Entries tagged with “risk”.


REPUTATION – while a company is known for the products and services it provides, one of the major reasons a purchase is made is based on the reputation of a company.   A company’s reputation is a wispy thing.  It’s made up of various bits and pieces, the quality of the product, the professionalism of the staff and management team, the contributions to the community, the handling of problems and issues that arise, the “trueness” of the company actions to the marketing image created.    A small mis-step can cause a stock price to fluctuate, and a large one, or several combined can cause a business to cease operations.

The oil situation in the Gulf of Mexico is a prime example of how perceived mishandling of a disaster affects the reputation of a company and the adverse effects it has on that organization.  In April of this year, BP stock was trading near the 52 week high of $62.50 per share.  This morning, the stock was trading below $32.00 and trending downward.  The disaster in the gulf and the subsequent handling of this catastrophic incident is a primary cause for the nearly 50% drop in stock pricing.

When the oil spill first happened,  I viewed it as a “Black Swan” event, an event that is unpredictable, carries a massive impact and after the fact (and in this case, once we get to after the fact) can be explained in a way that makes it less random and more predictable.  However, when I put this thought to a recent meeting of Business Continuity Professionals, an expert in the profession explained that oil company’s and those businesses associated in the industry are well aware of the hazards and risks related to deep oil exploration and would/should have plans in place for these types of events.  From my experience in building continuity programs, plans for irregular events and catastrophic issues are tested and improved through testing and tweaking.  These exercises are designed to help reduce the impact of the situation, and maintain a positive light on the reputation of the organization by showing:

  1. We have designed the process/program/product to be as safe as possible.
  2. In the event of an incident, we understand what is wrong and how to fix it.
  3. We are in control of the situation and are doing everything to return to normal as soon as possible.

A major part of the continuity event is communicating a common message for the organization and making sure all parties of the organization are in line with that message, in other words say what you are going to do, then do it.  If you make a promise, you need to be sure it is kept.  It’s not only important to manage the message and deliverables, but make sure the perception of what is happening is in line with what is actually occurring.

BP has made many positive commitments to the clean up and economic recovery to the individuals and companies that are being affected.  They have promised to promptly pay all authentic claims associated with the oil spill, they have promised to donate the net profits from the recovered oil to wildlife resuce organization, they have promised to pay for all the authentic claims associated with the spill and not be capped by the Government established level of responsibility.  These are all very positive things that would go a long way towards rebuilding the brand and reputation of the company.

It’s important for companies to remember that just saying something doesn’t make it happen.  People remember what was said (or what they thought they heard) and then measure a company against that point. 

Unfortunately it appears that there may be issues in the promise made and the actual delivery.  In a Bnet article posted on June 11th, Kristen Korosec, highlighted an issue with the oil spill claims that have been filed with BP and outsourced to a third party “BP Risk Management Firm is Really Good at Screwing OverOil Spill Claimants“.  The perception among claimants is that the comments Tony Hayward made concerning the claims process and appropriate payment (See Bnet posting) are not being met. 

From a disaster recovery perspective, it is important to monitor these issues and make the course corrections to keep from further eroding the reputation of the organization.  Additionally, I believe BP needs to get ahead of the curve to make sure these continual mis steps (be they perceived or real) stop happening.  Prompt positive action is needed to stop the downward spiral.

When we think of disasters we usually go for the big ones, hurricanes, tornadoes, fires, earthquakes, floods, civil unrest and the like.  These disasters are typically low frequency and have the potential for high risk.  While it’s important to plan for these types of disasters, it is more important to look for the high frequency, low impact. 

The following are 5 potential problems your business can face on a daily basis.  In addition to preparing for a quick response to these types of problems the processes and procedures you put in place can become the building blocks to cover the low frequency high impact recovery programs.

Loss of Power – From a downed power line to a transformer station fire, loss of power to your business can cost you revenue, customers,  and reputation.  

Loss of Phones – Phone lines cut, power outage, a “misunderstanding” with your phone service provider can leave you without land line contact to the outside world.  If your IT systems are affected, it can also make you invisible to the world.   

Employee Shortages – What do you do if 1/2 or more of your employees are unable to come to work?  Or what happens if key individuals are unable to come to work?  Be it from a snow storm, illness, or other cause, this can slow down order processing, provide less than ideal customer service or delayed billing.   

Evacuation Planning - It’s important for the safety of your employees and customers to be able to safely and efficiently evacuate the premises. 

IT system crash – This is especially important if your business is dependent on IT to survive.  Power outages, loss of data, system breaches, system hijacking, are just a few of the items that can put you in a loss position.  You will need to look at both the software and hardware.

Let’s take a look at what risk is:

Risk is defined by Websters as a noun 1. exposure to the chance of injury or loss; a hazard or dangerous chance.  It is further defined in an insurance setting as  from among other things “a hazard or chance of loss, the degree of probability of such loss, the amount that the insurance company may lose, . . .”.

In both of these definitions, the focus is on the chance of loss.  the flip side is there is a chance of gain as well which is not mentioned.  Perhaps the better definition is the uncertainty of a result which may be either positive or negative.

We break risk down along the same definitions, so risks that are inherent in operation of the particular organization where there is a chance of loss or gain are referred to as speculative risk or business risk.  Some examples would be loss of profits because of a change in the economy, or a change in the competitive landscape that turns the product or service from a unique item to a commodity, or expanding into a market that doesn’t need the product or service. 

This differs from pure risk or hazard risk that is focused on potential accident losses that are unintended.  It is associated with either loss or no loss,  the opportunity for profit does not typically enter into the equation.  Examples of these types of risks are property, personnel, and  liability.