We live in a world of constant threats, whether the coronavirus, a natural disaster, or a financial crash. These threats surround us at all times and in every corner. COVID-19, and most recently its Delta variant, reminded us of this reality. At McChrystal Group, we believe that risk is the product of threats and vulnerabilities—the hazards coming our way and our weaknesses in responding to them.
We see the interaction with risk happening in four parts:
- Detect Threats: The first step is identifying which hazards are approaching and when they might occur.
- Assess Vulnerabilities: Evaluate the identified threats based on your organization's vulnerabilities.
- Respond to Risk: Communicate clearly, react appropriately, resist the bias for inaction, and adapt as necessary.
- Learn from the Process: This is often the hardest part. After responding to a risk like COVID-19, it’s easy to move on and forget. Instead, challenge your team to acknowledge what happened, what didn’t, and what changes should be made.
This process isn't linear. Your team must continuously detect, assess, respond to, and learn from risks in a constant feedback loop, as the threats are never-ending. This needs to become part of your team's muscle memory and operating rhythm to be best positioned for the next risk that comes your way.