Moving beyond risk management to antifragility


The amount of change in the world is exciting, but the combination of the level of innovation being generated by technology and the fierce competition of global markets means that we are seeing — and will inevitably continue to see — slip-ups. As IT professionals, what is our defense against slip-ups? We often try to make our IT services robust, standing strong in the face of change. Unfortunately, these good intentions have evolved into counter-productive IT orthodoxies in the government sector.

Let me give you a few examples:

N-1 is the philosophy of never deploying the latest release (sometimes called ‘N’) of a software product. Instead, they delay deployment until the release has been superseded by a later release, and often one or more service packs. They are operating on the belief that the deployment delay allows bugs to be spotted and remediated before the organization is exposed to them. Unfortunately, it really means the organization’s users are starved for the latest features and functions, which means the organization’s performance suffers accordingly.

Freeze Periods are the practice of designating certain times of the year as “too critical” to permit IT changes to go into production. Over time, the freeze periods take up more and more of the calendar until eventually no changes can be implemented at all. Again, the organization’s users are starved for the latest features and functions, and the organization’s performance gradually drags behind the pace of change in the environment.

Change Control Boards impose increasingly long lists of reviews and schedule constraints. The change process takes more and more time, mostly involving humans checking that other humans filled in forms correctly, rather than checking that the right changes are being made. Change Control Boards are often better called Change Prevention Boards. One government CIO remarked, “Our change control process has left us two years behind on patches. We’re actually more vulnerable because of our compliance processes, not less.”

Architecture Standards and Guidelines attempt to provide guardrails for technical compatibility in pursuit of “backward compatibility” but all too often raise barriers to the introduction of new technology. In the worst cases, the enterprise architecture team becomes known as the Department of No.

All of these techniques started out as well-meaning attempts to avoid risk, but they actually ended up increasing risk. So what do we do instead?

Antifragility trumps robustness

Author Nassim Nicholas Taleb argues in his book, Antifragile: Things that Gain from Disorder, that the opposite of fragility is not robustness, but antifragility. Antifragile systems actually benefit from chaos, shocks and change. For example, biological systems actively benefit from shocks and change — stress wood forms when part of a plant is subjected to mechanical stress like wind. Without stress wood, a tree can grow quickly, but it cannot support itself fully. Similarly, our bones and muscles are made stronger by the stress of weight-bearing exercise.

Arguably, the goal of 21st century organizations is not just to be robust in the face of unexpected and undesired shocks (the conventional risk management perspective), but to be antifragile to get stronger from expected and unexpected change, as our Leading Edge Forum asserts.

This means getting better at three things:

  • Sensing
  • Choosing
  • Changing

What can we do to become antifragile? 

First, sensing. If we know what’s coming — both opportunity and threat — we simply have more runway to exploit it. This presupposes having the skills and knowledge to understand and evaluate what’s coming. Experimentation — consciously and continuously launching numerous small experiments in the real world (not the lab) — is a powerful technique for sensing.

Second, choosing. In times of stasis, the number of choices and the amount of VUCA (volatility, uncertainty, complexity, ambiguity) surrounding those choices are limited. In highly complex, chaotic times, the opposite is true. We have to continually make smart, strategic choices, even in foggy conditions. “Meat and potatoes” disciplines like value-based management, combined with more sophisticated overlays such as scenario planning and option valuation, can help us be more antifragile in the face of change.

Third, working on our ability to change is a powerful tool in the quest for antifragility. Underlying this are a whole host of disciplines, including agile methodologies, DevSecOps, collaboration, transparency and fluid organizational structures. But perhaps most important is a culture of change. How much change can your organization handle?

If you accept too little change, you will get left behind by rapid shifts in citizen expectations (on the demand side) and the IT industry (on the supply side). By contrast, the more change you implement, the more change you can implement. If we want to win in the 21st century, we must strive not just to be robust. We must strive to be antifragile. Embrace change and action over stability and inaction.


If you’re not enabling innovation, you’re enabling failure




  1. This is a good point, it is good to think about what being antifragile in various fields means. I am used to thinking about it in terms of personal finance (emergency fund, proper diversification), but cyber security is essential!

    Do you have any suggestions for an individual being antifragile in a digital age?



  1. […] Moving beyond risk management to antifragility […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: