Confidence at the Board Table

What’s in the Stewardship Mandate? 

A Board is a Steward.  It is supposed to secure the health of your organization.   It is supposed to ensure its mission is accomplishment.   

The Stewardship Mandate is the boards Job Description.  It is what the board is expected to accomplish in its role as agent for the owner.

Typically the board’s stewardship mandate directs the board to:

·         Ensure effective leadership for the organization

·         Ensure the organization’s mission, vision, and values are current, understood, and honored

·         Know the organization’s owners and stakeholders and understand the outcomes the they want to achieve

·         Ensure a strategic planning process is defined and active, and the board’s involvement in the process helps the leadership to achieve those outcomes

·         Ensure Board Bylaws and policies  are current and honored

·         Ensure the organization’s major processes are functioning effectively

·         Monitor management of opportunities and risks

·         Ensure the ‘general welfare’ of the organization is maintained

We emphasize the board’s asking the right questions, questions of  oversight, insight and foresight.

Oversight questions ask if the board is meeting the requirements of its stewardship mandate. “Are we meeting the expectations of our owners and stakeholders?”  “Is our financial situation clearly understood and sound?” “Do we have a robust strategic agenda?”  

We expect the CEO to report progress on these items.

Confidence at the Board Table

Enablers for the Right Questions

When you know what questions to ask you are more confident at the board table.  But your board needs three enablers to get you there. 

Effective Board Dynamics make board meetings a joy and participating in the discussion easy and non-threatening.  Board members bring a diversity of skills, experience, viewpoints, and gender, to any decision and make it more reliable.  Sound board dynamics allow each board member to add their ideas to the discussion, and listen to the ideas of others without prejudice.  Your personal contribution to the discussion is very important. 

Having the right information ensures that the board can understand the issues.  Boards need the right information, efficiently gathered, in the right form, prepared without prejudice, and easily read and understood in order to make the right decision.  Most of that information will come from management.  Thick reports are rarely “right.” 

A Focus on Substantive Issues ensures that board time is spent on issuers that are important to the board’s Stewardship Mandate.  A Board is a Steward, an agent of the owners appointed to secure the health of the organization and to ensure the accomplishment of its mission.   The Stewardship mandate defines the substantive issues on which the board should focus.

Good dynamics combined with the right information, focusing on substantive issues form the foundation for good governance.  Together they enable board members to ask the right questions and demonstrate Confidence at the Board Table. 

Next:  “What’s in the Stewardship Mandate?.”

Confidence how?

Confidence at the Board Table

Most Board Members want to make valuable and intelligent contributions to board discussions.  Most CEOs (Executive Directors) want to receive relevant and helpful advice and counsel from their boards. 

When Board Members know what questions to ask – and know how to ask them – confidence, competence, and informed decisions more readily emerge at the board table. 

What are the right questions?  They are questions of oversight, insight and foresight.

Oversight questions ask if the board is meeting the requirements of its stewardship mandate. “Are we meeting the expectations of our owners and stakeholders?”  “Is our financial situation clearly understood and sound?” “Do we have a robust strategic agenda?” 

Insight and foresight questions engage the board in the development of the strategic agenda.  When the board approves a strategic plan it “places a bet” that the CEO will make it work.

Insight and foresight questions draw Board Members’ knowledge and experience with past successes and failures into the discussion.  Coupled with management’s knowledge and experience the discussion is enriched, plans become stronger, and the strategic bet improved.   

Our “Questions” workshop helps directors learn to use past experience to ask the right questions.  It is part of our “Confidence at the Board Table Series.”

Next:  Enablers for “the right questions.”

When Managing Uncertainty, You Cannot Avoid “Dumb” Questions

Do Boards Take Bets? (Part Two)

When Managing Uncertainty, You Cannot Avoid “Dumb” Questions

By
Hugh Goldie
Associate, The Exchange Group

[Author’s Note: This article is the second part of a two-part series on the governance of risk. The first article was published in the previous issue of the ICD magazine "Director."]

