Is Partnering a Risk or an Opportunity?

Sometimes collaboration in various forms can open up new opportunities. I know.  But…

You know you can make plenty of mistakes all by yourself, but to get into a real mess you need help.  Partnering allows your business to suffer from mistakes over which you have no control and may even know nothing about.  If you are in, or are about to go into, a partnering arrangement and think this statement is an exaggeration, try answering the twelve questions in this article and think again. Then think how you are going to control the risks. . unless you really want to live dangerously.

“Partnering” is a word that has many meanings. Here I am using it to refer to an arrangement where two or more businesses or other organisations work together on a project but remain separate entities.  It seems to be growing in popularity and is encouraged by many government agencies and other influential bodies, as it can be a means of making use of the expertise and resources of more than one body to achieve some desired objective.  There are many success stories, but the failings and pitfalls are not always so well publicised.

Is your business at risk? Here are twelve questions to ask yourself now about your partnering arrangements to see how well the risks are being managed.  Or leave it until something goes wrong before asking them, if you really like living dangerously.

  1. Do you know what are your responsibilities and what are those of your partner organisation?
  2. How are risks managed in both/all bodies concerned?  Does it matter if there are different approaches?
  3. Does the partnership or joint body exist in itself? Should it?
  4. Is there separate insurance for the risks of the partnership? If not will your insurers cover the joint risks?
  5. Who manages the joint risks?
  6. If a claim arises, who decides which party is responsible for dealing with it and for paying any costs?
  7. How satisfied are you that all parties concerned are capable of managing the additional joint risks as well as their existing ones?
  8. How will any failings by the other party affect your business? Legally? Financially? In terms of your reputation?
  9. What are the arrangements for termination? Could a “divorce” be messy and expensive?

Now let’s say you have answered all the above and are satisfied. (Go on – let’s just say it!).  Now ask two more questions:

11. Have the other partners considered these questions and are their answers the same as yours?

12. Are you sure you all have the same understanding of the risks and the controls?

Now there is just one final question:

13. Do you think you need the services of a Risk Management consultant:

–         To review your risks?

–         To review the risks of the joint body?

–         To oversee the whole arrangement?

–         To manage disputes between the parties?

Coming Soon: the Lessons of the Great War.

This year, like it or not, we can all expect to be hearing and reading a lot about the First World War which, we are frequently being reminded, began 100 years ago this August.

Now I love history and will probably find a lot of this very interesting, but I know that is not how everyone feels and that for some this year will be like a World Cup Year for those of us who are not interested in football.  Anyway, whatever your attitude, you had better prepare yourself for all the clichés that the media will be bombarding us with, often going over the top, sometimes having a shot at making us shell out for the books, magazines, DVDs and memorabilia that will be coming at us on all sides.

It has been said, however, that the main use for the past is for us to learn from it.  So even if you do not take much interest in history, I assure you there are lots of lessons to be learnt from the Great War.  Not only for soldiers or politicians.  It was a classic case of How Not To Do… lots of things, as well as containing  just the odd exceptional example that may be worth copying!

Therefore, I will be writing on my blogs, newsletters and Ezine Articles my thoughts on how to apply some of the lessons of that War to Risk Management.  But let us remember that Risk Management cannot be separated from other aspects of management or from life in general, so there will probably be something for almost everyone in these articles.

Watch this space!

Would Nigella have survived the Morecambe and Wise Show?

Over the Christmas period, I found myself enjoying yet again many clips from old Morecambe and Wise Shows.  I also found myself unable to avoid hearing a lot about Nigella Lawson.

I found it interesting to see how Nigella’s reputation survived what seemed like very bad publicity.  This is partly because the press did not all seem to sympathise with her ex-employees, even when the Court found them Not Guilty.  It was also partly due to her ability to portray herself as a victim. And thirdly, it was because she managed to get everyone’s attention on to her new TV series, and so thinking about her talents rather than her private life.

There seems to me to be a similarity with the way the guests on Morecambe and Wise were humiliated in a way, yet found their public image improved.  This was, at least partly, due to the way they reacted to the insults on screen.

