Grant Purdy joins us for a three-part interview. Part I focuses on Grant’s background and experience from working more than 40 years on practical applications of risk management, including the improvement of decision making.

I found many subjects at school quite frustrating. Only physics and chemistry really allowed me to understand how things worked – from first principles. A degree in Chemistry further satisfied my inquisitiveness but, after 6 months of research at the end of the honours degree (and an offer to continue to a PhD), I felt I needed more. I needed to do something that ‘made a difference’ for mankind and the planet.
While awaiting my final results I was startled by a large explosion in the distance. This was a chemical explosion at the Flixborough site in the North of England and I soon found myself at the local office of the Health and Safety Executive, talking to the inspector who first visited the site and was now leading the investigation into the deaths of 28 people and the destruction of nearby homes. I was hooked – and after some grueling interviews, I became one of HM Inspectors of Health and Safety in the UK.
It was soon clear that the Government, industry, and local communities urgently needed reliable advice so that they could develop better safeguards for hazardous chemical plants, to aid decisions where new chemical plants could be built and on the siting of homes and other developments near existing plants. No one called this ‘risk management’ or even used the word ‘risk’ at that time to describe the information I generated and communicated to decision makers - which defined some events that could happen, their impact on people nearby, and the likelihood of different types and levels of harm.
From fixed installations, my work turned to transport systems and I led a major multi-year study for the UK Health and Safety Commission into the risks from the transport of hazardous material by road, rail, and sea. Again, the output of my work directly helped decision makers, often by challenging existing preconceptions. For example, my work led the UK (and many other countries now) to stop evacuating people when a hazardous substance event occurs and to move to a strategy of sheltering indoors. Similarly, while the accepted wisdom was that sending hazardous chemicals by rail was safer than by road, I was able to show that, often, the opposite was true – and why.
Inevitably, whenever my advice suggested new or different safeguards, I became involved in cost benefit analysis which, of course, had to consider all the benefits of a change (and not just safety related ones) together with a wide range of costs and dis-benefits.
Subsequently, I led a European Commission-funded study into the influence of management competence and capability on levels of risk. This led, naturally, into a career -long interest in the quality of decision making. So, for example, when my family moved to South Africa for a few years, I soon became involved in helping the Government and mining industry make decisions that would improve the safety and health of employees because the day we arrived in the country, the terrible Vaal Reefs disaster occurred when 104 miners were crushed to death when the ‘conveyance’ they were descending in fell 460m to the bottom of the shaft, some 2300m below ground. I helped Government agencies and the mining industry to challenge existing practices and develop better safeguards – through understanding and appreciating how operational decisions were being made and how these were often based on faulty assumptions about people’s behaviour and their motivations.
In the latter half of my career, based in Australia but working throughout the world, I’ve continued to help those making decisions, to gather information about context and assumptions (including what could happen), to facilitate effective conversations and to decide on the best option which would led to desired outcomes with the greatest level of certainty. Much of my work has involved training and mentoring decision makers, from board members and executives downwards – so that they can make even better decisions.
Looking back on your career, what professional values or principles are most important to you and how did these values influence your work and career path?
One of the earliest tests I set for myself was whether my communications were clear and unbiased so that decision makers could understand and have confidence in using the information I was providing. I recognized that, while my analyses had to be rigorously conducted, and had to generate results with appropriate levels of accuracy, this amounted to little unless decision makers fully and clearly understood my advice. It was not my role to make their decisions for them, but rather, by illuminating the context and the related assumptions I could enable them to see for themselves the benefit to them of taking that advice.
The second thing that I’ve learnt, somewhat later in life, is that you can achieve much more effective and long-lasting changes in behaviour and attitude by training and mentoring people so as to empower them to make sound decisions, rather than by writing documents like standards and regulations and then requiring (dumb) compliance.
Both of these principles, requires an approach to communication that avoids jargon, only using terms that everyone can identify with and understand. Despite what many seem to think, trying to bamboozle people using arcane concepts and language does not impress and rarely motivates lasting changes in behaviour and thinking.
The final thing I’ve learnt is always adopt a ‘glass half full’ mentality. To many, the expression and notion of ‘Risk Management’ is synonymous with failure, doom and gloom, and restricting people from what they want to do. It seems its sole focus is stopping bad things happening rather than empowering success. However, for me, uncertainty is not something to fear; it is just a normal part of life and its resolution is the challenge we all face every day. Hence, for me, uncertainty is just something to take account of, understand, and reduce where it is beneficial to do so.
