4 Tactics for Navigating Risk
pages from the corporate innovation playbook
Corporate Innovation Groups (CIGs) are often on “offense” when it comes to new product development and technological innovation, particularly when it comes to engaging the market and mitigating market-facing risks. But CIGs also need to start being more offensive in the way they tackle internal risk, so they don’t get stuck playing a purely defensive game down the road. Overall, when it comes to succeeding at corporate innovation, defense alone can’t win, and offense can’t be purely externally focused (that is, on the market). Innovation requires constant vigilance and proactivity, and in the corporate context it requires an extra dose of both and careful, intentional sequencing.
In studying a diverse subset of CIGs–many of which were Silicon Valley based innovation labs–we found that when it comes to risk, CIGs end to run into three distinct failure modes when it comes to risk navigation:
1 | They don’t think about it at all, because they’re asked not to(!)–and deactivate the risk radar entirely, thinking like this:
“Worrying about risk will just slow us down; we’ll think about it later if we have to, but for now just get going...”
2 | They think of themselves as the group internally whose job it is to run straight on into risky territory, and toggle the risk appetite up to 100%–turn into a risk homing beacon, operating with this mindset:
“Risk is an inherent part of innovation, so let’s not get mired in our classic risk aversion—be risk-friendly!”
3 | They think about risk all the time, and spend a lot of effort de-risking the project the way any startup might (e.g. needs-finding research, testing assumptions, looking for “Do" data via in-market experiments)...but they fail to navigate INTERNAL risk early enough to set themselves up for success, thinking:
“Our main risk comes from the market—competition and consumers, specifically—so we should prioritize our focus on that."
Let’s talk about what we believe to be a healthy way to think about risk: not ignoring it (scenario #1), not mistaking running smack into it as “being bold” (scenario #2), and not obsessing over the market-facing risk to the exclusion of the internal risk (scenario #3). Here’s some informed perspective to share, and also some early ways you can set up your teams to navigate risk prudently and affordably.
Consider Project Risk and Internal Risk
The former is much more common, and more commonly dealt with—for example, customers seem to like a concept, but will they stick with it over time? That’s a common project-related risk that is handled via good research design. But what happens when people love the concept, but the company doesn’t?
As we heard with one interviewee:
“We tested it and people loved it. We found partners to help us deliver it… But it was beyond the guardrails of how much the company was willing to stretch. It received high marks externally, but not internally. So it got killed.”
Co-create KPIs with Sponsors
What the example above doesn’t say is that the project got killed way too late in the process. The team could have involved the key sponsors, especially those who would own the concept after it’s left the CIG, earlier on and co-created evaluation and success criteria to hold it up to. This would have exposed the internal risks and helped direct the concept around or over those internal hurdles, which ultimately sprung up and killed this external success. Plus, when sponsors get hands-on with the approach, they are more bought in to the output as they feel an added dose of ownership—the impact of which cannot be understated.
Here are some things we heard in our research about the importance of doing (or stakes of not doing) this:
"Everyone said, 'We're going to learn and iterate.’ We got about six or seven months into identifying the opportunity, got an MVP, got it quickly to market, learned at every step…and the executives didn't like it. They wanted more due diligence, more market analytics, more, more, more upfront before we did anything. Within seven months, I had to redesign the front end of our working model to align with their wishes."
“In the end, getting the real senior exec support of it, they were not willing to take on the risk. The team didn't bring the SVP along with them… They could have found out ‘No.’ The senior leader was never going to take that risk on.”
Build Connective Tissue with the Recipients of the Innovation Work
Identify and engage willing partners in the business who will both fund and scale the work coming out of your CIG. Creating early connective tissue between the mother organization and the innovation group wards of some of the envious or, worse, competitive mindset that can creep in over time. Further, knowing the pathways an opportunity could follow, and getting unambiguous evidence that select partners in the core business along those pathways will both support and, as appropriate, receive the output of the CIG, will help seed a robust pipeline of work that is starting with a strong foundation for internal success. Not all lines of business need to be pre-enrolled, so choose your early clients and focus on those who don’t take a lot of convincing.
"One project was getting traction, people were using it and found it easy to use. It was able to be profitable. The problem was that no one thought about what if this actually works? What if it starts to steal people from the core product? There wasn't an, ‘If it works...then what?' conversation."
"Make sure that you're building your project from day one and have an internal client who has committed to scaling it."
Play Offense Early and Often
When managing risks, it’s good to be on the offensive. After all, defense doesn’t win championships by itself! But, it’s hard to make the space for offense sometimes, and to know where to allocate your offensive resources. We heard innovation leaders tell us what went wrong downstream and tracked it back to upstream elements—many linked to the above. One additional element to add into the mix here is about setting a tight scope with the CIG’s charter, critically specifying what is not in scope for the group. This sets permission levels for the broader organization, executives and others who might influence the project pipeline, and pre-bakes the foundation on which the CIG can say no to projects that are a poor fit with its mission.
"They had said that they wanted something farther away from the core business, but when we started presenting opportunities like that, it's not really what they wanted. I realized, okay, in the short term, it's not exactly where we wanted to be, but I had to create legs under [our CIG] to get the confidence of the board that we could deliver value, hoping we’d get permission later on to move the board to something farther beyond the core."
"We were told that it didn't need to generate revenue, but then a new leadership team came in, and they said that it needed to be revenue generating… if not, we’d be done. I don't think I thought about that—asking, ‘Is our mandate still the same?' with new leadership. We should have asked, 'What are your goals, and let's talk about how we can serve those.'"
Ultimately, if you don’t think about risk in a proactive way early on, around this handful of critical issues and elements, then you might get stuck playing a purely defensive game later on, one that will limit your ability to succeed on all fronts.
To reiterate the success tactics from above, here they are:
Think about risk internally as well as externally
Co-create measures to use, and when to use them, with key sponsors
Build connective tissue with those who will ultimately own what comes out of the CIG
Choose your “customers” — identifying the most aligned and willing recipients of the CIG’s output
Address the most make-or-break risks as soon as they reveal themselves — and go on the offensive to mitigate them
Pre-set the scope boundaries for what’s in and what’s out of scope for the CIG
What else would you add to the list? What early moves has your innovation group made that paid dividends later on?
- Clay Maxwell (firstname.lastname@example.org)