Before getting to the next step in my discourse on insurance, I need to make a stop on the topic of risk.
Like a lot of concepts big enough to organize experience, risk means different things simultaneously.
One part is threat or peril. You run the risk of something bad happening. You want to minimize, mitigate, or shift risk.
Risk also means the probability that something might happen. I use the phrases "upside" and "downside" risk to indicate that something good could happen as well as something bad. For most people, the word risk still leans towards the negative, but I can't help seeing it as symmetrical.
In finance, risk has altogether different connotations. It refers to uncertainty, and gets factored into risk-reward calculations. You trade uncertainty for the possibility of a greater reward. You have a greater or lesser tolerance for risk. In this case, risk is largely something good. We celebrate risk-takers. Your investment advisor will encourage to accept more risk because of the potential for positive returns over time. Being willing to take risk is a sign of courage.
In administration world, risk is largely the domain of "risk managers" who do things like conduct Enterprise Risk Assessments, which identify the big scary things that might happen and line up mitigation strategies to reduce their likelihood. They also manage your insurance programs. Insurance is one of the primary mitigation strategies.
At KPMG, I was introduced to a risk framework. It identified all the functional parts of an enterprise using Porter's 5 Forces model. This was primarily for designing audits, where the auditor's job was to identify the risks associated with each of the elements of the enterprise and develop an audit strategy to determine the degree of exposure in each and suggest procedures, policies, and systems to reduce or manage risk. But it also has been useful for making sure you see each part of an enterprise, and think through the specific features of each.
I've used this framework to argue that we can describe each element of an enterprise in terms of the risk that it is meant to respond to, in this case meant in terms of probabilistic outcomes. At a university, some functions are clear--the police force is in place to protect against crime, injury, and loss of property. I did some work at UC Santa Cruz, which had an on-campus fire department. The UCSC campus is sited beautifully, nestled in a forest. The fire department protect the campus from burning down on a red flag day. But you could also see the academic departments in terms of a kind of risk--what would happen if you don't fund the English department adequately? The English department is there to make sure you offer the programs and courses students need and want, thereby increasing the probability of them coming to the campus and succeeding there. You also have an English department so you won't lose ground to the alternatives those students have. Degradation of academic programs is a serious risk. Maybe students and other stakeholders (alumni and donors, legislators, the community, faculty) don't care if you have a good English department. But do you want to risk that?
I've always wanted to get a client to let me work with them to use a comprehensive risk framework like this to set priorities and allocate resources. So far no takers. Starting from something like the KPMG framework I would kick off conversations that are informed by a risk tolerance orientation. There is always risk in life. It's worth understanding the risks (probably, although you could make the case for the benefits of heedlessness and recklessness). I like the question what risk is this function (position, office, policy, etc., etc.) designed to deal with. I like the phrasing "deal with"--not necessarily reduce or mitigate. You ask what risk is the HR department designed to deal with, and what would happen if you didn't do it, or did less or more of it. And you ask the same question of the English department.
If you did this you'd have the start for comparison across activities, onw of the hardest things to do. Comparison is still hard. The outcome of the risk takes disparate forms--emotional trauma (loss of a loved one), reputational damage, social insecurity, and finally financial loss. Insurance has an answer. Convert losses and gains into dollars (currency), the universal expression of value, value reduced to commodity. This of course shows that the danger (risk) in risk framing is to exacerbate the financialization of all relationships.
A couple more points to make. First, people are very bad at evaluating it. Decision theory has catalogued many errors people make in evaluating the probability of a result. They give more weight to the possibility of loss. They don't take into account sample size. They reason by analogy. They don't recognize randomness. They respond more strongly to vivid examples and to the most available examples.
Like a lot of potential organizing concepts, risk is mutable. A risk starts by taking one form and before you know it takes another. A university has to decide how many police officers to hire. Hire more, and you have better chances of preventing incidents or responding more quickly. But you may find that crime incidence does not require the number of officers you have--you might be located in a safe area and can have the same results with half the officers. Which would allow you to hire more English faculty. But if parents get wind that you cutting back on police officers, you'll be pilloried on social media. So what started as a technical risk of crime morphed into a concern about perceptions on the part of people loosely affiliated with the organization and the place.
There is a reductio ad absurdum problem lurking around the corner. If having an average number of police officers is good, wouldn't double be better? Why stop there? Eventually you end up with a college that is all cops and no teaching. Of course it doesn't get that far, but do have any basis for knowing when the balance has gone too far. There is every reason to think that biases in assessing risk almost guarantee the balance will be out of whack.
No comments:
Post a Comment