Home English

Risks of a lean superduper

risks of lean

A lean management concept is based upon the elimination of everything that does not bring added value to the respective product or service from the supply, production and sale process. And… please accept my deepest apologies for this simplification, Dear lean management experts, or whoever is reading this article…

Firstly, Toyota

Normally, as the best benchmark of a successful lean implementation, proponents of this idea point out the TPS or Toyota Production System. Lean processes are constantly excelled in the Toyota Corporation resulting in the well-known reliability of this company’s products. Of course, we can also mention other roots of a lean idea. These are the organisational improvements and inventions of Henry Ford, the father of the modern automotive industry and mass production in general.
I must confess here and now, that I am not an expert in lean management, but only in risk management. Thus, when a discussion titled “defects of lean management” appeared on my “radar screen” some time ago, my attention was drawn to the word “defects”. From “defects” (I thought) there is just one step to “risks”, and, after all, that’s what tigers do best!
Firstly, I dare say that at least some protagonists of a lean approach I have seen believe that this System (or solution, or idea, or managerial philosophy, whatever you call it) has a risk management component already included. Lean is so perfect and all-problem-solving super-duper, that no separate risk management is needed. Fact?


News about ideal risk-free circumstances is always good news because, for a risk manager, as Donald Rumsfeld, the once US former Secretary of Defence remarked in his ironic speech: “There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we know we don’t know. But there are also unknown unknowns. There are things we don’t know we don’t know.” And, we could also quote here another famous thinker: “…the more he looked inside, the more Piglet wasn’t there.
And here you are! Even before considering the known and unknown advantages of lean management, just some simple research of easily available sources such as The Financial Times or The WSJ shows that… The risk is still there and, what a surprise! The best example is indeed the Toyota Production System itself!
Sources indicate, for example, that the slimming of the supply chains of the world’s largest auto maker that embrace the elimination of an “excessive” number of suppliers results in a simultaneous increase of a “classic” supply chain risk. That relationship was dramatically demonstrated during the tragic tsunami in Japan in 2014.

Another manifestation of “lean” philosophy is a specific approach to product design, which allows automakers to use the same elements in different car models. By the way, this is indeed a global trend, because all cars lookalike, don’t they?
Of course, from the point of view of production and cost efficiency, lean is good and brings profits but assume that something dramatic happens with a “lean” supplier of a very small but very important part and in a moment, production of all Toyota models Yaris, Corolla, Lexus is affected. Well, maybe, not Lexus and Yaris together, apologies for simplifying (as a lean management and Lexus non-expert).

These long chains

Unfortunately, a nasty and hidden risks of lean management not only creates a threat of supply chain interruption (or even total business interruption) but also immediately sets off a reputational risk. Every journalist appreciates the good news of bad news coming from top business names, as Toyota is. And carmakers are undoubtedly on the top of their “Breaking news” agenda.
Of course, the competition, politicians and other risk “stakeholders” are not going to miss an opportunity. Just think about the scandal of alleged “self-accelerating” Toyotas. Incidentally, the case appeared to be faked and simply not true. It was finally explained in favour of Toyota but… who remembers it today, in a world of an electronic public opinion, mindless social media bringing a verdict of “guilty” in seconds?
Another “lean related” risk, that is common and important for business today, not only just manufacturing, is product recall. This is again a big headache for the automotive industry – see the “Das Auto” problem. Of course, product recall threat is well known everywhere, so we can repeatedly read about electrocuting hair dryers, contaminated infant food and lethal toys.

Only human

Last but not least, a risk related to lean management arises from a “human” factor. There are sociological studies pointing out that lean, as the most modern approach to work organisation, also brings de-humanisation of labour. Within global lean production chains employees can be perceived as another “brick in the wall” sacrificed for the sake of growing “value added” optimisation. Remember Charlie Chaplin in “Modern times”? Lean is king, so stay in line and produce, produce, produce…
Thus, even a quick review of the lean risk landscape shows that there are a number of not so “lean” risks related or even created by lean management itself. That is, on the other hand, no surprise because risk is everywhere and usually man-made. And for the protagonists and lovers of “clean” lean management, without a separate risk management process we can recommend Toyota’s corporate web page, where you can easily find a dedicated and separate risk management framework. As well as such typical ERM functions like CRO, Chief Risk Officer and Board Risk Committee. Because each new, even more sophisticated management solution in addition to new opportunities creates new risks of lean to manage.

risks of lean   risks of lean    risk of lean   risks of lean   risks of lean

Megaprojects! Why do they fail?


