What if appointed risk managers required a 6 year University PhD ? |
As part of my own PhD journey, someone asked me the other day what would a university backed, internationally recognised, academic degree on risk management look like. Much like a CPA, MBA, BSC or any other established, academic qualification.
The question arose from an observation that it appears to be simply too easy for someone to call themselves a risk manager these days. The plethora of online courses, conference courses, day master classes and the like which claim to give practitioners the skills to become an expert in risk management (as if), have eroded the value of the credentials required to be appointed as a practicing risk manager.
Download Also:
This issue is particularly problematic in retaining the integrity and brand value of the risk management profession. If the entry level to risk management is too low, well then absolutely anybody will be able do it and then almost everybody can be considered for the next advertised risk manager role.
There is no doubt that the credibility of risk management has had a hard time of it over the years. Despite whatever improvements in risk management understanding, practices and investment have been achieved to date; organisations still continue to fail for the same reasons, markets still continue to crash at the same frequency and complex projects still continue to fail at a disproportionally high rate. This lack of improvement in risk management effectiveness often gets cited by organisations looking to downsize or divest from their risk resources as a justification. Further, in this new age of advanced complexity and rapid technology shifts, the phenomena of disruption is ensuring that the rate at which organisations experience failure is actually increasing.
Considering the above, it is understandable why the credibility and the usefulness of appointed risk managers appears to retain some doubt. Part of this problem may very well be because there still doesn’t actually appear to be any genuine academic requirements for appointed risk managers to be held up to. Unlike such professions as accounting, medicine and law; risk management seems to be more liberal in its' definition of a qualified risk professional. In fact, the number of appointed risk managers whom I have met over the years who have almost no genuine study in the science of risk is alarming. Now I’m not saying these good people aren’t educated nor experienced in their roles, but there is a credibility issue at play when the appointed officers of a particular profession have little academic understanding of the science of their profession.
Consider whether travelling passengers would trust the airline industry if the pilots appointed to fly complex aircraft weren’t required to study the science of aviation? Or how about patients trusting the medical profession, if the Doctors appointed to perform complex procedures weren’t required to study the science of the human body? Equally, can we reasonably expect industry to trust the risk management profession, to help control complex risks, for complex organisations, operating within complex industries, on a complex global stage, when their appointed officers are not required to study the science of risk?
It's not an unreasonable question. I believe that as our working world gets more and more complex, dynamic and risky; the shortfalls of appointed risk managers with no genuine study in the science of risk will become increasingly obvious. In light of this, I jotted down some notes on what I thought a 6 year, university curriculum in studying the Science of Risk Management might look like;
Year 1: Learning to control the known - In the first year, learners would explore all the industry accepted risk management standards (ISO 31000, COSO etc.) and how they are all geared to controlling only those risks which are known, obvious & foreseeable. Year 2: Learning to control the unknown - Year 2 would be about exploring how organisations might improve their control of those risks which are simply unquantifiable or unforeseeable (eg. black swans, unknown-unknowns, rogue waves, wicked risks etc.)
Year 3: The Graduating Year - Year 3 would be all about exploring some of the more advanced risk concepts such as Quantitative Modelling, Data Analytics, System's Thinking, Resilience and Complexity. At the end of this year, having passed the core modules and submitting an original thesis, the learner graduates with a Bachelor's Degree in Science (BSC) majoring in Risk Management.
Year 4: The Master's Year - An optional 4th year would be about submitting a Master's thesis (MSC) on the future of risk management. Where is the formal discipline of risk management heading based on observed industry trends and the shifting global landscape? Years 5 & 6: The PhD Years - The optional 5th & 6th years would be about achieving one's Doctorate in Risk Management (PhD) by delivering an original, peer reviewed and publishable thesis on solving an observed industry risk challenge in an original way.
I don’t claim the above 6 years is a perfect view, but it is a start. I genuinely believe that if we want to get better at controlling complex, dynamic organisational risks then our appointed risk managers need to get better at understanding the actual science of risk. Further, if risk management as a profession wants to enhance its industry credibility then its' representatives (and associated intellect) need to be underpinned by academic rigor. Any failure to achieve the above just adds fuel to the flawed perception that no higher study is required to become an appointed risk manager as the risk management community is just making it all up as they move along anyway.
In closing and perhaps of most importance, the risk management community now needs to start actively preparing for the arrival of the Fourth Industrial Revolution - in a manner that is both visible and measurable. This new, bold era will be defined by rapid, consistent and disruptive changes which will forever alter the way we live, work and socialise (World Economic Forum 2018).
In this dynamic age, the potential for organisational disruption will be everywhere; continually evolving technologies, product trends, consumer behaviours, data sets and stakeholder relationships means that disruption could manifest at any time from multiple contributing sources. In turn, the global risk management community will be required to "up its game" so as to effectively combat high-impact organisational risks, borne from a complex, inter-connected world, experiencing ever increasing frequencies of change.
Part of this preparation will be to improve the minimum level of study required to hold the office of an appointed risk manager. These are just my thoughts on the matter, I would be keen to hear others.
Related Topics:
The Author: Warren Black
About:
I am an Engineer, Risk Professional and Complex Systems’ Thinker who has particular interest in understanding how the complexity sciences may offer a better means to controlling emergent risks within highly complex, operating environments.
I currently consult on how to improve organisational Governance, Risk & Assurance practices so that they may reflect not only the degree of investment at risk, but also the specific environmental complexities in play. I believe that over the past decade in particular, I have accrued deep expertise in my chosen subject matter as evidenced by the fact that I was the head of Program-wide Risk for BG QCLNG and have held Senior Project Risk & Business Advisory roles at both Deloitte and Marsh & McLennan Risk Advisory Practices.
I am also arguably one of only a handful a Risk Professionals who has built a full end-to-end risk management & reporting framework for an organisation of over $25 billion (BG QCLNG). At its peak this was the 8th largest project in the world and is hence a significant indicator of my capability. As a practising complexity & risk specialist,
I have worked within two of the world’s largest mining project hubs (BHPB and Rio Tinto), three of the Queensland mega LNG projects (GLNG, APLNG, QCLNG), Australia's largest construction company (Leighton’s/CIMIC), The State of NSW's largest Infrastructure PMO (I&P PMO), Victoria's Largest Rail PMO (VicTrack), Brisbane's largest city Rail Project (Cross River Rail) and the largest publicly funded civil & infrastructure PMO in Queensland (Brisbane City Infrastructure). Also, as a demonstration of my commitment to my art;
I am currently engaged in a PHD by Research whereby I am "Investigating a Complex Systems Approach to Complex Project Risk Management". I believe that the complexity sciences provide a new generation lens upon which to help risk management transition into a future world of complex working relationships and perpetual disruption.
Post a Comment