The Report of the NACD Blue Ribbon Commission on Adaptive Governance: Board Oversight of Disruptive Risks

I recently had the pleasure of reading the Report of the NACD Blue Ribbon Commission on Adaptive Governance: Board Oversight of Disruptive Risks

The first part on disruptive risks was painful to read, yet another marketing bs it seems. The concept of adaptive governance (because yesterdays governance wasn’t adaptive) is just as silly. I mean how much free time these people, very respectable experts on the panel, have to constantly come up with new bs packaging for the same old ideas is amazing. It’s easy to spot bs, change disruptive risks to just risks and nothing will change.
The recommendations are older than Babylon:
  1. Strengthening culture
  2. Investing in skills
  3. Enhancing board processes
  4. Reviewing shareholder and stakeholder communications
And in fact are pure risk management 1, separate board-level risk reports and so on, I thought we were past that long ago. If anything, the paper is not even capturing current thinking, let alone future thinking. What is more important, doing 1-4 for normal risks has pretty much failed, so doing exactly the same for the disruptive risks (pretending they exist) will fail just as well. It is genuinely bad advice to do exactly the same thing over and over again under the new brand.
That being said, heads off to the NACD for marketing, it looks good, reads well.
What does the future really hold? Who knows, but few things are more or less certain. Humans are predictably irrational due to cognitive biases and shouldn’t make decisions under uncertainty without calibration and using quant risk analysis to properly measure uncertainty. Any paper that does not explicitly address that is probably a waste of time. However, cognitive biases explain individual behaviors but not group behavior (Taleb argues). Groups are complex systems. Risks at the company or market scale have to be modeled using different distributions to allow for fatter tails. Some risks also have to be modeled using fat tail distributions. Some people look to chaos theory for answers in risk management for the complex systems.
This quote is all you need to know about how detached from reality the authors are “Establish time on the board agenda, at least annually, for a substantive discussion of the company’s vulnerability to disruptive risks. Consider using approaches such as scenario planning, simulation exercises, and stress testing to inform these discussions.”
Why indeed model and discuss risks for every decision the Board makes when you can just do an annual exercise. I even feel bad for making my Board make every significant decision risk-informed :)))

RISK-ACADEMY offers online courses


Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!


ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.


Advanced Risk Governance

This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.