Chris Williams’s thought-provoking posting No Convenient Answer | When is there too much risk? got me thinking about the difficulties of using security risk management (SRM) in the humanitarian sector and how management approaches are often thought to be biased toward suspension or withdrawal. I agree with the central theme that an organisation that knows its risk appetite is then empowered to make better decisions. Which leads to the question of why we often seem to conflate SRM with an unwillingness to take risks when the tool itself is agnostic about how much or how little risk is taken?
The SRM tool doesn’t decide whether the risk is acceptable…people do.
I think this is a myth about SRM that needs to be dispelled because SRM is just a framework for managing risks not necessarily to stop people from taking them. As Chris suggests, it’s a practice that can help lead to informed decisions but the SRM tool doesn’t decide whether the risk is acceptable…people do.
SRM as programme prevention?
So why then is it that so many humanitarians associate SRM with being risk adverse? Some would probably argue that the “professionalisation” of humanitarian security, that at times is indistinguishable from government or corporate sectors, is to blame. Others would suggest that the simple act of assigning a level of risk and documenting it makes decision makers more accountable and thus less willing to take risks. It could be that maturity of risk decision making hasn’t kept up with the growth of risk practice. It’s probably all of these things and many more.
Real lives at stake
One viewpoint that comes through in Chris’s article and also that of Fabrice Weissman that Chris commented upon Dying to help: A drift towards humanitarian martyrdom is that these are human decisions that affect real lives. I can’t help but wonder is there something about SRM that dehumanises decisions? There may be nothing about a risk based approach that stops people from taking risks but the cold calculus of SRM may have the chilling effect of prioritising risks to the organisation over risks to the individual.
There are real lives at stake when we don’t take risks and it matters.
Particularly affected populations. I think this is what Fabrice and others are trying to remind the sector…there are real lives at stake when we don’t take risks and it matters.
SRM as risk taking tool
I think that we in the humanitarian security sector need to get better at how we apply SRM as justification to take risk as well as avoid them. There is nothing about SRM as an approach that should result in a lack of imagination in security. In fact an awareness of the organisation’s operating risk and risk appetite provides the necessary awareness to take risks right up to the limit when needed, allows for experimentation, to learn and improve. The act of writing a risk down doesn’t make it any more real than it was when everyone knew it or should have known it before. So SRM shouldn’t be a barrier to taking risks, it just provides an opportunity to be intentional and transparent about how the organisation takes risks and maybe also to share the decision making for better consensus.
Not a Think Tank 