The lesson I gained from all this was that your reputation can be helped rather than harmed by an incident if you, and your Public Relations people, respond in a positive way.  So your Reputational Risk can be managed, just like any other, even if the events around you can not.

Of course, not everyone has had the advantage of being married to a Public Relations expert, but we can all try to learn from other people’s good and bad examples. Or go to consultants.

Is Skiing really all that dangerous?

In recent weeks there has been a lot of publicity to the skiing accidents which have injured Michael Schumacher and Angela Merkel. They both desrve our sympathy and best wishes.

Without knowing all the details, I think it is unlikely that either of these two people would have achieved the success they have, in two very different fields, unless they had been able to manage the risks around them.  Yet both have been victims of skiing accidents. Does that mean that skiing is an extremely dangerous sport? Not necessarily. I think there are two things we can learn from these events, neither being that we should give up skiing (or in my case not take it up at all).

Firstly,  however well you manage  any risks you can seldom preclude something going wrong. Risk management usually reduces rather than eliminates risks.

Controlling risks in your chosen field does not mean you are going to be able to do so as effectively in other areas of your life.

Many businessmen, and women, are very good at managing some of the risks in their businesses, but need help in dealing with others. Do not think you are unusual if you are in that category, and do not be afraid to get help from a professional to deal with some of your risks.

What Else Is New? Apart From IT (“Cyber”) Risks, And Reputational Risks, What Others Are We to Look Out For in 2014?

I have written about the Cyber-Risk and threats to your reputation associated with social media , because of our increasing dependence on computers and the Internet. Another area where we are all getting more vulnerable is interdependence generally.  This is also not new but becoming more important and it leads to:

 The Supply Chain Risk.

What this means is that your business could be badly affected, even terminally, because of failings by other organisations you depend on.

When choosing a supplier, therefore, things to ask, apart from price and quality, should include:

  • How important is this service to your business?
  • How robust is this supplier? i.e. Are they likely to be around for long?
  • What risks do they face and how do they manage them?
  • What could put them out of business temporarily or worse?
  • How easy would it be to switch to another suitable supplier if this one failed to deliver? How long would it take?
  • Would you rather use more than one supplier to avoid being too dependent?

It is also worth considering your suppliers’ dependency on others.  In some industries you could find all your suppliers’ competitors use the same original source for their essential materials as your present supplier!

You should also consider how much stock you need to hold as a buffer against supply problems.

As we are all increasingly relying on our IT, it is likely that your IT support is one area where you need to look carefully at the supply chain.

This is just one example of the inter-relationship between different risks, and a good reason for reviewing your risks as a whole rather than looking at any one on its own.

And don’t forget all the old risks have not gone away, they have just been joined by newer ones!

So We Know About the Cyber-Risk. What Other Risks Await Us in 2014?

I have written about various aspects of the Cyber-risk, but there is a risk which, although not necessarily part of it, is increasingly being associated with IT. I mean the “Reputational Risk”, as our reputations are important to all of us, bur especially in the business world. In 2013 we have seen lots of celebrities, politicians, and big businesses suffer from damage to their reputations.

In the case of businesses, some of the damage was caused by decisions made at the top, such as tax avoidance and price rises. However, other damage for many individuals and organisations was caused by unwise remarks made and foolish actions caught on camera.

The connection with IT is that whatever you say or do can so easily and quickly be blogged, tweeted, or otherwise spread all over the Internet and then elsewhere, and become part of a permanent record, whereas not that long ago it would have been seen and heard by only those present and could easily have been denied, or simply forgotten.  Perhaps you also remember a time when you could tell if someone was carrying a camera.  Amazingly many people who seem otherwise up to date continue to act as if these developments had not happened.

There are three ways of managing this risk:

  1. Watch what you say and do!
  2. Have a good Public Relations expert available to do damage limitation.
  3. Keep control over what your staff and other business associates say about you and your business.

This last point sounds like something easier said than done (unlike making a fool of yourself on the internet) but there are things you can do to reduce the risk.