Would you buy a house if the only way you could see what is inside was to look through the windows? What if the only way to get information was to question the occupant – or the neighbours from the street? That is not unlike what directors are required to do. Unlike the CEO and senior management, directors cannot observe events as they unfold. They meet only six to eight times per year. They review information prepared mostly by the CEO.

Given those limitations, how can directors respond to the increasing demands for more effective risk management by boards? How can boards gather and assess the information needed to fulfil their obligation to the corporation and its shareholders? What windows can directors look through? What questions can they ask to manage the board’s bets and “buy the right house?” Part one of this series began to answer those questions.

Part one introduced Peter Bernstein’s rule that risk comes into play only when we place a bet on an outcome that will result from a decision we have made. (Risk does not exist in isolation!). Risk was defined in part one as an event or situation that could compromise or enhance our ability to achieve an objective. Part one also introduced Frank Knight’s generic risk spectrum with “measurable risk” at one end and “uncertainty” at the other. He portrayed measurable risk as being quantifiable using available data and probability theory. He portrayed uncertainty as being unquantifiable, emerging from situations for which there is little data, and for which probability theory is unusable.

Finally, part one concluded that boards place many bets. Most are at the uncertainty end of the risk spectrum. Hiring a CEO and approving a strategic plan are two examples for which the board has decision responsibility. While boards cannot manage enterprise risk, part one concluded prudence demands that boards manage their own bets.

What Windows to Look Through? What Questions to Ask?
An excellent place to start is with the ICD’s Key Competencies for Director Effectiveness. First published in 2005, they have become accepted for use by the Global Director Development Circle consisting of the Governance Institutes from Britian, the United States, Australia, New Zealand, and Canada. The ICD’s Director Education program is directed to developing the competencies directors need to operate in an environment of uncertainty.

The ICD Competencies document is a concise single sheet printed on two sides, handy for quick reference. On one side are the “Tasks” in which boards participate. On the other side are the “Key Competencies” directors require to effectively participate in those tasks. The Tasks are like windows through which directors can look into the corporate house. They are listed below, grouped into major task areas. (The items shown in italics are additions which in my view are important aspects of the board’s responsibility.)
A Setting Strategy and Approving Strategic plans
1. Understanding and evaluating strategic plans and reports presented by management
2. Recognizing and validating management’s and fellow director’s underlying decision assumptions
3. Ensuring appropriate risk levels
4. Prioritizing relevant risks
5. Monitoring financial performance.

B Ensuring Management Capacity
1. Selecting, hiring, developing and evaluating top management
2. Developing effective succession plans for top management
3. Setting and negotiating compensation for top management.

C Ensuring Board Capacity
1. Supporting an effective and efficient board meeting process
2. Selecting board members with appropriate skills and experience.

The flip side of the ICD document defines the “Key Competencies” directors need to effectively look through the widows and, as a group, use the data they gather.
1. Knowledge of Specific Industry, Company, and Executive Team
2. Knowledge of Board and Role
3. Financial Acumen
4. Group Decision Making Orientation
5. Process Orientation
6. Independent Thinking Skills,
7. Open-Minded/Information Seeking Skills
8. Ambiguity Tolerance
9. Effective Judgement
10. Integrity
11. Self-Awareness
12. Orientation to Resolve Conflict
13. Effective Communication and Listening Skills.

The ICD’s Key Competencies are the skills and experience required to know what questions to ask, what answers to expect and how to assess gaps that may appear. The task is made complex by the imperfections and uncertainties inherent in predicting the future.

Imperfection leads to Uncertainty in Formulating Strategy
Focusing on strategy formation, Frank Knight stated that we cannot predict our future with certainty because the activities we use to arrive at our decisions and execute our plans are imperfect. [1]
1. We cannot accurately judge the totality of our present situation;
2. We cannot assess how the future will unfold with any degree of dependability;
3. We cannot accurately predict the consequences of our own actions;
4. We rarely execute our plan in the precise form in which it was made; and
5. We cannot accurately know or predict the actions of others who could impact our plan.

