I've worked with a number of businesses in my professional life who have a statutory obligation to "have adequate risk management systems". In general these businesses try to meet this obligation by applying the concepts of the current risk management standard (AS/NZS ISO 31000:2009) to their business. So I've seen a fair amount of financial services businesses' risk management policies, procedures, and registers in my day.
Of course, as individuals we don't have a statutory obligation to have risk management systems. But even if we don't do it on a formal sense, we owe it to ourselves and the people we love to at least thnk about the major risks to which we're exposed and how we can address them.
Applying the concepts of corporate risk management to personal life domains
Over the past few years I've used this as a framework for thinking about a number of personal life domains. For example:
- Professional - To what degree do you have measures in place to ensure you can address, and capitalise on, uncertainty in your professional life? Changes can stem from any number of directions - for example, within your work environment(s), the broader economy, or from your personal situation? To what degree should specialising in a narrow field be balanced with having a broad skill set that ensures you're generally employable? What are the relative risks of being employed versus starting your own business?
- Social - How do you maintain your friendships and continue to develop relationships despite the demands of parenthood and helping to support a family (or whatever demands apply to you)?
- Physical - Leading causes of death in most developed countries are heart disease, stroke, and cancer. Environmental and lifestyle factors are often major risk factors. What can you do to shift the probabilities in your favour and detect any issues at a stage when you can manage them?
- Financial - If I haven't already harped on about this enough, I'm sure I will. This can be where having suitable insurance, proper succession planning, and making appropriate investment decisions can be especially important.
I'm stopping very short at each of these domains. Each of these domains - and others - warrant a number of posts. I suspect this will drive many of my future posts to this blog.
A few words on defining "risk"
“Risk” can mean different things to different people.
I adopt the definition set out in AS/NZS ISO 31000:2009, which defines risk as “the effect of uncertainty on objectives”. I like this definition because it focuses on two central factors: uncertainty and objectives.
Why objectives? Because if something happens that doesn't impact our objectives, then it’s not relevant to us. It makes setting suitable goals an important part of this exercise (and vice versa: it means we can embrace uncertainty when identifying our personal goals).
Another reason I like about this definition is that it considers not only the downside of uncertainty, but also the potential upside. Uncertainty can work in our favour, helping us to achieve or go beyond our objectives, and in other cases helping us achieve our objectives sooner than we might have otherwise thought. When thinking about the potential downside, we should also consider the upside.