Why a digital risk assessment should sit on every board agenda

(Image credit: Image Credit: NakoPhotography / Shutterstock)

The term digital risk can entail everything from security to data management. Today, almost every aspect of doing business is digital in some regard or another, which makes grappling with this vast, seemingly endless landscape of risk management a monumental challenge. But it is possible. For that, look no further than Amazon. The poster boy for digital and internet-based brilliance. Next month, 9 July, is Amazon Prime Day. A global 36-hour event for consumers to purchase products exclusive to Amazon at discount prices.

Reduce risk, boost the bottom line

As a company, Amazon has done so many positive things but arguably none more so than its management of digital risk. Not only is this quite a feat considering its size - the bigger the company, the bigger the risk exposure. But this is impressive because despite all the variables in product, market and geography it has a clear and consistent success metric the entire organisation is wedded to - maintain excellent levels of customer service that fosters loyalty and encourages repeat purchase.

But not every company can be an Amazon. So what about everybody else? How can other businesses place a greater stock on the digital customer experience and, more pertinently, quantify it in a way that boosts the top and bottom lines, while reducing the risk. Not only do these metrics vary from organisation to organisation, they often vary from department to department.

Set up to fail?

When a famous automotive company used the slogan, ‘isn’t it nice when things just work?’ in an advertising campaign, it landed on a universal truth that goes way beyond consumerism. This has only been amplified in the years since through the proliferation of social media and improvements to technology. Yet, we still see and hear many instances from quality assurance (QA) teams over failed tests. These are the team in a business responsible for preventing mistakes and defects and avoiding problems when delivering products or services to customers, so that should come as no surprise. But the disconcerting issue is not that these teams what to fix the problem, but that they simply need the software to pass the test. Same ends, but vastly different approaches and attitudes.

This is because these teams are specifically KPI'd to pass tests, which is setting them up to fail when it comes to aligning to the greater good of delivering excellent customer experiences. They're paid based on test success, the number of tests and how many tests are run when instead they should be being assessed based on experience, customer satisfaction and business outcomes. This means the digital risk assessment phase is critical. Behind the scenes, QA teams need to look intelligently at new platform releases - focussing on what has changed, who changed it, what customers are really doing and what implications this could all have. New features, developed by less reliable programmers, could be troublesome. Enhancements to customers’ favourite features need a lot of focus - so as to not mess it up. Ensuring enhancements haven’t impacted not just the functionality - but also the performance and responsiveness are key. Amazon reckons its revenue reduces by 1 per cent for every 100ms increase in response times! Most major online retailers and media outlets have similar stats.

So rather than the number of tests run, next-gen QA metrics look beyond the ‘happy path’ of the customer journey to include coverage, bug density and risk in terms of the code quality, performance and usability. Combined, all these measures add up to one risk - will the consumer experience of this product be excellent, leading to outstanding outcomes for business and consumer?

Flying blind

One of the biggest challenges we see is that businesses often don't know how much they're spending on testing. They’re flying blind. In fact, it's the biggest pinch point in the release of software now because there are three options. The first, and by far the least attractive is to do none (testing) and risk disaster. Thankfully, this just simply isn’t viable for most credible businesses but even large organisations sometimes need to get sites or products out quickly and skip critical steps.

Then there is the traditional testing route, which helps eliminate bugs, flaws and potential crashes but doesn’t give an accurate picture of digital risk to the customer experience (see earlier example). Of course, neither of these are ideal. Which leaves option three. Detailed digital risk analysis that starts with the overall objective and works backwards from there, ‘what is it that's going to make me successful and what are the risks?’.

And just to prove that even the best sometimes get it wrong, remember that Amazon crashed last year on Prime Day. Shoppers began having issues connecting to its website shortly after it kicked off. Some frustrated customers, unable to access or complete purchases on the website, threatened to cancel their Amazon Prime subscriptions, which were required to shop with the sales. While the site was only down for a short time, to put into context how critical testing is to mitigate digital risk, the downtime is estimated to have cost Amazon $72 million to $99 million in lost sales.

Companies are digital products

Aside from the gargantuan number involved, this is critical because today, companies don't just own digital products, they are digital products themselves. The big internet powerhouses, of course, but this translates right through to new companies like Monzo or Revolut. There are many more examples when, if the technology fails, the company fails and the overall business health and viability is based on its digital assets.

And we’re going to see this more and more. Delivering an excellent digital customer experience is no longer about websites or load time. It’s about ensuring the entire business ecosystem understands digital risk and how to best reduce it.

Dr. John Bates, CEO, Eggplant