When developing strategy in the absence of perfect knowledge and judgement, we are obliged to make assumptions about the cause-and-affect relationships that will drive our plans. In making those assumptions we put into play, long term uncertainties that shift and change over time.

Consider a management strategy to raise profitability by increasing revenues. Such a strategy must be driven by changes in selling price, sales volume, sales mix, or by a combination of these factors. Underlying these changes must be assumed cause-and-affect relationships defining how the changes will be made and how likely they are to succeed. For example, a strategy to increase revenues by increasing prices may assume that the revenue lost from any decrease in sales volumes will be more than offset by the price-per-unit increase.

Prudence demands that the board examine the uncertainties associated with these assumed cause-and-affect relationships, conclude how likely they are to occur and whether the company has the capacity to implement the strategy successfully.

The recent purchase of Cadbury PLC by Kraft Foods Inc. provides an example of this kind of questioning. While in a different context, the form and rational for the questions is similar. In the midst of the takeover bidding, Cadbury published an update to its long range plan In its statement, Cadbury set aggressive new revenue and margin targets, projecting margins to rise from 13 percent in 2009 to 16-18 percent by 2013. The increases were based on assumptions of increased volumes and increase pricing. Kraft suggested that Cadbury Shareholders question the assumptions underlying these proposed increases, asking how they could be achieved given the uncertainties highlighted by Cadbury’s historical margin performance and given the current economic situation. The question left for shareholders to answer was whether they would benefit more from Cadbury’s initiatives, or from Kraft’s.

Directors need an opportunity to understand and verify the assumptions management intends to use in developing strategy. But reviewing assumptions only skims the surface. Directors need to understand the risks and uncertainties inherent in those assumed cause-and-affect relationships. They need to understand management’s approach to addressing the resulting uncertainty. They need to conclude whether management has the capacity to succeed in implementing the strategy. Management plans could be perfectly valid, or they could be flawed, or they could completely miss risks and uncertainties that are flying under management’s radar. Important as it is, the process of questioning assumptions and their underlying uncertainties is difficult for both the board and management.

Why the Dumb Questions?
The members of the management team are often wary of questions, the answers to which seem self-evident. They have spent long hours immersed in the subject, the details, and the choices made. As a result, they suffer from a cruel trick of human nature called the Curse of Knowledge. [2] They cannot understand why others do not share the same familiarity. They can feel their credibility is being threatened by dumb questions.

Directors are often wary of asking questions whose answers might be self evident to the management team, but are not evident to them. The little voice in their head asks, “What if this is a time-wasting, dumb question? Do you want to look dumb in front of your colleagues? People have planes to catch! Do you want to waste the valuable time of your fellow directors on dead end questions?”

But is the Board’s examination of assumptions not a point of opportunity and strength in strategy development? Part one suggested that managing uncertainty is a forward-looking, intuitive process done by a human brain, not a computer. It relies on an individual’s knowledge, imagination and capacity for solving complex problems. It requires a tolerance for ambiguity. It benefits from an ability to see the bigger picture and the ability to learn from previous experiences. Managing uncertainty requires objective thinking with an open mind in order to see possible trends, patterns and relationships which may not be readily apparent in any documentation. Some of the questions may seem dumb but we have all experienced “dumb” questions that turned out to be insights that others around the table had yet to experience.

But managing uncertainty is often hindered by being too close to the situation. Directors lack of familiarity with events as they unfold can give them the distance necessary to differentiate between the “forest and the trees”.

