you planning on changing it?
2. Organization Culture
Is the organization culture constructive, aggressive, passive or destructive? What emphasis is placed on building an ethical organization culture? What are the un-discussable issues in the organization? Are there any incidents of work place aggression and how have these been dealt with? Is the leadership open to ideas, concepts and discussions with the juniors?
3. Balance Score Card and Key Performance Indicators
What is your job, how do you perform it, what are the problems you face, what are the risks you perceive and how does your performance get measured?
The question is how much time do we spend on understanding the basic business operations and environment before commencing an audit? The answers to the above questions will facilitate an auditor in understanding the key concerns of the business, the level and focus on implementation of risk management and corporate governance
It is imperative for auditors to understand the business at macro level before focusing on the micro level. Conducting an audit of transactions does not yield the desired results of giving a comprehensive view of business risks and risk mitigation plans, policies and controls. It is the people who are driving the controls environment, so without dealing with them how can we actually create effective risk management culture. So what is the inhibiting factor for auditors for asking the right questions and listening to the right answers. Is it that they fear developing an image of nosey parker or the other extreme, ask no questions and hear no lies?
For effective listening, an auditor needs good communication skills, be attentive and create an environment of trust. In the words of Lee Iacocca, former CEO Chrysler Corporation “I only wish I could find an institute that teaches people how to listen. Business people need to listen at least as much as they need to talk. Too many people fail to realize that real communication goes in both directions.”
Some of my colleagues would say I am being critical. My defense is that as auditors we spend a whole lot of time reporting deficiences in business operations and stating that business owners do not listen to us. Can auditors be understood when they fail to understand? Should auditors be spending more time listening to the business owners? Should the audit methodologies be changed to incorporate a higher percentage of time spent in discussions?
Welcome your comments on it.
RiskBoard
Effective risk management prevents an organization from going up in flames. - Sonia Jaspal
Passionate About Risk- Bond @ RiskBoard Community
