Image for Risk Planning for Risks You Can’t Control
Like issue audits for crisis plans, risk assessments inform risk planning, including avoiding or mitigating risks beyond your control or not your fault.

Assessing Risk Is Step One to Risk Planning and Reputation Preservation

Much like an issue audit for a crisis plan, risk assessments involve candid, comprehensive reviews of operations, practices and management to identify weaknesses, exposures and vulnerabilities.

It’s a moment to imagine what bad could happen, how you would respond and whether you could mitigate or eliminate risk.

The goal of risk assessment is risk avoidance. But, as Andrew Moyer explains in an article for PR News, some risks cannot be avoided or even fully anticipated. He calls these third-party risks that can make you a fall guy and damage your reputation.

A veteran crisis communications expert, Moyer wrote his article just before UPS settled with the Teamsters Union to avert a debilitating national shipping strike, which would have left shippers, merchants and consumers who depend on that service in the lurch. His advice remains instructive.

Being the middleman in a dispute is an unenviable position. Moyer says making excuses can persuade your customers and stakeholders you are part of the problem. Risk assessment, he explains, should include “inevitable interruptions” that you can suffer but not cause.

“As part of that assessment,” Moyer advises, “Evaluate the readiness of your partners, map potential contingencies, understand when and how to activate workarounds when needed, and set up clear processes and protocols for coordination and communication with each partner”.

No matter who is at fault, Moyer says, your customers and stakeholders will look to your organization to for solutions, not excuses. How well you respond to their needs and their pain will translate into trust – or disgust.

“As with any crisis, whether due to something within or outside an organization’s control, it isn’t the immediate crisis that causes long-term impacts,” according to Moyer. “How an organization responds and continues to respond over the course of a crisis presents a unique moment to build trust and reputational credits with key stakeholders.”

“Those stakeholders,” Moyer says, “will be looking to the company they connect with as the responsible party and it’s incumbent on your organization to meet and exceed their expectations – regardless of where fault for an issue falls.”

Risk planning involves identifying inevitable disruptions and finding solutions that show customers you are on their side.

Risk Assessments to Risk Planning
The goal of risk assessment is risk avoidance. But, as Moyer describes, some risks cannot be avoided or perhaps even fully anticipated. This is where his advice about third-party risk response is germane.

For shippers and merchants dependent on an organization like UPS, a strike would be debilitating to their business, supply chains and consumer expectations. A strike in today’s economy isn’t a hard risk to imagine or anticipate. A UPS driver wouldn’t be handy to yell at, so consumers and suppliers may find you, as the third party, a convenient substitute for venting.

Moyer’s insight recommends going from risk assessment to risk planning. Having workarounds or back-up plans, as well as a sympathetic ear, can help deflect anger away from you to the parties of the dispute. Your workaround, whether robust or just so-so, symbolizes a commitment to being on the side of your customers and stakeholders. It may open the door to new opportunities to serve those clients and stakeholders.

The Enemy of Risk Planning
Organizations don’t engage in risk planning for the same reasons they skip crisis planning – they don’t have time, their resources are already stretched thin, you can’t plan away risk. All that may be true but it’s irrelevant. If a crisis occurs, you won’t much time to respond. In a crisis, everyone and everything will be stretched thin. You can’t plan away risk but you can plan how to cope with very specific types of risk, especially those with huge reputational impact.

Organizations and enterprises always operate in auras of risk. There is no immunity from risk. There also isn’t a credible explanation for skipping risk planning. You see a doctor for a check-up. You wear a seatbelt in a car. That’s risk assessment and risk planning.

Crisis scenarios flowing from issue audits promote staff dialogue and collaboration on how to deal with an anticipated crisis. Risk assessment and risk planning can stimulate the same kind of internal conversation about what-if risk avoidance and living up to an organization’s mission and reputation.

Responding to different crises requires different tactics, which may change over time. The same is true for tackling different risks. Focused attention to details fosters positive engagement and forward-looking group thinking far more than a staff meeting.

Risk planning is a good use of time and energy because, in the end, it is good business to be ready, no matter what.