Management should welcome ‘dumb’ questions – and hard questions – from skilled people. They are simply directors’ ways of learning enough to feel comfortable about the strength of the plan, the metrics that could be used to track progress against the plan and management’s ability to carry it out. While directors’ questions may not change the plan, they often result in an enhanced set of contingency plans. The management team should not be offended by hard or dumb questions. The board is simply managing its bets.

Bottom Line? Boards Need a Plan
Boards make the most critical bets of all. Their bets spawn long term uncertainties that shift and change over time. They require considerable time to be realized. They require ongoing and focused attention to ensure that both the upside opportunities and the downside threats are identified and managed.

Part one of this series concluded from Knight’s “imperfections in predicting the future” that the fundamental downside risks are few, not many. They apply to all bets, including the board’s bets:
1. Failure to understand the cause and affect relationships that form current reality and are the source of the upside and downside of risk and uncertainty.
2. Failure to create a detailed execution plan that includes risks and uncertainties that can guide future decisions.
3. Sloppy execution of the plan by individuals who are unfamiliar with its details or insufficiently committed to its objectives.
4. Failure to monitor progress against the plan. “Never expect what you don’t inspect.”
5. Failure to act quickly when the objective is threatened.

The ICD’s Key Competencies for Director Effectiveness are an important component of a board plan to avoid “Knightian” failures. Boards need a plan to manage their own bets. They need the means to manage and monitor their plan. Some of the processes that are needed to manage the plan are known and used by some boards. They include involvement in strategy development; CEO evaluation; compensation reviews; board-member education and development; and senior management succession planning. Boards that use them must adapt to managing uncertainty if they are to adequately respond to widespread demands for improved management of the board’s bets.



[1] Frank H. Knight, Risk, Uncertainty and Profit, Hart, Schaffner and Marx; Houghton Mifflin Co., 1921

[2] Made to Stick, Chip Heath and Dan Heath, 2007, Random House

Do Boards Take Bets?

Do Boards Take Bets?
Are Hot-Risks Simply Red Herrings?
Adding Clarity to the Debate on Risk

By
Hugh Goldie
Associate, The Exchange Group

Is everything we call a risk, actually a risk? Is everything we chase in the name of risk management worth chasing? The answer depends on whether your board is content to simply talk about risk or whether it wants to actively manage its bets.

Talk about risk became popular following the demise of Enron. It became big news following the collapse of Lehman Bros. and the emergence of our present recession. Recent talk about risk has initiated an alternative approach to risk and risk management that is simple and easily understood. In reality, it is misleading and dangerous.

Prior to its emergence as big news, “risk management” was a generic concept that lacked much appeal beyond a few professionals. It was hard to visualize and difficult to communicate. The standard definition of “risk” says it all:

• 
  A risk is an event or situation that could impact (compromise or enhance) our ability to achieve an objective.[i]

The 2008 bank failures in the U.S. and elsewhere piqued public interest about risk and the failures of risk management. Those who thrive on hot topics and headlines latched onto the use of “hot-risk” labels to stoke the discussion. As a result, “hot-risks” are news. Terms like reputation risk, compensation risk and the catastrophic Black Swan event[ii] create pictures of dangerous situations that are easily understood by the public and require little explanation.
Risk labels have been a boon for the general media, financial commentators and some consultants. The more risks they can identify, the more they have to talk about. Now, it seems that everything we do has a risk label attached to it. In a paper about pension plan management, the authors identified 54 different types of risk.

But risk labels have three serious downsides. Misdirecting risk management efforts is one. Risk labels direct our focus to the “back end” of the problem rather than the “front end”. Reputation risk is a good example. While the label “reputation risk” seems logical, threats to reputation are not a risk. They are a secondary impact, activated only when a risk event or situation has occurred. It is more prudent, and far less costly, to avoid the risk situations or events that could cause threats to reputation.