Australia and New Zealand are credited with helping to develop the field of risk management (sometimes referred to as Enterprise Risk Management (“ERM”)) and the creation of AS/NZS 4360, a precursor to ISO 31000. You played leadership roles in the ongoing formulation of both of these standards. As you look back, what were some of the seminal moments or key takeaways from this experience that contributed to your present views (to be explored in greater detail later in the interview)?
I can recall, when I first arrived in Australia in 1995, being encouraged when I read the first edition of the Australian and New Zealand standard. Behind its alien language, and despite it not explicitly dealing with decision-making, it did seem to have that aim and to be advocating the way that I had been dealing with uncertainty for many years - to help people and organizations make better decisions. Largely, it was simple and straightforward but a complicating factor (which I did not understand fully at that time) was the confusing term ‘risk.’ To me, ‘risk’ was just a numerical result from a calculation and I could not see how it could just be a “chance of something happening.”
I joined the committee that revised the standard in 1999 and while the committee retained the ‘risk’ construct, it made one big improvement. We gave explicit recognition to the importance of communications (conversations) to aid understanding of uncertainty and the views of others when making decisions.
I remained a member of that committee for 14 years and was the chair for seven. At that time, the work of the committee was undertaken by a core team, many of whom were ‘doers’ and not just ‘thinkers’ or salesmen. Most had been working in what was then called ‘risk management’ for many tens of years. They saw the writing of standards and advisory handbooks as only an act of codifying and passing on their acquired wisdom. For most, their involvement was not seen by them as solely to bolster their careers, enhance their CVs or to help sell more books/software/consultancy.
In 2004, we prepared the third (and final) version of that standard which, in retrospect, is where we should have stopped – because in 2005 we got drawn down into the rabbit hole that is ISO standards making. Already, it was clear to me that the major weaknesses of the standard (indeed, of any ‘risk management’ standard) were:
- the insurmountable challenge of what was then described as ‘embedding’ of the ‘risk management process’ in decision making; and
- that the whole standard was founded on the confused, ambiguous, and irrational term ‘risk’. Although this was defined, this definition did not align with most of the general and highly inconsistent uses of the term. Indeed, in the standard itself, ‘risk’ was used in several ways that were inconsistent with its own definition!
Many countries had already just adopted the Australian and New Zealand standard and it was suggested at the first meeting of the ISO Risk Management Working Group that it would be simplest if the world just adopted that and we all went home. However, it soon felt as if that generating simple-to-understand and practical advice was not the primary objective of many other influential national delegations.
Over the next four years, I became involved with some of the most frustrating meetings and most arcane arguments of my career - where so often, achieving the much-lauded ISO consensus really meant just ending up with non-sensical compromise. So much time was spent defending sensible practices that had clearly worked for many years – against arguments from people whose only interest seemed either to make risk management as complicated as possible, to include their own favourite subject or endorse their own proprietary idea. It was clear, that few people on the ISO working group had much practical experience in the subject they were supposed to be ‘experts’ on.
The eventual product, ISO 31000, was very much like the curate’s egg – only good in parts. The simple, step by step process copied from AS/NZS 4360 was the good part. The mangled, convoluted thinking on the ‘framework’ was the ‘bad’ because it turned a process to help with decision-making (imperfect as it was) into an administrative edifice and creating and maintaining that edifice (rather than its purpose) became the rationale for ‘risk management.’ I stayed on the ISO committee for another three years, but eventually it became clear to a number of us that not only was it becoming almost impossible to drive forward improvements based on logic and proven experience, but that by continuing to associate ourselves with the output of the committee we were blighting our own careers and reputations. I’ve since discussed my experiences with those who attempted to inject some realism and practicality into the development of both versions of the COSO ERM Standard in the USA. They also, eventually, gave up when faced with the formidable commercial interests present on the developing body.
All this has only served to confirm my view that the ‘risk management’ of today and the evangelical way in which it is promoted is little more than a spurious belief system, separate from normal management. Even though it has no solid foundation or universal meaning ‘risk management’ has been promoted as something that is both valid and indispensable – by professional bodies, consultants, regulators, and national stock exchanges. The (entirely untested) belief was that practising ‘risk management’ (in whichever guise) was prima facie evidence of, and a prerequisite for, sound management and good decision making.
Fundamental to the belief system, is the contention that to be successful, organizations need to somehow integrate the related paraphernalia into their usual way of operating and making decisions. However, ‘integration’ of ‘risk management’, with its unnatural and ever-shifting language, structures and disconnect from distinctive way that individual organizations operate, simply cannot and does not happen. This is why, at most, ‘risk management’ is usually applied (imperfectly) as just an ‘add on.’
However laudable its origins, I’ve now come to the view that present-day manifestations of ‘risk management’ rarely generate information that can be simply and reliably used to support decisions. In fact, mostly they obfuscate the decision-making process and divert valuable resources that could be deployed to improve decision making by all in the organisation who are required to do so, from the Board downwards.