  •  Have a policy on the use of the Internet and Social Media for your business and keep it up to date.*
  •  Put something in everyone’s contract of employment to allow you to enforce the policy.
  •  Ensure everyone is given appropriate training in it.
  •  Apply it to yourself.
  • Monitor employees’ e-mails, blogs etc.
  • Be prepared for damage limitation. Have a Public Relations expert, either in your organisation or outside it, whom you can call on.

There has been some recent publicity to the changes in the laws of Libel, which you may think will affect this risk. I am not very impressed, because the legal process is slow and expensive (even if you win sometimes you are a loser financially) and also because a victory in Court does not necessarily restore your reputation.  It is far better to prevent bad publicity in the first place, and then to respond with good counter-publicity if necessary.

(*This can be used as a means of dealing with other issues such as misuse of the Internet, online purchasing, sending personal e-mails, and texting in work.)

I will be writing on other risks to look out for in 2014 soon.

What New Risks Can We Expect to Emerge in 2014?

The simple answer is that nobody knows!

However, I can have a go at what usually passes for forward planning in many circles, i.e. projecting recent trends forwards on the assumption that the near future will be much like the recent past. Only more so!

If you will indulge me, perhaps we will find something useful to help us be a bit better prepared for the coming year.

The most obvious trend in 2013 has been for us all to get even more dependent on our computers and the Internet than we were before, and there is no sign of any reversal in this trend. Indeed, as the technology “advances” we are all tempted to make ever more use of it. Some of it we do even find useful.

So the first group of risks to watch are “Cyber-risks” meaning those arising from the use of computers and related technology. Of course these are hardly new, but I think they will become more important simply because of our increased dependence on IT and so more vulnerable to anything going wrong with it. These risks include:

  • IT crashing or failing to perform
  • Loss of data
  • Identity Theft
  • Breaches of confidentiality

The causes of such misfortunes may be:

  • Hardware or software malfunction
  • Hacking
  • Malware or viruses
  • Theft of equipment
  • Human error.

Measures to control these risks must include:

  •   Choice of hardware and software
  •   Anti-virus and anti-malware programs
  •   Backup arrangements
  •   Password control
  •   Physical security of premises
  •   Staff selection, training, and monitoring.

N.B. If you are reviewing your cyber-risks, remember that most of these apply not only to mainframe, desk-top and lap-top computers and the obvious peripheral devices, but also to mobile ‘phones, tablets, electronic diaries, and any other devices used for storing or processing data.  Some people I know use their mobile ‘phones to run their businesses.  For them, loss of a ‘phone, or letting the wrong people get access to it, would be a disaster.

I will be writing again about other related (and unrelated) risks to watch for in 2014, but taking control of the above would be a good start.

What’s New In My Business? Managing Data Protection to a New Level.

I have said that the “growth” areas for risk seem to be Cyber (IT) Risk, Reputational Risk, and Supply Chain Risk. So it is not surprising that I was very pleased recently to meet someone who is connected with a business which addresses a risk connected with all three. The business is called “Metanoia”. (Go to for more information). The risk they specialise in is Data Protection. By linking with them I hope to learn a lot more about the legal and practical issues involved, and gain access to advice and training materials I can use for myself and my clients. They even offer certification for businesses they find to be compliant with the relevant regulations.

The links with the three risks I have mentioned might not be 100% obvious, so here they are:

  • Cyber Risk. Data Protection requires secure IT systems and databases, but that is not the whole story. Most data breaches are caused by human beings, so awareness, training, and, sadly, discipline, have to come into the picture too.
  • Reputational Risk.  Even if you manage to keep on the right side of the regulations (if!) you might still find your reputation, and other people’s, down the drain if data you are supposed to control gets into the wrong hands.
  • Supply Chain Risk. If you collect data for use in your business, whether concerning clients, employees, or anyone else, you are responsible for controlling it. Outsourcing services such as IT, Accounting, or Payroll does not remove that responsibility from you in the eyes of the Law or, probably, of your clients etc. so you need to be sure that your outsourced services are being managed securely.

So that is why I think this is a good time to be going into this in more depth and acquiring the support of a company already there.

I will be writing about this subject again, but if you cannot wait, please feel free to contact me for more information.