Unlocking the power of evidence-based decision making

Darren Mead, head of risk and audit at Progeny

When seeking to take advantage of a new opportunity or mitigating business risks, making evidence-based decisions at organisational, departmental or team level should be an obvious course of action. 

The Chartered Institute of Personnel and Development describes an evidence-based approach to decision-making as a combination of critical thinking and the best available evidence, rendering decision makers less reliant on anecdotes, received wisdom and personal experience.

In this article, we’ll explore the value of evidence-based decision making and steps you can take to adopt this in the workplace.

System One and System Two thinking 

As human beings, we often find it’s far easier and less time consuming to defer to our gut feelings or emotions when making decisions, also known as ‘System One thinking’. This operates on emotion and experience and offers a quick and instinctive way of coming to a decision. Driving a car along a well-known route is a prime example of System One thinking, as your brain responds almost automatically to the situation and stimuli. 

However, imagine you find the road is blocked by a breakdown and you are faced with having to decide whether to wait it out or attempt a three-point turn to head back the other way. This is where ‘System Two thinking’ takes over, which is rational, deliberate, slower and requires more effort and attention. System Two thinking leads to evidence-based decision making. 

How to employ evidence-based decision making

The above example not only demonstrates System One and Two thinking but also a step that is often overlooked, in moving from one to the other, which is based on actually identifying the problem or opportunity we wish to resolve. 

A simple method to help identify the problem and, in turn, to use System Two thinking to lead to an evidence-based decision can be to use a framework, such as that outlined below. Let’s use cyber-risk as an example within this framework.

What problem needs resolving, when, and who’s responsible?

In the cyber risk scenario, the threat is the ever-evolving techniques used by third parties to access client and company data through phishing, ransomware, malware attacks and social engineering that require urgent attention. This would be the responsibility of the Head of IT, with other stakeholders to support. 

What are the consequences for your organisation?

The threat of a breach in cyber security is incurring huge financial costs through capital losses, regulatory fines, increased insurance costs and costs of reparation of capital, systems and controls. There is also the threat of reputational damage eroding consumer trust and strategic damage through failure to meet business objectives. 

What are the assumed causes and evidence to support these? 

In the case of cyber-risk, all of the following could be assumed causes: a lack of awareness of a potential cyber-attack; poor understanding of the problems cyber-attacks and misuse could lead to; a lack of embedded learning leading to more diligent behaviours and actions; a lack of feedback after an event. 

Types of evidence 

Evidence comes in many forms, such as organisational data, scientific and industry literature, professional expertise and stakeholder values and concerns. All are equally valuable and to make a more informed decision, it’s usually advantageous to utilise a range of quality sources.    

One has to be mindful that if there is a lack of evidence to support a perceived problem, this should be recognised, otherwise the evidence may be skewed to prove a point rather than take a balanced approach.

Comparing System One and System Two  

If we think about the possible outcomes from System One and Two thinking in this scenario, the former is likely to resolve an initial issue but is less likely to focus on the underlying problem and its causes. However, employing System Two thinking means you initially focus on the problem to resolve, naturally steering you to produce a more considered, evidence-based action plan that is more likely to result in far-reaching, positive consequences.

One option is for firms to invest in data and analytics tools and expertise that will help them collect and analyse their own evidence. Firms can also consider providing internal learning and development on an evidence-based approach for their teams, or employing the services of a third-party consultancy or research firm who specialise in this area. 

The benefits of evidence-based decision making

Evidence-based decision making has already become a benchmark of best practice in sectors such as medicine and health care. When robust and trustworthy evidence is supplied, conclusions become more apparent, wider stakeholders can more easily understand rationale and future courses of action can be backed up. 

This does not mean that experience and judgment are no longer applicable. System One Thinking has huge value and entrepreneurs often build businesses on ideas whose origins stem from here. However, using System One and Two Thinking in tandem aids more effective and efficient decision-making and helps overcome bias, habit and cultural preferences. 

Darren Mead is Head of Risk and Audit at Progeny.