Risk Management – the identification, assessment and control of risks to an organisation – is an important part of the successful running of any business. Most organisations have structures in place for managing this, especially for them to meet the requirements of an ISO certification.
However. when you are so familiar with the running of your organisation, could there be a risk of overlooking risks?
Here are a few ways this could happen.
Cognitive Bias
This refers to a tendency people have to assume something to be a certain way because it has been so before. It causes the line of reasoning to be flawed when making decisions as the brain attempts to “fast track” decision-making by simplifying information.
This means that new information can be “ignored”, because it might go against the opinions and beliefs already held.
Psychological Scotoma
Another problem which comes with familiarity and perception is Psychological Scotoma – a blind spot in our cognition (thought processes) which means we can’t see what is in front of us. This is usually a result of cognitive dissonance, a conflict that occurs between our beliefs and opinions and our behaviour because the information we have is inconsistent with what is happening, so it gets ignored. The old saying “can’t see for looking” refers to this phenomena.
Frequency Illusion
Frequency Illusion is a cognitive bias whereby having noticed something, perhaps for the first time, it suddenly becomes a big issue. You suddenly find yourself consciously or unconsciously noticing everything similar or connected so that it seems as if it is everywhere.
For example, if you were thinking of buying a certain car, you might start to think you are seeing that car everywhere you go.
The events described above could mean that you over-estimate the risk, leading to resources being placed in the wrong area, and perhaps diverted away from more serious or genuine risks. It could also result in additional controls being implemented that actually make the business operations more difficult and fail to provide any real benefit.
Seeing these phenomena from inside your business can be difficult, especially when you’re making decisions which could affect the operation of the whole organisation.
Having an ISO Consultant from outside your organisation is an excellent way of getting an independent and unbiased view on the potential risks within your organisation, as they will be unfamiliar with your organisation and the processes within it, and so will bypass all of these cognitive biases.
Don’t know where to start? Come and chat to us at Assent, and we’ll be happy to help you get moving.
Our consultants are trained and experienced in managing a vast range of risks and have assisted all types of organisations in setting up programmes to identify and control their risks.