Perfect is the Mortal Enemy of the Good: Why Minimum Viable Risk Practices are Perfect

By Melanie Lockwood Herman

Seasoned hiring managers and interviewers often listen carefully for an interviewee’s response that acts as a red flag waving “don’t hire this person!” For me, it’s a statement like this: “I’m a perfectionist,” or “My biggest weakness is that I don’t want to stop working on something until I get it right.” My interviewer’s ‘spidey sense’ translates those statements into something decidedly less flattering: “I frequently miss deadlines and rarely, if ever, finish anything assigned to me.”

The French writer and activist Voltaire is credited with coining the familiar expression pitting good enough against perfect. In his Dictionnaire philosophique, he quoted an Italian proverb, “il meglio è nemico del bene,” which translates to: “best is the enemy of the good.” I’m often reminded of this expression when my team is asked to provide a ‘best practice’ example in the risk discipline, or worse, tell an organization that its approach to risk management reflects ‘best practices’ in the nonprofit risk management realm.

My team specializes in helping nonprofit management and governing teams design built-to-suit, solid risk practices that can be immediately integrated. Yet time and time again, we’re asked to describe simply and clearly—in a one-page checklist if possible—best practices for all nonprofits. Our heretofore deep dark secret is that they do not exist. Instead, what exists is a collection of approaches that may work wonderfully in one setting and represent a disastrous fail in another. From the framework for a risk team to elements of your hybrid work (or return to work) policy, risk systems and tools cannot be engineered to function flawlessly no matter where and when someone presses the start button.

This week I’ve been reading Effortless by Greg McKeown. In Effortless, McKeown reminds the reader of the somewhat counterintuitive principle of a “minimum viable product.” Tech types have long revered this principle for the indispensable role it plays in agile development, and I believe its application in nonprofit risk management has the potential to add significant value. McKeown shares the following definition of the concept from Eric Ries, author of The Lean Startup: “that version of a new product which allows a team to collect the maximum amount of validated learning about customers with the least amount of effort.”

At NRMC, we’re privy to many risk frameworks and processes that are Rube Goldberg-inspired rather than motivated by the truth that memorable and straightforward risk tools are far more likely to stick. Examples include:

  • Risk team charters that feature a litany of tasks and roles covering a confusing assemblage of legal, ethical, financial, and other responsibilities
  • Overpopulated risk registers that seem to self-spawn endless new columns and categories
  • Incident report summaries with brightly colored bars that beg the question: ‘what’s going on here?!’

If you’re guilty as charged of overcomplicating your risk tools and practices, I urge you to take inspiration from Voltaire and McKeown and embrace the challenge to develop ‘minimum viable risk tools.’ Experimentation and taking your toys for a test drive are far more meaningful than getting it right the first time. Learning awaits! Buckle up to witness your risk resources evolve and become more memorable and relevant over time!

Game to give it a go!? Try one of these three experiments:

  1. Create a simple Risk Accountability Framework that illustrates and explains who manages different types of risk in your nonprofit; take it for a spin this fiscal year and then debrief to identify and iron out the kinks.
  2. Create a simple Risk Dashboard that depicts 3 trends or developments your risk team is focused on this year. Show it to an oversight group and ask: What are your key takeaways? How will this be helpful as you make critical decisions in the weeks and months ahead? Does this visual inspire confidence that our team is managing risk appropriately? What did you expect to see that you’re not seeing? What else do you want to see in a future dashboard?
  3. Create a short Risk Glossary, defining key terms using unambiguous words everyone understands. Extra Credit: create definitions without copying and pasting from a browser!

Overachievers Anonymous

McKeown explains that “Overachievers tend to struggle with the notion of starting with rubbish; they hold themselves to a high standard of perfection at every stage in the process. But the standard to which they hold themselves is neither realistic nor productive.”

In risk practice (and in life), striving for perfection is a Sisyphean endeavor. Just as you’ll never again look exactly the way you did 20 years ago, so too should be the expectations for your risk program. Instead, you should cultivate this process to evolve, mature, and, ultimately, get better with age! However, this progression isn’t possible if you’re still stuck at the start line. Embrace your rough ideas. Banish any image of perfection. Rest assured that a serviceable tool you can use to navigate uncertainty is far more helpful to your mission than a never-finished framework marked ‘draft’ in permanent ink.

Melanie Lockwood Herman is Executive Director of the Nonprofit Risk Management Center. She welcomes your calls and emails about bold experiments creating and piloting risk tools or questions about NRMC’s educational and consulting offerings at 703.777.3504 or