Wednesday, January 20, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

What Do Aesop’s Fables and Risk Management Frameworks Have in Common?

by James Bone
January 8, 2014
in Risk
tortoise and hare

Aesop’s Fables is a collection of tales by the Greek storyteller Aesop.  We don’t know the true intent of Aesop’s stories since they were translated in early 1900s England by the Reverend George Fyler Townsend and Sara Cone Bryant.  We do know that each of the modern day translators intended the fables to be stories for young children to teach them about life lessons.

The stories are simple to understand and use human and animal characters to describe how to make the right decision when faced with situations of uncertainty and complex ethical dilemmas.  Most adults have heard of “The Boy who Cried Wolf” and “The Ant and the Grasshopper,” which teach lessons of telling the truth and the merits of thrift and hard work.

Aesop’s Fables describe a simplified world where the protagonist learns his or her lessons the hard way.  We can all enjoy these lessons and feel satisfied that we have been responsible parents by reading them to our children!   However, as our children grow older, life gets in the way and these lessons fall by the wayside.   More importantly, we learn that decision making is more complex than the stories in Aesop’s Fables.  While they may serve as a good guide, fables are not useful in dealing with the fast pace and increasing complexity of today’s real world.  This may be one of the reasons these fables are increasingly lost to history’s dustbin.

Unfortunately, many GRC and risk professionals unknowingly use risk frameworks as Aesop’s Fables.  We believe that if we simply tell our employees stories about the hard lessons learned by the unwitting protagonists in the story, they will learn what not to do.   No one lives their lives by children’s fables and it is equally unlikely that business leaders will manage their organizations by the fables embedded in a risk management framework.  Yet this is what we expect to happen!

Isn’t it time that we look beyond the simplicity of fables and lessons learned to advance the practice of risk management?  The best analogy is with 17th century medicine.  The best doctors who practiced in the 16th and 17th centuries did not know what happened inside the human body.  Most of the remedies were based on observation, theory and – worst of all – whether the patient died under their care.   It wasn’t until one doctor dared to think differently and look outside of medicine to learn how to diagnose problems inside the human body.

In the 17th century, wine makers would routinely thump their barrels of wine to determine whether it was full or evaporation had occurred as the wine aged.  An enterprising doctor decided to see if he could diagnose congestive heart failure during which the lungs filled with fluid.  By rolling up sheets of paper and thumping on the chest of patients this doctor learned to dismiss conventional wisdom and treat his patients using analytical thinking about the risks to his patients’ lives.   Advances in medicine evolved slowly as physicians learned to look beyond the myths of the day about human illness and to develop better diagnostic tools for managing risks.

Shouldn’t risk managers think more like scientists or physicians?  The answer is a resounding YES!   Risks, like human illness, can lie just beneath the surface.   The presentation of a symptom of a persistent problem may require a variety of tests to confirm an accurate diagnosis.   Medical diagnosis uses a variety of approaches through a process of elimination to determine possible causes of medical risks.  Risk probabilities are assigned to the accuracy of the causes and there is an understanding of residual risks assumed by the patient in proceeding with a prescribed course of action.  These risks are acknowledged with the understanding of the limits of a successful outcome.

If we cannot guarantee risks in life and death decisions, why do we expect to do so in business?

Risk management, like Aesop’s Fables and early medicine, has been around for centuries.   Unfortunately, the diagnostic tools to manage risks are still in the early stages of sophistication.  Many risk professionals still diagnose their corporate patients based on a set of symptoms, without understanding the root causes underlying the illness.

Will we continue to believe in fables or will we begin to think like modern day diagnosticians and attempt to understand what is needed to look beneath the surface?


Previous Post

Trade Compliance Is Simple, Except When It Isn’t

Next Post

Voluntary Disclosures, through the Eyes of FCPA Enforcement

James Bone

James Bone’s career has spanned 29 years of management, financial services and regulatory compliance risk experience with Frito-Lay, Inc., Abbot Labs, Merrill Lynch, and Fidelity Investments. James founded Global Compliance Associates, LLC and TheGRCBlueBook in 2009 to consult with global professional services firms, private equity investors, and risk and compliance professionals seeking insights in governance, risk and compliance (“GRC”) leading practices and best in class vendors.
James is a frequent speaker at industry conferences and contributing writer for Compliance Week and Corporate Compliance Insights and serves as faculty presenter and independent consultant for several global consulting firms specializing in governance, risk and compliance, IT compliance and the GRC vendor market. James created TheGRCBlueBook.com to provide risk and compliance professionals with transparency into the GRC vendor marketplace by creating a forum for writing reviews on GRC products and sharing success stories on the risk practices that are most effective. James is currently attending Harvard Extension School for a Master of Arts in Management with an emphasis in accounting and finance. James received an honorary PhD in Letters from Drury University in Springfield, Missouri and is a member of the Breech Business School Hall of Fame as well as the Missouri Sports Hall of Fame. Having graduated from the Boston University Graduate School of Education, James received his M.Ed. in Management and Organizational Design in 1997 and a Bachelor of Arts in Business Administration from Drury University in 1980.  

Related Posts

silhouette of businesspeople in meeting with blue cyber background

Cyber Risk Quantification and Prioritization is the Future of GRC

January 20, 2021
man working on smartphone and laptop

Adverse Media Screening: Relying on Google Alone Can Expose Organizations to Risk

January 19, 2021
challenge and solution concept with person standing at large gap

General Counsel Post-Pandemic: A Catalyst for Risk Fragmentation

January 18, 2021
green city papercut on recycled paper background

Managing the Climate Risk Mandate

January 7, 2021
Next Post
arm pulling back red curtain

Voluntary Disclosures, through the Eyes of FCPA Enforcement

Access realtime data

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights