Risk Decision Makers Are Investing in Gamification: What That Means and Why You Should, Too

A gamification-based solution can aid in creating an effective crisis risk management strategy.
By: | July 8, 2019

When a large nonprofit organization looked to develop a better crisis management risk assessment planning strategy, it decided to get into the game.

Specifically, it chose a solution that uses game theory and gamification, among other tools, to assess and defend against potential crisis-driven risks. By going that route, the nonprofit also avoided the more traditional time-consuming risk assessment path of interviewing key experts, conducting a survey and stocking up on any related, and relevant, external research.

The nonprofit connected with BDO, an accounting and advisory firm, which in January 2019 acquired Lootok, a business continuity and crisis management consulting and technology company in New York City.

Post-acquisition, BDO today offers Lootok’s approach, which integrates military models, cognitive science, design thinking and game theory with industry risk management standards to create new ways of understanding the disciplines of business continuity, crisis management and enterprise risk management in general, according to Sean Murphy, Lootok CEO and BDO managing director. Murphy leads BDO’s crisis management and business continuity practice.

How Does ‘Gamification’ Work, Anyways?

BDO helps clients see crisis management differently through gamification.

Here, the gamification concept is not a computer-based platform, but rather it involves workshops that help executives focus on being flexible and ready for the unexpected, considering several “what if?” situations and how to react to them should any number of crises happen.

For example, BDO’s gamification model had the nonprofit’s leadership group play Attackers and Defenders™, an example of one of BDO’s risk assessment games. In the workshop setting, BDO assigned participants to either the attacking or defending team. Each team defined what assets to attack/defend and explain how and why.

Murphy, who founded Lootok in 2006, relates that the gamification model gets at the key ingredients of risk — asset-threat-vulnerability — in a highly-competitive group participation setting that provides context and a new way of seeing the risk management function.

Long-term, it also can help move risk management from being mainly an administrative function to a more strategic role within the organization.

“In our workshops, the risk dialogue is so rich we record the sessions,” said Murphy, adding that the nonprofit client’s gamification session was only supposed to go for 45 minutes but the group of decision-makers continued for over two hours.

“It changed the way the nonprofit looks at risk because of the value of the many individual inputs with context and discussion, rather than the old way, which is data collection in isolation,” Murphy said.

“It allowed this organization to focus on the twenty percent of threats that create eighty percent of the risk. At the end, participants totally agreed on the results and actions that need to be taken according to each scenario.”

Overall, Murphy said, BDO helps organizations of all sizes and industries transform their risk programs through four pillars: risk assessment, program design, self-service technologies and activity-based learning and engagement (the game theory angle).

Most of all, he notes, it offers alternative ways of thinking when it comes to building a solid business continuity or crisis management plan.

In a second gamification-based example, this time a business impact analysis situation, the traditional method would once again primarily focus on interviewing and/or surveying functional leaders to define the process’s critical path. Murphy said it is typically performed in isolation, with the data aggregated and then reported out.

Following BDO’s gamification model, a client instead would play the firm’s Critical Path Activity game. Here, functional leaders fill out large process cards and place them on the wall under the appropriate Recovery Time Objective. Functions are color coded to help with pattern tracking and insights.

“Because the information is on the wall in plain sight, it allows participants to visualize relationships and comparisons,” Murphy said. “And that in turn creates healthy conflict and dialogue on the time sensitivity of processes.

Learning How Decisions Are Made

A large manufacturing client, for example, played the Critical Path Activity game and it changed with way the company held inventory. Today the new process is integrated in all of the company’s spending decisions.

While Murphy said some of the traditional thinking on crisis management planning via existing data collection techniques is certainly not obsolete, in the end they don’t build true value for the organization.

“We want to help build that expertise and to do that, we need to understand how people make decisions in complex, ambiguous environments fraught with uncertainty,” he said, adding executives typically ask, “Where’s my plan?”

BDO tells them that as executives, their job is to create the plan based on the context of a situation at any given point in time and the relationship between the threat and the organization’s operating environment.

Most of all, Murphy said, gamification has delivered richer, deeper data than the old models, and it does it in a fraction of the time.

“Our series of workshops involve twenty to forty-minute game activities that truly create rich, actionable data collection and analysis in a group setting,” he said.

“We’ve seen how that can be a powerful way to create a risk assessment strategy. And clients are able to apply their learning to multiple situations. Plus, people seem to really enjoy working this way.” &

Tom Starner is a freelance business writer and editor. He can be reached at [email protected].

More from Risk & Insurance