If you are concerned that your organisation might prove to be “fragile” in the face of sudden shifts in markets, financing or customer behaviour – then you are not alone.

We live in a world where geopolitical tensions are a fact of life, where trade tensions are actually unresolved, where natural disasters seem more (not less) likely, and where economies are behaving in poorly understood ways (e.g. the persistence of low inflation and low wages growth). Ominously, our anxiety is only enhanced by the fact that we might not be able to predict and consciously mitigate for the shocks.

Most of the world did not anticipate the GFC. Fortunately, we do have strategies to manage both known and unknown risks. For “known” threats we can diligently deploy contemporary risk management techniques; but for unknown risks we need to think much bigger. This means building organisations that can adapt in times of crisis. This article will briefly address the “known risk” strategies but will more fully discuss the lesser understood approaches for preparing your enterprise for the unexpected.

Managing for known risks

Classic organisational and program risk management can be an effective way of addressing known dangers: risks are defined, probability and impact assessed, and mitigating actions taken. What is less commonly understood is that there are really only four broad actions you can take to address a known risk:

1. Reduce the probability of the risk occurring;
2. Reduce the impact of the risk, which means fortifying the organisation (e.g. think about buildings in an earthquake zone that are strengthened to enable them to survive a major quake; or think about having a balance sheet that can withstand a financial earthquake in debt markets);
3. Build a contingency plan (e.g. think of a back-up data centre; or a plan to switch off services that are burning cash in a financial crisis);
4. Increase the chances that you would notice the problem early, because the earlier you see a problem coming the more likely you are to be able to do something about it.

Now, just because we know how to do risk management does not mean we do it well. Harris Scarfe faced known risks including the growth of online shopping and a low growth retail environment. Yet they were not able to plan for and mitigate these risks. Similarly, the Japanese electrical authorities understood that earthquakes were a risk, yet they did not properly fortify the Fukushima nuclear power plant because they did not fully think through an earthquake’s consequences (i.e. a tsunami taking out a low-lying backup generator).

Preparing for the unexpected

Yet how do you manage for unknown risks? Well there are two related techniques for doing so:

• Fortifying the organisation. This is done in a similar way to that considered for specific risks but now you are thinking about much more generic strategies such as having reserve cash (because money buys you time).
• Increasing organisational adaptability. This means that when faced with an unexpected challenge the organisation can develop and implement plans to survive, even thrive.

It is critical to note these two strategies are very closely tied, for the fortification of the organisation can buy you time to adapt to what might be a new long-term environment. If you really want to ensure that your enterprise does not prove fragile you need to fortify and improve your ability to adapt. Of the two strategies it is “improving adaption” that is the least understood, so I will address that next.

Improving adaption

Fundamentally, improving adaption means improving your “operating model”, which is the way your organisation is put together in order to deliver on its objectives. This includes structures, processes, technologies and, critically, decision making methods. If you want to improve your adaptability, the research (Zolli and Healy, 2012; Bloom, 2014) would indicate the following uncomfortable truths:

• More decentralised organisations are more robust because they can make faster and more appropriate decisions in relation to their market context;
• Firebreaks between organisational units are important to ensure that contagion does not spread e.g. corporate structures that mean one unit going bankrupt will not bring down the whole enterprise;
• The ability to sense changes in markets or other contexts is key. Adaptive organisations can “smell a change in the air” early;
• De-bureaucratised decision making is key – meaning fast, data informed and highly accountable decision making; and
• The “corporate centre” needs to be lean and focused on the allocation of “crisis” resources to the leadership teams that most need it (and can realistically benefit from it).

Adaption in action

Nicholas Bloom of Stanford Business School conducted a 2014 study which clearly showed that decentralised enterprises can do much better in tough times. However, this does not mean a total free hand for decentralised units. Take McDonald’s for example – it is decentralised by country and even down to the decision making at individual store level. Yet there are strict disciplines which must be employed. This is a “loose-tight” model often deployed to ensure that the advantages of scale and scope are utilised (e.g. procurement, health and safety standards, systems and processes), without losing the local adaptive potential. Nestle operates a similar model, so that, for example, the Japanese arm operates very differently from the Australian division. Yet they both share lessons and experience, taking advantage of scale where appropriate.

A final word on adaption and resilience

There are two key lessons to draw from this article. Firstly, traditional risk management is useful, but needs to be done thoroughly (in order to avoid your own version of Fukushima). Secondly, for risks that are not apparent you are best served by creating an adaptive organisation; and then giving it some financial contingency so it has space to adapt when a crisis comes. Of course, the best time to create the adaptive enterprise is well before you really need it. So, now is a good time to start.

By Roger Perry – CEO Bevington Group