Cognitive Risk is a book about the least understood but most pervasive
risk to mankind - human decision-making. Cognitive risks are
subconscious and unconscious influence factors on human decision-making:
heuristics and biases. To understand the scope of cognitive risk, we
look at case studies, corporate and organizational failure, and the
science that explains why we systemically make errors in judgment and
repeat the same errors.
The book takes a multidisciplinary and pedestrian stroll through
behavioral science with a light touch, using stories to explain why we
consistently make cognitive errors that not only increase risks but also
simultaneously fail to recognize these errors in ourselves or our
organizations. This science has deep roots in organizational behavior,
psychology, human factors, cognitive science, and behavioral science all
influenced by classic philosophers and enabled through advanced
analytics and artificial intelligence. The point of the book is simple.
Humans persist with bounded rationality, but as the speed of
information, data, money, and life in general accelerates, we will need
the right tools to not only keep pace but to survive and thrive.
In light of all these factors that complicate risk, the book offers a
foundational solution. A cognitive risk framework for enterprise risk
management and cyber security. There are five pillars in a cognitive
risk framework with five levels of maturity, yet there is no universally
prescribed maturity level. It is more a journey of different paths. Each
organization will pursue its own path, but the goal is the same - to
minimize the errors that could have been avoided. We explain why risks
are hard to discuss and why we systematically ignore the aggregation of
these risks hidden in collective decision-making in an organization.
The cognitive risk framework is a framework designed to explore the two
most complex risks organizations face: uncertainty and decision-making
under uncertainty. The first pillar is cognitive governance, which is a
structured approach for institutionalizing rational decision-making
across the enterprise. Each pillar is complimentary and builds on the
next in a succession of continuous learning. There is no endpoint
because the pillars evolve with technology. Enterprise risk is a team
effort in risk intelligence grounded in a framework for good
decision-making. We close with a call to become designers of risk
solutions enabled by the right technology and nurtured by collaboration.
We hope you enjoy the book with this context.
