Analysis: Is Your Agency Doing All The Wrong Things Right?


How are you reducing the risk of risk?

Put another way: How is your organization leveraging clarity of purpose, internal processes and employees to reduce and manage the risks it encounters or will encounter? If the answer is “not very well” or “I don’t know,” your brand is in serious jeopardy.

Gone are the days when businesses thought of risk management only in terms of how much insurance coverage they needed. Today, risk is defined as the universe of uncertainties that affect an organization. It has five dimensions: strategy, operations, capital structure, human capital and brand.

To quote Harvard Business School strategy experts Robert S. Kaplan and Dr. David P. Norton: “We must elevate the topic of risk management to a level of visibility more in alignment with the dynamic nature of the ever-changing marketplace.” 

The public sector faces many of the same risks as private industry in terms of needing clear strategies for deploying scarce resources when budgets are shrinking and the demand for accountability and transparency is increasing. Add in the challenges associated with unfunded pension liabilities and the loss of institutional knowledge through attrition, and recruitment and retention strategies become important components of risk management.

What are you doing to address these areas?  How are you questioning the status quo? “If you aren’t green and growing, you are ripe and rotting,” says Chip Webster, former Florida chair at the executive advisory company Vistage. These questions illustrate the importance of committing to continuous personal and organizational learning and growth.

Start with an assessment of your situation to better understand your agency’s risk profile and awareness beyond the traditional insurance areas. Distractions from daily routines, crisis management and organizational growth can cause an organization to drift. In the press of these distractions the notion of “why we exist” may no longer be as clear. Whether we are doing the right things poorly or the wrongs things well are questions we fail to ask anymore. Asking them represents real and immediate opportunities for your organization.

In managing risk, agency leaders and managers might consider adding PESTEL to their toolbox. Traditionally used to analyze trends in new or emerging markets, PESTEL addresses six dimensions of the macro environment in which organizations operate: political, economic, social, technological, environmental and legal. Using this old tool in a new way provides an excellent framework for identifying a range of external risks and opportunities with potentially broad implications for your organization. PESTEL can elevate the visibility of risk beyond its insurance roots so it can be addressed strategically.

So what’s in your toolbox that you haven’t used in a while? How are you defining and dealing with the new paradigms of risk? What other old tools can position your agency to withstand the risks coming at you at ever increasing speed?

John P. Foster, managing member of the management consulting firm Pathfinder Group, has built several businesses and helps executives meet their goals by developing strategies to manage risk.

(Image via corgarashu/

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.