Yes, preparations to manage possible threats to reputation are important. The makers of Tylenol, the producers of Maple Leaf foods and TV host David Letterman demonstrated that good management can minimize their impact. In the Maple Leaf case, it is known that listeria bacteria consumed in processed meat can cause illness or death - and threaten the meat processor’s reputation. The real culprit, the real risk to be managed, is the possibility of bacteria collecting in the processing equipment.

Commoditization of risk is a second downside. When everything is a risk, then nothing is a risk. Risks become freestanding entities and risk checklists abound. When boards are constantly called upon to deal with a litany of risks like IT risk, reputation risk, litigation risk or fraud risk, they lose their sensitivity to risk. Boards intuitively know that everything is not a “red light” issue.

But boards are subject to fear. The commentary around hot-risk topics creates fear, the third downside. It discourages the prudent risk taking that is at the very centre of innovation, change and healthy growth. Peter L. Bernstein, the recently deceased guru of risk management,[iii] emphasized that “Risk doesn’t mean danger. It simply means not knowing for certain what the future holds.” Events we encounter as we execute our plan could cause the outcome of our bet to be better than we expected, or to be worse.

Richard L. Thompson, Chair of Lennox International, comments that, “The secret of success lies not in avoiding risk but in managing risk; avoiding ‘bet-the-company’ types of uncertainties, developing contingency plans for identified risks in the event they materialize and closely monitoring progress in order to respond quickly if the ‘bet’ is threatened.” [iv]

Start at the Front End
Bernstein zeroed-in on the critical starting point for risk management. Risk does not come into play until, “... we place a bet on an outcome that will result from a decision we have made.” In deciding to make our bet, we initiate a process to achieve that outcome. We cannot be certain about our success in predicting our future because the activities we use to arrive at our decisions and execute our plans are imperfect.
These imperfections were first catalogued by Frank H Knight as follows:[v]

1. We cannot accurately judge the totality of our present situation;
2. We cannot assess how the future will unfold with any degree of dependability;
3. We cannot accurately predict the consequences of our own actions;
4. We rarely execute our plan in the precise form in which it was made; and
5. We cannot accurately know or predict the actions of others who could impact our plan.

To that list we add an observation from recent research by Kahneman & Tversky:[vi]
6. We cannot be sure that we will recognize, or take advantage of, the upside opportunities that will occur as we execute our plan because we are hard-wired to be more concerned about imagined loss than potential gain.

Knight segmented generic risk into two categories, “measurable risk” and “uncertainty”. He saw “measurable risk” as being quantifiable using probability theory and available data. For example, computer models are built to quantify, hedge, and predict the future values of pension plans and investment portfolios. He saw “uncertainty” as being unquantifiable, resulting from unique situations for which no data are available for analysis.

The Generic Risks are Few
The fundamental downside risks are few, not many. They apply to all bets.
1. Failure to be detailed and disciplined in the examination of the cause and affect relationships that form our current reality and trigger our decision to proceed. Some of those relationships are specific to our business. Many are generic, common to business in general. As a bonus, when we understand our current reality at its most fundamental level, our options for future action are also clarified.
2. Failure to create a detailed execution plan that includes the inevitable downside risks and upside opportunities, to guide our decision-making.
3. Sloppy execution of the plan by individuals who are unfamiliar with its details or insufficiently committed to its objectives.
4. Failure to monitor progress against the plan. “Don’t expect what you don’t inspect.”
5. Failure to act quickly when the objective is threatened.

The Board’s Bets

Boards do not develop plans or execute them. But when directors approve their CEO’s plans, they place a bet. Boards make the most critical bets of all. They bet on a CEO, they bet on a strategic plan, they bet on a management team, they bet on an executive compensation scheme, they bet on a group of board colleagues and they bet on management’s financial statements, to cite some of the key bets. Using Knight’s definitions, these are all uncertainties that prudence demands be managed. That implies gathering information to demonstrate whether:

• 
  · The management team is committed to the project, has taken a disciplined and detailed look at the current reality surrounding its proposal and has developed a reasonable approach to strategic deployment.
• 
  · The execution strategy and plans consider upside opportunities as well as the downside risks and have the capacity to respond to both.
• 
  · The execution team is familiar with the plan and committed to its objectives.
• 
  · Progress against the plan will be monitored and routinely reported to the board.
• 
  · If the project goes off the rails, management has the capacity to respond appropriately.