Obtaining consistent and focused involvement of senior leaders with risk management is a common stumbling block for many organizations. How can we change this? What works? Does it need to be personal to the leader?
Actually, such reluctance is both inevitable and desirable. It reflects a natural and implicit realization by senior management that the complexity and artificial constructs of whatever manifestation of ‘risk management’ their organization has subscribed to has little relevance to the real task of helping the organisation exploit its opportunities to achieve its purpose.
Of course, a fundamental part of making the decisions needed to successfully exploit opportunities requires understanding and dealing with uncertainty at all levels in organisations. However, as I’ve explained already, attempting to resolve uncertainty via the construct of ‘managing risk’ is neither an effective nor logical path to adopt. This is borne out by multiple surveys that show that risk management ‘maturity’ (whatever that means) is persistently low – which is often blamed on low take up by Boards and senior managers, rather than its inherent limitations.
Put simply, directors and senior managers have better things to do with their time and are skeptical about anything that does not have a natural fit and requires extensive upheaval of the way the organisation operates. In fact, Roger Estall (the co-author of the book Deciding) and I have yet to find an organisation asserting to practice ‘risk management’ that did not, in reality, have separate processes for ‘risk management’ and for actual decision-making. We realized that whatever ‘risk management’ is thought or claimed to be, it neither does, nor can ensure effective decision-making.
We also realized – as have many others who found that ‘risk management’ and other management fads don’t work or help – that jargon is an anathema to most people, especially those at a senior level. Either they don’t master or can’t be bothered to learn a new language, especially as is so often the case – the concocted expressions aren’t coherent anyway. That’s why, in our book Deciding we use plain language throughout to explain decision-making and the guidance we offer. We simply rely on the ordinary meaning of words to discuss essential issues such assumptions, context and post-decision change. I guess we were very mindful that mankind manages quite well with its usual languages to communicate, including complex ideas.
To be effective, any process that claims to aid decision making must respect the way that organisations (and individuals) operate (which they do by making and implementing decisions) rather than suggest they do something entirely different. The most obvious reason for this is that most organisations (and individuals) make many good decisions every day. Were that not so, there would be widespread failure.
If we really want to help senior leaders of organisations make even better decisions, this can only be through helping them enhance their existing practices. We are bound to fail if we attempt to replace existing practices and language with alien artefacts and processes that anticipate leaders will use confected concepts and language – so many of which, on the simplest of examinations, are either not coherent or mostly meaningless.
The second and third parts of this interview will focus in detail on your new book entitled Deciding - A Guide to Even Better Decision-Making (2020) which you co-wrote with Roger Estall. Can you suggest three or four other books that have most influenced your work.
Given what I’ve said before, it is natural that the book which most influences what I do is, quite simply, the dictionary. While I have a preference for the Oxford English Dictionary, any will provide a guide to the meanings of the words that most people use and understand.
Another book that has influenced my thinking was John P Kotter’s 1996 seminal book, Leading Change. I’ve used the advice there to drive change in parts of organizations I was managing and also, to advise others on how to drive change in behavior and decision-making in their organizations. Kotter’s advice is clear, concise and works every time.
Although nowadays we don’t seem to agree about much, Jim DeLoach’s 1995 book for the Economist Intelligence Unit called Managing Business Risks: An Integrated Approach allowed me to pull together all my thoughts and experiences at that time and helped confirm that applying one, general approach to understanding and dealing with uncertainty in business was both efficient and effective. This is probably the explanation that has got closest to explaining how to understand uncertainty as part of normal decision making. Since that time, however, most have deviated from this. I remember this book convinced me that understanding uncertainty was just a natural challenge that businesses have to attempt every day in pursuit of their purpose.
If I was to name just one, true mentor it would be Felix Kloman. I subscribed to his Risk Management Reports for many years and his books that are collections of his articles still inspire me and, perversely perhaps, have caused me to reject the value of ‘risk management’ as a means of addressing uncertainty. Of his books, maybe Mumpsimus Revisited is the one I still dip into the most. Since reading his reports and books, I am honoured to now consider Felix a friend. His journey trying to make sense of risk and risk management (and failing) and his views on uncertainty in many ways mirror my own.
Probably the most influential book I’ve read of late is Daniel Kahneman’s Thinking, Fast and Slow. This stretched my mind, challenged many of my assumptions and exposed many of the biases which I (and I suspect most other humans) are prone. In many way’s this book prompted my work with Roger Estall that led to our book on Deciding – which, although not so detailed and theoretical, is certainly intended to help all people make even better decisions.