Unusual risk analysis techniques

I think risk management is really cool … and certainly more fun than the alternative.

Unfortunately many people find the traditional approaches to analysing risks dry and un-innovative; which is a problem because identification and analysis of risk is actually a creative process.

So here are a couple of “unusual” approaches that might work for your team. 

The (risk) story telling competition

The story telling competition is a light and breezy version of scenario planning – a common strategy setting process as well as a risk management one.

Firstly break the group into small teams of 2-4 people.  Then:

  1. Define the solution space (ie let the team know what system, organisation or “thing” you are analysing).
  2. Have the group talk freely for five minutes about the “thing” so they have a feel for what they are analysing and what sort of risks might exist.
  3. After the five minutes is up, ask each group to come up with a short story where a character (the hero of the story) is impacted by a risk being realised.  For example the story might be about Mary from the call centre getting a call to say the system is down and then finds that things are worse than expected. This should take 10-15 minutes.
  4. Have each group pair up with another group and share their stories.  Then have them create a combined story where both incidents occurred.  Allow another 15 minutes for story telling and combining stories, so there is not too much time to get off-track.
  5. Have each group present their story to the whole team, or if you prefer have them write it up and post it on the wall in sketch form and then allow the team to browse through the stories.
  6. (Optionally) Get the team to vote for which story is the best on the basis of
    • Scariness;
    • Unexpected-ness; and
    • Likelihood of actually occurring at some point.
  7. Now get people to go back to smaller groups and answer the following questions on their stories:
    • How was the issue or problem discovered?  How else could it have been found out?  How could it have been predicted or found earlier?
    • What caused the incident to occur (ie what was the trigger for the risk)? What caused this trigger to happen?
    • What could have been done to make the incident less bad? What could have made the incident Less likely?
    • IF the incident didn’t occur the way it happened in the story, what else might have happened that was similar?
  8. Finally, have each group discuss and report back on the most important question – What can we do in the real world to manage this risk?

The competition could theoretically be run over several days but I have only run it in a workshop.

The evil genius

Positive thinking is thought to improve creativity. But in risk analysis people often use negative thinking (“what should we not do?”, “what is wrong with this plan?”).

So the evil genius workshop is designed to allow the team to think in positive terms about how to destroy their project, process or system.

To run this workshop:

  1. Tell the team that they are working for the evil wizard who is responsible for sabotaging well meaning projects around here. If they doubt there is such a genius, ask them how if things always seem to go wrong at the worst possible time, in the worst way.  Then tell them that this requires careful planning and execution … as well as a real talent for evil and chaos.
  2. Break groups into small teams (2-7) of “evil consulting teams”.
  3. Have each team brainstorm possible ways that we could sabotage the project using any or all of:
    • The services of Lord Murphy who can make sure bad luck occurs at the worst time;
    • The wand of miscommunication to ensure people are working at cross-purposes when they really need to be working together.
    • Any evil minions or other dodgy techniques they can think of.
  4. Have the group then brainstorm ways that they could enhance the chaos they are unleashing or protect their evil plans from discovery and mitigation.
  5. Have each team write their suggestions on post-it notes and then explain them as they up them up on the wall.  Optionally, you can ask them to record suggestions in the format (what could we have go wrong; why is this bad; what could we trigger to make it happen and what could we do to make it worse).
  6. Once all teams have completed their reports, ask the wider group to group the suggestions together however they see fit (resist the urge to classify them methodically and allow people to keep moving post-it notes around until they settle.
  7. Optionally, have people vote on the 3-7 scariest or “most vulnerable” suggestions.
  8. Finally, ask people to go back to their original groups and have them select some “suggestions” to work on (not necessarily their own).  At this point they stop working for the evil genius and instead review how the team could anticipate, mitigate and manage each risk.

I find these techniques work really well with some teams and not so well with others. So let me know how you go if you try them out.

Advertisements

One thought on “Unusual risk analysis techniques

  1. Pingback: A prophets of doom workshop « James King

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s