Recently, I was discussing faux names for the risk department with a colleague in Operational Risk. We were trying to come up with a good subheading that poked fun of our role in the organization. My suggestions tended towards the subversive (my favorite suggestion was “Risk: Hide All the Bowls Of Cheerios”).
My humor belied the truth that risk functions exist to remind people that bad things can happen. We’re essentially little black rain clouds that portend a calamitous end to your fine Summer outdoor picnic. In that way, aren’t we really like the Goth Kids of the IT Department?
The Goth subculture is predisposed with things that are typically regarded as negative: death, darkness, futility, turmoil, and doom. It’s largely a culture that is driven by music, but also has specific tastes in fashion and aesthetics. In most US high schools there tends to be a clique of kids that refer to themselves as Goth. Its such a popular theme that it was even showcased in society’s biggest purveyor of zeitgeist, South Park.
How fitting is it then, that when certain groups within IT talk about harnessing IoT, wearables, mobile, cloud, self-driving cars, etc. to provide our customers a greater experience and to increase sales that we have to be the ones to micturate in their bowls of Cheerios (because it’s classier if I use a ostentatious word). We need to remind them of all the bad things that could happen. Those fancy cars with auto-pilot could kill someone! What about all that data?! Why do you need it and what are you even collecting it for? Did the customers opt-in to that use? What about data retention? There’s no way the regulators would let that fly… and on and on.
Is their room in strategic thinking and executive leadership for Negative Nancy’s like us? I should think so! Unbridled optimism has its place sure, and there’s something to be said for esprit de corps, but somewhere along the way, these Polly Positive’s need to take time to prepare in case something bad happens. We don’t need to look too far to find an exquisite example of where a willing, vocal resistance to planning caused a major company to fail spectacularly </schadenfreude>
It’s important to curb the enthusiasm of the futurists and to plan for the bad things that may ensue. Sure there are tactful ways to communicate this, and its important to provide feedback about risk in a way that doesn’t place a governor on innovation. In the HBR podcast, there is a great interview with Wharton professor that highlights the importance of having nonconformists in your organization. I would go so far as to argue that, structurally, the entire risk department is a bunch of nonconformists and counterculturists to the mainstream business and IT cultures in the organization. Well, okay, sure our brand of nonconformity has a nice flavor of regulation and compliance thrown in, but you get my drift. It’s our job to be the flow restrictor on the unbridled enthusiasm of the organization. We remind the business to take a sweater so they don’t catch a cold. When they talk about this great new venture, we take the role of Debby Downer and remind them how it all could fail in a fiery mess. They too, in turn, put a damper on our negativism and remind us of how it all could be better. In that way, there is a natural symbiosis between the organizations, each taking the mettle of the other and compromising on a path forward.
If you don’t have any Goth Kids in your IT strategy and executive leadership teams, you aren’t just failing to plan, you are planning to fail.
The Risk Dr ® 