There is no better way to convince a potential customer that yours is the right company for the job than to demonstrate a true understanding of the risks the program will be up against and to come up with plans to mitigate those risks upfront. But in many proposals, the risk management section ends up as a missed opportunity to shine at best and a setback at worst. Rather than showcasing a real knowledge and understanding of the program and proposed solutions, the risk section falls flat or actually does harm.
It happens for two reasons:
- One reason is that many proposal teams fail to put enough time and consideration into developing a solid risk section. They assign one author to write it and then shift their focus to other work. What they do not realize is that great risk sections are usually born from hours of intensive brainstorming and input from every key player who truly understands the program. Instead, the process by which most risk management sections are written leaves little room for success. It is impossible for a single author to draw out and evaluate all of the program’s risks.
- The second reason is that the wording of many risk statements fails to represent the company as an expert, and instead hurts the company’s chance of winning. Often risk statements tend to follow this train of broken logic: “If we fail to provide such and such (with “such and such” standing for something that is expected from any good company doing well in this line of business), this horrible thing will happen.” This type of risk and mitigation statement reads like an exercise in shooting oneself in the foot. Essentially, it says to the customer, “If we do not know what we are doing and we fail to do what any decent company should do if it wins the bid, then we will fail.” Do not offer a risk like this and then couple it with a mitigation such as, “But we do know what we are doing.”
The examples of “risks” cited above do belong in the proposal, but only as elements of the technical or management approach, and not as components of the risk section.
A good “do” for risks is to avoid representing as a risk anything that is within your company’s control as well as anything that any reasonably good company would do in this line of business. The kinds of risks you need to show in your proposal must be those external to the company’s own abilities to plan and manage the program well, or, in other words, those that are inherent to the nature of the job.
There are only three categories of risks that should be presented in proposals:
1. Risks caused by lack of information or knowledge about the project that could only be gained in the process of project execution;
2. Risks caused by lack of control or resources to deal with external events or authorities; and
3. Risks caused by lack of time to complete tasks sequentially and methodically.
It is critical to remember that the only way to come up with solid risk and mitigation content is to collaborate as an entire team rather than tasking a single author. Even if there is no requirement for a separate risk section, risk analysis is still all-important. Discussion of applicable risks and mitigation strategies also should be included in each section, to showcase your understanding of the job at hand. In your brainstorming session, it is a good idea to have a mediator who can point out the holes and flaws in your risk ideas. A mediator will also ensure that you avoid the pitfall of inadvertently stating as a risk that your company is unfit for the job, and then stating for the mitigation that your company is – go figure – fit for the job. Make your risk statements work for you, since they can be pivotal in convincing the customer that yours is the right company for the job.