Malcom Sparrow's Take on RiskAs a complement to my earlier post concerning Peter Bernstein's views on risk management in the private sector, I'd call attention to what Malcolm Sparrow, a professor of the practice of public management at Harvard's Kennedy School of Government, has to say about risk management by government regulatory agencies.
Sparrow explains his thinking in a June 5 interview published by the Kennedy school:1
Increasingly, we see police agencies, environmental agencies, occupational safety, even custom officials focusing deliberately on specific, carefully identified problems. They are learning to spot very specific patterns of hazard or risk concentrations, whether these “knots” are crime problems, or specific environmental issues, occupational hazards, or patterns of drug-smuggling. What these agencies are learning to do and which they find organizationally quite awkward is to spot specific issues, study their structure, and devise tailor-made interventions. When they act in that way, the solutions they invent usually represent substantial departures from their agency’s business-as-usual. When they do this well, you see these almost surgical interventions producing significant reductions, sometimes the complete disappearance of a specific pattern of harm all as a result of this type of disciplined thinking, consciously focused on subcomponents of some general class of harm.Sparrow often uses the word "harms" in lieu of "risks" to emphasize the difference between what a public agency does in managing risk and what a private company does:
... Focusing on specific bad things (risk-concentrations, trends, patterns, etc.) offers you the opportunity to think and act like a saboteur: to find a vulnerability of the harm itself, and remove it, or produce a scarcity which the opposing forces cannot cure. And sabotage is efficient, assuming you’ve adequately understood the object to be destroyed, and its vulnerabilities. Many agencies are beginning to appreciate the resource-efficiency and effectiveness that comes from this type of artful “sabotage of harms.”
A lot of government agencies’ core task is to identify societal risks and to suppress those risks effectively and at minimum cost and intrusion. ... It is not “risk management” in the normal sense of “managing risks to my organization.” It’s risk management as an operating framework for doing the agency’s core business, which is working on risks or harms to health, welfare, security, or the environment.In sum, Sparrow believes an effective regulatory agency gives concentrated attention to "what piece of a task to bite off, and how many bites, and what type of performance account should they expect at the end."
1 You can find a fuller statement of Sparrow's views in a speech (pdf) he gave at the National Environmental Innovations Symposium in December 2000, i.e., about six months after the publication of his book, The Regulatory Craft: Controlling Risks, Solving Problems, and Managing Compliance (Brookings).
A more recent book-length treatment of his views is in The Character of Harms: Operational Challenges in Control, published this year by the Cambridge University Press.
Finally, another meaty interview, given to Vic Pakalnis for Canadian Government Executive in September 2007, is here.
Labels: Risk management