Boards Manage “Uncertainty”; Management Manages “Measurable Risk”;

Many argue that boards do not manage risk; rather, they oversee management’s risk-management activity. That argument is correct, given the understanding that the board develops its own processes that are appropriate for managing uncertainty. These processes are known; CEO evaluation, compensation reviews, board evaluations are some that boards use. These processes and the boards that use them must adapt to managing uncertainty if they are to adequately respond to widespread demands for improved management of their bets.

An earlier article in Director [vii] referred to one process for managing uncertainty, namely three steps for engaging management and the board in strategy development. The three steps, Educate, Engage, and Refresh, provide the board with a vehicle to gather the required information and remain informed of both progress and problems with the strategic plan.

Managing uncertainty is a forward-looking, intuitive process done by a human brain on the basis of an individual’s knowledge, imagination, capacity for solving complex problems, tolerance for ambiguity, ability to see the bigger picture and ability to learn from previous experiences. Managing uncertainty requires objective thinking with an open mind in order to see possible trends, patterns and relationships which may not be readily apparent in any documentation. These are the attributes of skilled directors, not computers. They are the reason why a skilled, experienced and balanced board is critically important.

Mr. Goldie can be reached at (204) 947-7129 or hugh.goldie@exg.ca .





[i] Conference Board Report, R1398-07-WG, Emerging Governance Problems in Enterprise Risk Management. This report uses the following definition for risk taken from COSO, “The possibility that an event will occur and adversely affect the achievement of objectives.” We find this definition too narrow and believe that Peter Bernstein would have agreed since it did not consider upside opportunity.
[ii] Taleb, Nassim Nicholas (2007). The Black Swan: The Impact of the Highly Improbable. New York: Random House
[iii] Peter L Bernstein, Against the Gods, John Wiley and Sons, Inc. 1996
[iv] Personal communication, 2009.
[v] Frank H. Knight, Risk, Uncertainty and Profit, Hart, Schaffner and Marx; Houghton Mifflin Co., 1921
[vi] Kahneman, Daniel and Amos Tversky, 1979, “Prospect Theory: An Analysis of Decision Under Risk.” Econometrica, vol. 47, No. 2, pp 263-291
[vii] “Learning from the crisis: How the board’s role in strategy fulfills a risk management responsibility”, Goldie, Smith, and Stephenson, Director, 2009

Benchmarking Your Board Evaluation

During a board evaluation there is often an elephant in the room that no one wants to acknowledge. It’s the question, “How does our Board compare to other boards? Are we really as good–or as bad as we think? If we wanted to make a comparison with others, how would we do it?” There are two ways to deal with the elephant.

The first is to ensure that your board has a regular injection of new members who have experience with other boards. That is the long and preferred way, but a topic for another day.

The shorter way is to treat board evaluation for what it is; a means of measuring year-over-year improvements in the capacity of your board to work effectively. Accepting that approach begs two questions:
1. How do we measure where are we now?
2. What actions should we take to make the greatest and most important year-over-year improvements?

To answer those questions, you need a starting point, a means of identifying what the greatest improvements should be, and an approach to measuring progress.

Typically a board evaluation questionnaire consists of a series of statements, (or questions.) Directors are asked to express their level of agreement with those statements on a multi point scale. There are two kinds of questions; those relating to board mechanisms that should be in place such as a code of conduct or a strategic planning process; and those relating to the accomplishments produced by those mechanisms. Examples of the latter would be, “Our CEO is clearly aware of what the board expects the organization to accomplish in the next year and has created a plan to do so.”

