A Little Different Look at StrategyPosted: May 11, 2015
May 8, 2015
At the recent conference, I suggested a change – a tweak if you will – in strategy development. I advocated adding a risk management approach to strategy development and monitoring. Let me give you a very high level summary of that.
Specifically, I suggested using the ISO 31000 framework for risk management to fine-tune and continually refresh strategy development programs. Why?
I believe that strategy development professionals can markedly enhance the value of their work product by integrating the principles and methods of risk management into developing and then monitoring global strategy.
Today, while some senior managers may be involved with strategic risk management efforts, it is usually seen as very separate from strategy development. However, using ISO 31000’s risk management principles in strategy development provides all levels of management with a proven set of powerful tools not previously used by them.
To summarize, a risk management approach provides key principles that would be useful, very useful, for every strategy development effort:
- Identify and then assess the risk in every
- Avoid being paralyzed by the existence/presence of risk. Risk is everywhere. You cannot avoid it.
- Continually seek out new data, especially after decisions have been made and plans launched.
- Evaluate your options both before and after decisions are made.
- Continuously monitor your own actions and the risk factors that you face.
- Use the ISO 31000 framework to fine-tune and continually refresh your strategy development and monitoring.
How do you use that ISO 31000 framework?
- First, employ risk identification techniques to disclose threats/opportunities – this gives a new focus. This also helps prioritize actions. But, it is critical to understand a key element of this approach. “Risk” is no longer to be seen as merely the “chance or probability of loss“. It is now to be seen as “the effect of uncertainty on objectives”. What is the difference? “Risk” should now encompass positive as well as negative probabilities. In other words, uncover not just threats, but also opportunities. To do this, those in strategy development has to learn to look for early warnings out many months, even years both before and after the strategy is developed. Unfortunately, most strategy development does not usually look that far ahead. Here, incorporating strategic/competitive intelligence early warning techniques and personnel is critical.
- As a part of this, the strategy development team must learn to define targets that have not emerged. In other words, strategy development does not end with the launch of the plan – it is just beginning there.
- Third, under ISO 31000, there is a constant interface with senior management – as opposed to only with more “tactical” customers downstream. Strategy development teams should piggy-back that access and keep senior management continuously involved in defining and developing corporate responses. Compare this with the “fundamental disconnect” of most 3rd party planning – AKA command and control.
 This blog is based on the presentation, “Globalizing Your Strategy Process by Integrating Risk Management into Strategy Formulation and Monitoring”, I gave at the 25th Annual Conference of the Association for Strategic Planning, May 7, 2015.
 For more on ISO 31000, see http://www.iso.org/iso/home/standards/iso31000.htm.
 Here I tip my hat to Dr. Ben Gilad who, as far as I now, was the first to suggest a connection between competitive/strategic intelligence and strategic risk in Ben Gilad, Early Warning, AMACOM, 2004.