Risk oversight has always been one of the most critical responsibilities for corporate directors. Today, organizations face global conflicts, economic uncertainties and disruptive technologies. In an environment often described as VUCA (volatile, uncertain, complex, and ambiguous), directors are elevating their expectations. In a recent NACD poll, 62% of directors viewed disruptive risks as âmuch more importantâ than five years ago. However, only 19% of directors expressed confidence in managementâs ability to address such risks. We need to close that gap.
What are disruptive risks? An animal metaphor of black swans, grey rhinos, and white elephants can be useful. Black swans are âunknown unknownsâ that are highly improbable and difficult to predict, such as the 9/11 attack and the 2008 financial crisis. Gray rhinos are âknown unknownsâ that are observable but often ignored due to uncertainties about their timing and impact. For example, artificial intelligence and cybersecurity have been around for decades. White elephants are âknown knownsâ or big issues that are extant but difficult to acknowledge and manage. Examples include irrational CEO behavior and sexual harassment cases that ushered in the #MeToo movement. All three can be considered atypical, disruptive risks that can have a major impact on an organizationâs business performance and reputation.