The questionnaire is completed, the results prepared, the board discusses them, and the whole exercise is put to bed ’till the next year. There is little to which to compare the report except last year’s, and only a vague suggestion of areas that could be improved.

A more directed way to manage the process is to start with a benchmark questionnaire. It uses the same statements, but for each of the statements two responses would be sought. Consider the following example. The statement on the questionnaire would read:

“The Board has established a mechanism for setting risk tolerance and monitoring risk exposure.”

The board would be asked to rate the importance of the activity to the effective functioning of the board using a five point scale.

1- Unable to assess (i.e. I don’t know enough to answer the question)
2 – Low
3 – Moderate
4 – Medium
5 – High

In the second part of the question, Directors are be asked to rate the boards capacity (skill) to accomplish this activity (i.e. Setting risk tolerance and monitoring risk exposure) again using a five point scale.

1- Unable to assess (i.e. I don’t know enough to respond)
2 – Low
3 – Moderate
4 – Medium
5 – High

Activities that require the Board’s attention show up in the results as being ranked High in importance and Low in skills. Contrary to expectations, the number of activities so highlighted by this exercise is usually relatively low.

The report provides several pieces of information.
-It identifies areas the board should examine for improvement projects in the next year and indicates a level of priority for the improvement.
-It identifies statements that are not necessary to include in future evaluation surveys.
-It identifies types of statements that should have higher representation in the survey.

A year from now, the modified survey can be run with relevant questions resulting in a true evaluation of progress in areas where improvement was identified.

Board evaluation should be about improving your board’s ability to function effectively. Employing this benchmarking approach makes that objective easier.

Your Board Can Make Time For Risk Management

Authors note. The ideas in this article parallel the ideas presented in, “How the Boards Role in Strategy fulfills a Risk Management Responsibility,” featured in the April, 2009 edition of Director magazine, written by Hugh Goldie of the Exchange Group, Ken Smith of SECOR Consulting, and Peter Stephenson of Meridian Consulting.
________________________________________
Risk is a hot topic for boards and they are being challenged to make the time to become more involved in risk management. This article illustrates how boards can make the time.
Risk is like the “elephant” in the Indian legend, The Blind Men and the Elephant. The six men experienced the elephant as something small, like a snake, a spear, or a rope. They didn’t experience the big picture; the whole elephant. They were like those in the financial services marketplace who were aware of the bubble in their own corner, but failed to see the industry-wide risk contagion.
What does the “Risk Elephant” look like?

It's bigger than we typically think. Frank Knight, (1) a University of Chicago Professor, identified two distinct types of risk. We are most familiar with “Measurable risk.” It’s the type we manage when we buy car insurance. Insurance companies measure past car accidents and use probability theory to create models that predict the likelihood that we, and the others in their insurance pool, will have an accident in the future.
The risk models used by the failed banks in the financial services market place, failed to manage this type of risk.

Boards Work with Uncertainty
Boards tend to work with the second type of risk characterized by Knight as “uncertainty risk.” Probability theory has little relevance in managing uncertainty risk because we have nothing to measure. For example, if we decide to invest $50 Million in developing a new product we’re unlikely to have a large data bank on which to build a probability model to predict our success. We do know that events or situations will occur, created by the economy or our competitors, that could help or hinder our success. We can’t be sure of how or when they will appear. And we can’t be sure of how it will affect us. That doesn’t mean we can’t manage uncertainty risk and prepare for its possible outcomes.

Lighting the Road
We manage uncertainty risk in order to light the road we follow in executing our plans. Managing uncertainty shines a spotlight on the dark corners and rough turns we may encounter so we can attempt to avoid them or minimize their affects (downside risks). It sets up beacons that can help us find the smoother stretches that could hasten and expand our our success (upside opportunities).

