All 50 states have some form of requirement for automobile insurance. But when you get in your car to go somewhere, how many of us think about our insurance policy? In that moment do we know what the deductibles are, what the maximum amount of coverage we have for liability or collision? Probably not.

We are interested in getting from where we are to where we want to go. We pay attention to those things that will enable that process. We check the gas, we check the mirrors. During the drive we comply with traffic laws and watch out for other drivers who may not be as aware or who might be impaired. We manage the risks of getting from where we are to where we want to go. The insurance policy stays in the desk drawer unless or until something bad happens. And when that bad thing happens, that accident, even if we have an excellent policy with a company that actually pays the full cost of repairs, we now own a car that has been damaged and its trade-in value is lower than it would have been.

Why is it then that we have confined our understanding of risk to the insurance model? Why is it that we use the word “risk” to describe the potential for negative events rather than using it to describe the actions we need to take to achieve our goals? The answer lies in the expression “what gets measured gets done” and its corollary “what doesn’t get measured isn’t valued."

Our primary and essentially singular measure of the health and wellbeing of an organization as well as an individual is money. How much of it you have how much of it you can generate and, from a corporate perspective, how much of it you can save or avoid spending is our current measure of value. The management of risk using this measure then revolves around how much of it (money) can be immune from loss. That’s a very narrow definition and one that is almost impossible to achieve. Insuring against loss is dependant on understanding the frequency of negative events in the past. Add to that, as our current financial crisis has demonstrated, that we can convince ourselves of almost anything as long as it contributes to the amassing of money and the insurance model of risk seems woefully inadequate. We all have signed up to this concept, by the way, not just the people who are going to be paraded in front of congressional committees.

So, what might the management of risk look like from the perspective of what we want to achieve rather than what we want to avoid? In the early 1990’s as JP Morgan was shifting from being a commercial bank to a full services financial organization two studies were completed. The first was by the CIO who determined that in an organization of 12,000 people in 23 locations we had nine e-mail systems. The second, commissioned by the Chairman of the Board, concluded that of the thirteen lines of business, two thirds of the client base used two or less of those services. Within six months we had two email systems (Mac people were just as fanatical then as they are now and I intend to join them in my next technology upgrade, but that’s a different story). It was clear that without the ability to communicate effectively across lines of business we were not likely to change the behavior of the clients.

It’s more difficult these days to achieve those kinds of alignment between strategy and organizational behavior for several reasons.

One of the byproducts of this focus on money has been the codification of “employment at will”. We all know that we can be fired at any time for any reason (unless we have some civil service or union protection). We scoff at the Europeans and their job security and state-run benefits. But “employment at will” has an underside that has left the workforce serving two masters. People go to work to do their jobs and contribute to the success of their companies but they also need to enhance their skills and ensure that they will be competitive in the job market should the need arise. We find IT people who want to build systems, HR people who want to outsource clerical jobs, facilities people who want to maximize space utilization all of which may or may not move the organization towards its goals. Ask any of these people what the strategy of the company is and you are likely to get a variety of answers or, more likely, no answer at all. It’s not really their fault. Their conversations with the corporate office revolve around the singular metric – how much are they spending and how much can they save. It hardly ever occurs to anyone to ask what is it that needs to be achieved and how they might contribute.

The other problem is that money is a lousy metric. Quarterly results tell us what has happened, not what might happen in the near or long term. Stock prices defy logic - UBS wrote down $19 billion, lost $12 billion in the quarter and its stock rose 11% the same day. There is very little accessible and accurate information out there that tells us what a company is trying to achieve and if it actually achieved it.

If the real management of risk is about embracing those activities necessary to achieve goals then the fundamental skill required of operational mangers is cooperation. I’ve long since forgotten the developmental skills sets associated with chronological age, but I’m pretty sure this is an interpersonal skill that we should have mastered before the age of ten. Currently, those skills have little value in the environment of the money metric. I would suggest that that is about to change.

While it is likely that we will go through the usual mind-numbing process of cost reductions as the economic situation continues to deteriorate, there is a sense that we are going through a level of distress that has not been experienced across such a broad base in recent memory. For the time being there will be a lot of scurrying around to stabilize the system but the awareness that value extends beyond money and taking risk is an essential element in that expanded view of value is beginning to take hold.