New things make people nervous. They just do. New things don't have track records. They are hard to predict. We don't know what to expect.

New things are also very exciting. They can be rejuvenating, making old folks feel young again. New things have the potential to be game changing. The unknown has it's own thrill.

So, it makes sense that some people avoid new scary things and roll up into a safe little ball. Other people walk right into their scary zone, headlong, refusing to be cowed by fear.

Neither is a very good idea.

The scary part of the new venture has a name. It's RISK.  And blindly avoiding risk is as bad an idea as blindly embracing risk.

Let's start with the first response: blind avoidance. In the dot-gov and social media space, the idea of losing control of "message," of employees talking directly to the world without hierarchical sign-offs, of potentially causing citizens chaos or danger or confusion, of not understanding the unknowable consequences, of maybe potentially somehow breaking a law or regulation, of being dragged in front of a committee for a hearing, of making things worse, or of exposing your current embarrassingly whack procedures is enough to stop agencies cold.

Down side of avoidance? You lose opportunity for growth, innovation and, even, success. You are stuck using a manual typewriter and paper and finding information by searching through file cabinets while the rest of the world is using voice recognition to search and contribute to an entire world's worth of information. Oh, and people talk about you and your program and you are not part of the dialogue.

Turning to the second response: blind embrace. The allure of the new and the exciting can cloud judgement. There are slick promises that all needs will be met by the snake-oil salesmen and goading jeers from the outside critics who see how "easy" this is in the private sector (where private is a term filled with magic). And so it must be easy--especially since Facebook and Microsoft were started in college dorm rooms. Hire some college interns and turn on the spigot. Get out of the way of the wise crowds, they will reveal the path.

Down side of blindly embracing? I like to say pets.com or Skittles or Enron or all those friends jumping off a bridge that your mom told you about. There are bad ideas and bad approaches out there. The pressure can be hard to resist. And for government, the outcome can be much worse than embarrassment given our public safety missions, privacy requirements, and data holdings.

What to do? Take off the blinders.

You don't have to be an expert in technology to identify, assess and manage the risks in projects and approaches.

While there are tomescertifications and degrees, you can make better decisions about program, project or enterprise risk by analyzing the risks.

  1. Identify the threats. What could go wrong?
  2. Identify the impact. How bad would it be? 
  3. Identify the likelihood.  Should I expect this or is it rare?
  4. Identify strategies to manage the risk. What can you do about it? How is your mission affected?

What you do about the risk depends on the first three steps in the analysis. Four common management strategies are to

  • Avoid the risk--if it is too big and too likely to occur, this might be one to skip.
  • Reduce the risk--via policies, procedures, controls, staffing, training.
  • Share the risk--usually by purchasing insurance.
  • Retain the risk--deal with it, budget for it, prepare contingency plans.
Not to short circuit the formal risk management process, assessing risks should be part of your decision-making process.  Identifying risks and what you would do about them can help move projects forward by clarifying the actual impact--exposing the figurative fear to reality and analysis.

How does this work? 

Let's say an agency was considering  running a public dialogue on a important agency issue. In the blind avoidance method, you can work up all the reasons why that is a TERRIBLE idea. You don't know how to do it, no tool, it'll never pass legal, what do you do when participants type in the F-word, nobody will participate, everybody will participate and overwhelm us, what if we can't do what they ask, etc. Forget about it!

In the blind embracing method, you implement a cool tool that you read about in TechCrunch and see what happens. And you experience all the bad things that blind avoidance predicted above.

In a managed risk model, you analyze the risks blind avoidance identified and decide what to do about them. America Speaks put together a terrific risk matrix (PDF) for using online dialogue tools for the Open Government Dialogues. The matrix identifies the risks, what to do to prevent them and what to do if it happens anyway. 


So, don't be very, very afraid or foolishly brave. What are you afraid of? Success?

  


Link to original post