Brains not Computers
Managing uncertainty is a forward-looking, intuitive process done by a human brain (not a computer) on the basis of its knowledge, imagination, capacity for solving complex problems, tolerance for ambiguity, ability to see the bigger picture, and ability to learn from previous experience. Managing uncertainty risk requires us to think objectively and with an open-mind in order to see possible trends, patterns, and relationships presented by the data which may not be readily apparent in any documentation.
These are the attributes of skilled directors. They are the reason why a skilled, experienced, and balanced, board is so important. They are the reason why, for boards, risk management is a legitimate task.
The Challenge.

Skill is only one factor in the governance equation. Time is another. Ten years ago time was not an issue for directors. With today’s increasing demands from shareholders, regulators, and their own workplaces, directors are hesitant to add to their workload.
The Question.

How can your board make better use of director time to engage in managing uncertainty risk?
The Answer.

Make management of uncertainty risk the explicit method for executing your board’s responsibilities. Doing so will formalize an approach which many boards are already using by default. Channel your board’s agenda, the mindset of directors, and the understanding of the CEO, into a formal approach for managing uncertainty risk. You will build on existing director skills, clarify the relationship between the Board and CEO, and create better governance as a result.
Three steps are required.
1. Build uncertainty risk management into existing board activities and processes.
2. Better use available director time by adding additional resources to gather data, and to analyse and prepare risk assessments.
3. Ensure directors have the skills and experience required to work in this new reality of managing uncertainty risk.
Build Uncertainty Risk Management into Existing Board Activities.

Your board likely uses some or all of the processes necessary to manage uncertainty risk. They are strategic planning, CEO oversight, management succession, board development, and the audit of management’s regulatory submissions.
1. Create a formal map for each process including expected outcomes. (You likely have the map for audit review and use it every year)
2. Define each process step in terms of the calendar timing, expected outcomes, and task responsibilities for both the board and the management team.
3. Create a “process introduction” for use just prior to the start of activities for the year. This will put both the board and management on the same page as the process begins.
Identify the Data Required and the Means for Analysis.

Most boards rely on data provided by the CEO. They are reluctant to bypass the CEO or to incur the additional cost to engage outside sources. Effective management of uncertainty requires access to a broader understanding of the issues; including industry issues, and a need for independent perspectives beyond those of the CEO and management. Boards need assistance in gathering and assessing this broader spectrum of data.
1. Define the data required in each process for the boards understanding of the issues, the source(s) of the data, and resources required for analysis prior to use by the board. Sources could include the CEO, the Internal Auditor and external experts.
2. Establish the time and means for presenting data to the board for its understanding and assessment. This includes the typical board package and presentations by the CEO, but may also include outsider presentations or individual interviews with directors outside of board meetings. The usual board meeting routine may change.
3. Establish the criteria and means by which the board will accomplish its evaluation of each issue.
Acquire Directors Whose Skills and Experience Reflect the New Reality
The Institute of Corporate Directors (Canada), the National Association of Corporate Directors, (USA), the Institute of Directors, (Britain) the Institute Company Directors, (Australia) and the Institute of Directors in New Zealand Inc. have adopted “Director Competencies.” This document specifies sixteen desired competencies and the board tasks to which they relate. They match the needs for risk management. We recommend Director Competencies as a guide for director recruitment.
Risk is a hot topic for boards.
Increased board involvement in managing uncertainty risk is a legitimate challenge for boards. Your board can respond positively by adopting uncertainty risk management as the explicit means by which it executes its responsibilities. Better governance will result.
________________________________________



Hugh Goldie is a Director, and Past Chair of the Manitoba Chapter of the Institute of Corporate Directors. His recent book is titled, Confidence at the Board Table; How Directors Manage Risk and Deliver Superior Governance. Hugh is an Associate of the Exchange Group and can be reached at hugh.goldie@exg.ca.


(1)Frank H. Knight. (1885 -1972) Professor of Economics, University of Chicago. First book published in 1921, Risk, uncertainty and profit. He was responsible for injecting reality into risk management.