what-matters-in-security

12 risks to navigate as part of your digital work (Part 3)

In this post, we explore the nature of risk in digital work, and what you can do to better navigate the course. In Part 1 and Part 2 we:

Use the framing and understanding we explore in this risk series to better your understanding and articulation capabilities around the way businesses:

  • Talk about the value of work, and
  • Raise concerns and risks around work ongoing across the business.

12 Risk Types in Digital Work

The table below lists 12 key types of risk you need to assess digital work without trying to be exhaustive. Use the resulting information to evaluate the impact and readiness of your work to advance:

Risk Type Dealing with the: Examples/Notes
Privacy Potential Theft, loss or unauthorised disclosure of personal information (customer, stakeholder, workforce etc.) General Data Protection Regulation (GDPR) deals with international requirements to properly collect, handle, transfer, and store personal information.
Cyber and Technology Financial loss or interruption to business productivity due to the interruption of access to business applications or IT infrastructure Ransomware or malware attack.
Loss of internet service.
Loss of device.
License expiration.
Data Disruption in the integrity or availability of data (product, customer, stakeholder etc.).
Abuse of access to data.
Allowed usage, sharing and storage of data.
Authorised method of destruction of data.
Varied parameters based on individual company Data Access policies and regulatory requirements by geographic location.
Third-Party Access to facilities and resources to suppliers, vendors, contractors, partners, agents and guests.
Reputation on how third-party does business
Vicarious considerations. Rise of supplier responsibility and code of conduct policies, e.g. Apple, Brambles, Google and Huawei.
Talent and Culture Rate of change that your people can sustain.
Methods they are supported with to embrace new ways of working.
Training plans, certifications, advance notice, documentation
Reputational and Brand Negative view of your organisation to the world due to lawsuits, disgruntled customer reviews, product failures, data loss incidents etc.
Artificial Intelligence Sampling correctness in the training of AI models.
Ethical parameters with which you apply and embrace AI capabilities to influence and enhance shopping capabilities, customer experiences and customer service.
The ethics of artificial intelligence: Issues and Initiatives
Regulatory or compliance Impact of a lack of adherence to regulatory obligations within the areas you do business. Vary by industry, size and location of doing business
Financial and Economic Potential of incurring financial losses due to the manifestation of an identified risk (data theft, fraud, fines, new feature release, new UI/UX etc.) or unplanned risk (global pandemic, industry-level shut down, recession, fiscal crises, unemployment)
Market Risk Varying or wavering demand of customer demand for your product/service
Competitive Risk Competition is more attractive to customers or outperforms your ability in terms of product capabilities, customer service and price.
Environmental Impact in use of digital technologies on the environment (carbon footprint)
The emergence of carbon credit considerations.
Proactive approaches to achieve carbon neutrality, e.g. Brewdog. Impact of ride-hailing apps (e.g. Uber)

Real-life

Person operating a risk matrix

Let's make no mistake. Every business has and needs to take risks.

What varies:

  • Situation and context of the work you are doing, e.g. Domain/industry requirements and company history.
  • Level of risk tolerance (towards specific areas of risk).
  • Cultural approach and maturity towards risk management. Is it informal, organised or professionally structured with named accountable resources with clearly assigned roles & responsibilities?.

Leadership styles vary, and different industries have different needs.

Your context will change from business to business and project to project. Use the table above to review situations with your teams and peers to create a common ongoing understanding of risk and progress to the digital work in progress.

Create and leverage a collaborative culture

Always remember to gather inputs from as many stakeholders as possible. Use your relationships to validate your understanding of the data and market research:

  • Internal – Team, Cross-functional leaders and agents
  • External – Customers, Partners, Suppliers

The more you gather, the better your capability to identify patterns and areas of higher risk:

  • Periodically re-assess your situational understanding (business priorities and risks)
  • Use technology to drive transparency with stakeholders
  • Make time to listen and share
  • Learn from peers
  • Maintain open communication with customers and partners
  • Practice adaptability with empathy and understanding
  • Embrace agile practices to be able to shift with new data

The worst practices you need to avoid are:

  • Only being concerned with your team and ongoing work deliverables.
  • An unwillingness to change or make improvements.

Always remember:

  • Your outcomes are there to enable people to be stronger, better and faster in their work.
  • Their success is your success.
  • You need people to engage with your deliverables and use your outcomes to be successful.
  • The impact of your work spans beyond your team.
  • Actively listen to concerns and go above and beyond to embrace a more practical approach to work.

Act on what is in your control and be vigilant about what is not!

Reacting to risk

Remember that situations change constantly, and with that, your risk profile too. Periodically engage with stakeholders to re-assess your:

  • Awareness of changes in legal requirements.
  • Understanding customer needs through customer contact (customers you won, are developing, and prospects you lost).
  • KPIs and data from feedback systems (support tickets, sales feedback, usage telemetry, partner ecosystem).
  • Industry and market research

Engage your deep relationships with cross-functional counterparts (including user experience, marketing, sales, support, operations, finance) to understand how they are experiencing the business and the impact of the work you are doing.

Being in contact across the business lets you know what matters to stakeholders and the risks that changes (or lack of change) in your work brings to them. This contact, in turn, allows you to make plans that avoid specific risks and enable you better deal with manifestations when they arise.

What does this mean for you?

Let's face it; managing risk is not fun. It takes time, effort and lots and lots of communication.

From an article by Mary Juetten "Managing the risks that come with any business is not something anyone particularly enjoys. We'd rather be rid of them entirely, free to focus all of our energies on more productive efforts rather than preventative."

Risk management requires time, effort and cost to understand, scope, monitor, manage and maintain.

As Digital Leaders, we need to constantly review the:

  • Intent of the work you are doing.
  • Capabilities that need to be built and shipped to achieve the required outcomes.
  • Impact the work will have across the risk profile of the organisation it is supporting.
  • Trade-offs between organisational advancement and its ability to operate and keep the lights on.

Words of wisdom

I liked the way Deb Barnes described the qualities needed by great leaders – and great risk managers:

  • Genuine relationships are the foundation of everything, whether with the board, senior management or our newest team members.
  • The best risk managers and leaders are perpetual students with a deeply curious mindset, always drawing out different opinions and perspectives.
  • A commitment to the upside in the downside, actively seeking out the lessons from a failure or mistake.
  • The best risk managers and leaders act as connectors within the business, ensuring that the right people are in the room when decisions are being made.
  • The best risk professionals and leaders provide safe environments for people to escalate concerns and voice new ideas. They are committed to finding "what is right" rather than "who is right", optimising the group's wisdom by creating a safe space where people can disagree.
  • It is how you respond to the challenging moments that matter, keeping the focus on humanity, having courageous conversations and engaging in constructive debate while focusing on the required outcome.

Wrapping it up

As a digital leader, you are constantly acting intentional actions to reduce the emergence of risks that can negatively impact your ability to advance financially, operationally or reputationally.

In this series of posts we:

I hope this series helps you better your understanding and articulation capabilities around the way businesses:

  • Talk about the value of work,
  • Raise concerns and risks around work ongoing across the business.

Let me know how I did by reaching out to andre@andremuscat.com.


Let us know what you think!. We believe in productive discourse and welcome opportunities to refine our understanding through discussion. Comment in the comments area below or reach out on hi@andremuscat.com

Comments

Follow Andre Muscat and join the conversation. As a follower, you will also receive new posts by email (you can unfollow at any time).

Share on


Tags

Follow today!

Keep up to date on new postings and materials

Follow Now