Victoria Tifft: Components of risk Featured

8:15pm EDT May 31, 2012
Victoria Tifft: Components of risk

As a CEO, I am often asked to describe the top challenges of leading a business. There is no doubt that setting a vision, creating strategy, and building the right team are at the top of the list. At the same time, one of the most important challenges is to understand and mitigate the risks associated with all aspects of the business.

Years ago, our firm didn’t have a risk management tool or strategy to mitigate risk. We’ve since learned that it is the one management strategy that we can’t live without. Business risks today are comprised of strong internal and external forces, so mitigating both forces is critical for long-term survival. If business leaders don’t have an in-depth knowledge of their industry and how they play in their market space, then they will undoubtedly forge ahead with incorrect and misdirected strategies, costly mistakes for a firm.

Understanding and mitigating risk is not as difficult as some would want you to believe, but it does require three components: a firm application of discipline, unrelenting tenacity and an acceptance of reality. Today, our firm manages risk by applying each of these pieces.

First, a firm application of discipline is applied to every area of the business. We list all of the possible internal and external forces that could present an opportunity or threat to our firm. Internal risks include whether the firm has adequate or inadequate infrastructure, capital, expert resources, technology and facilities for business today and in the future. External risks cover market segments, industry trends, competition, and customer supply and demand, as well as global economic trends. Publically held firms must do this type of analysis on a routine basis. If you have not conducted this type of risk assessment, you might try looking at the annual reports of publically held firms similar to yours. This information is free online and can often jumpstart a brainstorming session with your management team to determine what risks might be similar to your business.

Secondly, an unrelenting tenacity must be applied to ensure that each area of the business is examined. Paranoia is essential. If something can happen, then add it to the list of potential risks. We take the entire list of risks and place it in a spreadsheet. Next, we determine a numerical threshold of acceptable risk for each area, placing a score in the column next to each risk. In a column next to the risk threshold, we then list the strategies that we will implement to mitigate the risk. On a quarterly basis (or more if conditions change), our leadership team reviews our current internal and external risks and revises the risk and associated threshold as needed.

The last component that we adhere to is the acceptance of reality. When examining risk, it is important to be realistic. This is not an area to defend product or service territories or allow “gut feelings” to dictate strategy. The market does not understand emotions, complacency, or turf wars, so your leadership team needs to be frank and candid about their real business risks. Try asking outside advisers, researching industry publications, and talking with partners and competitors to share views on current and future business risks. The local economic development corporation, chamber of commerce and small business administration are also good places to gather information.

Finally, there isn’t a business on the planet that has eliminated all of its risk. Understanding, embracing, and mitigating risk is part of doing business. In the end, companies that are realistic about their risks and manage them carefully will pull ahead of those that choose to ignore the risks around them.

Victoria Tifft is founder and CEO of Clinical Research Management, a full-service contract research organization that offers early to late-stage clinical research services to the biotechnology and pharmaceutical industries. She can be reached at