As climate change, digital disruption and geopolitical instability pose increasingly interconnected and unpredictable forms of business risk, trust is more fundamental than ever in building resilience
Trust is one of the most powerful currencies in business. It’s also one of the most volatile. Just as it can take decades to cultivate, it can be squandered in an instant.
In business, even with the best risk management systems in place, setbacks are bound to occur. It is imperative, therefore, that firms avoid staking their reputations on an improvised crisis response and become strategic about how they earn and nurture trust.
Trust = integrity + transparency + resilience
At Schneider, we have developed a framework to look at trust from three vantage points. The first is integrity; this entails creating a hospitable context for principled behaviors. The second is transparency, which involves fostering objective, transparent and data-backed decision-making processes to earn and sustain trust. The third is resilience, which is focused on ensuring thoughtful, considered risk taking throughout the organization.
Inspired by the National Institute of Standards and Technology (NIST) framework, which is well known among cybersecurity professionals, we look at risk as a learning cycle, from identification of potential risk vectors to recovery from incidents and “postmortem learnings”. So, this is about more than just raising defenses; it involves engaging with our ecosystems, from relevant authorities to impacted parties, and working with them both proactively and when incidents occur.
Trust must, therefore, be integrated into your risk management approach both to the “left” and to the “right” of the “boom” – to adapt a planning tool derived from military theory.
Taking “boom” as metaphor for an unexpected, adverse event, “left of boom” refers to putting frameworks in place to identify, assess and mitigate potential threats before they happen.
Similarly, “right of boom” refers to the response after an incident has occurred. It entails your direct, technical recovery of the problem, your systems for engaging with stakeholders to maintain transparency and, crucially, your post-crisis review, reform and learning process.
Such an approach builds trust in the integrity of your response, the quality and transparency of your decision-making process and your resilience when faced with unforeseen events. And it will help ensure that your relations with customers, business partners, employees, investors, policymakers, and the communities in which you operate can endure temporary adversity.
It’s precisely this foundation of trust that forms the basis of a business equipped to weather disruptions. And in the current global environment – where companies face increasingly rapid and unpredictable change – building and retaining such trust is more important than ever.
Planning to embed trust and enhance business resilience
Of course, this all entails planning. Even the best intentions from leadership cannot generate and maintain a culture of trust: only concrete, actionable systems, mechanisms and policies can do that.
Nor can trust be implemented effectively where it is siloed or treated as a narrow departmental competence.
A trustworthy response to any incident is a multi-stakeholder endeavor, not just inside of your company (encompassing, for example, your IT, communications, customer relations, and government relations teams), but also within your extended ecosystem. Businesses must, therefore, work to maintain open and accessible lines of communication with impacted stakeholders and adopt proactive steps to explain what’s happening and what’s being done to address the issue, quickly.
Ultimately, it’s essential to embed a culture of trust across all levels and parts of your organization and ecosystem. Our own Trust Charter aims to do exactly that. It outlines the key principle of trust in addressing a range of issues, from insider trading and supply chain transparency to workplace equality, financial compliance and data security.
For relying on behaviors – as important as they are – is not enough. The objectivity of the decision-making process, and the thoughtfulness of an explicit enterprise risk framework, are equally as critical and complete the “trust trilogy”.
Building the “muscle” of trust in a digital age
Growing cybersecurity risk. Accelerating climate change. Rising geopolitical instability. Technology shifts. Soaring energy prices. All this means disruption to business operations is not just likely – it’s inevitable.
And when it comes to cultivating and maintaining stakeholder trust, it’s not simply our capacity to anticipate and avoid setbacks that counts. As important is the frankness with which we recognize the inescapability of adverse events, and the priority we afford to maintaining stakeholder interests in the design of our mitigation, reparation, and review processes.
This is even more the case when your business moves at digital speed. In this context, digital trust necessarily becomes a central component of your overall trust foundation, raising the stakes associated with threats and accelerating the speed required to respond to setbacks.
Trust, ultimately, functions like a muscle. It must be trained regularly, and can only be cultivated through consistent, dedicated effort, as there is no time for improvisation when we need it. In our digital age, more than ever, it’s time to talk about trust!