Why do Megaprojects fail? A short but a very interesting study on causes of biggest project failures with an excellent example of Seattle tunnel drilling.
Worth seeing as it briefly analyse root causes of typical Mega failures, unfortunately very typical and easy to predict…

Megaprojects ! Should we start them at all ?

Stratfor o Brexit-cie

Stratfor o Brexit-cie

Znany globalny thiink-tank, must read rynków finansowych pisze o Brexicie. Artyku darmowy, należy podać e-maila.


Terrorism risk

terrorism risk

How can we protect ourselves against home grown terrorism ? (video source)

Subscribe us with email.

terrorism risk, terrorism risk, terrorism risk,

Risk Management show killers.

Risk Management

Though this be madness, yet there’s method in’t.

There are two tools of Enterprise Risk Management that gain incredible popularity in  business nowadays: the first one is a risk
map (heat map) and the second one is a risk register. Describing a risk register in simple words – it is a tabular statement of identified business risks, their causes and effects, risk dimensions (Probability multiplied by Effect of an event) plus description of risk controls. There are project, departmental, corporate risk registers; even attempts to put together governmental risk registers can be found.

A risk map is, let me remind you, a visualisation of identified risks in a coordinate system (P and E). It looks convincing and appropriate for a Power Point presentation for your board of directors, but…just one important remark: a risk map is only a graphic “visualization” of the risk identified before in a risk register. It is not a tool for risk identification and analysis itself!
In fact, the existence of an active risk register simply proves that an organisation systematically manages its risks. However, the boards often declare management of risk while the answer to a simple question about a risk register is negative.
Creation of risk records, either in a form of a risk map or a risk register is certainly not a sufficient condition for effective risk management. Moreover, creation of such maps and registers
often becomes destructive and turns into a classical show killer of enterprise risk management implementation. Are you lost already? Let me explain it to you then.
A classical model of a risk management process, either described in ISO 31000 or COSOII standards, provides  for at least a few basic steps. They are: establishing the context – risk assessment
(including identification, analysis and evaluation) – risk treatment. That’s enough about theory. In practice companies begin their risk management adventure by taking first crack at an exploratory, promising, but labour-intensive task of risk
identification and description. This is done in accordance with the art of risk management and best practice, but… how often such art turns into art for art’s sake!
Typically, as a result of dozens risk identification workshops lengthy lists of risks containing hundreds of threats to the business are created, whereas their creators are not able to control them anymore! It is also a regular occurrence that a risk identification process lasts months longer than initially
planned (if there was any plan) and as a result risks that had been identified at the beginning of the process simply become history, unimportant rubbish in today’s fast changing business environment. Thousands of office hours were spent, hundreds of donuts (or, if you prefer, precels) consumed and litres of coffee drunk. Was it all worth it?  On the other hand, such big records, even if their creators are eventually very proud of them, bring
horror to management and co-workers. “How will we be able to manage five hundred risks?”, they think desperately.
Well, the lesson learned for Risk Management is: your risk register should be built prudently. And what quantity of risks “should” your company identify is another story for the next column.
The bad news is that falling into bureaucratic identification of risks, only aimed at recording and updating, is not the only peril on a risk manager’s path. The biggest challenge, and numerous surveys prove it, is a real life use of a risk register in decision taking. It is surprising how often, even open-minded managers that used to be promoters of the risk management implementation process take even strategic decisions in complete isolation from what can be concluded from risk registers and maps. And when a company fails people say that risk management has failed. Wrong!
Systematic management (and any type of management) requires regularity and determination. It is also true that managers simply do not have time to dig through large, sluggish risk management
registers. This is the way risk registers live their own life and boards live their own and only among those who were involved in risk identification frustration is growing. “What was the purpose of our efforts?”, they ask themselves.
Thus, there is another lesson to be learned: risk identification is one thing, evaluation the other, but taking risky decisions is a
completely different, much bigger challenge.