It's worth the risk: Identifying and managing risk in CS

Mere mention of risk can set off panic for some. For others, they charge into solution mode.

It’s tricky because when you’re faced with risk in CS, it’s hard to know what the first step should be. What is the risk? What data can I trust? What shouldn’t I do? Who should I tell?

There can be a lot of noise that makes it difficult to understand what the right steps to take are, but the responsibility of a CSM is huge, and to forecast, prioritize and escalate correctly, we need to be comfortable in these situations.

Let’s start by defining it.

What is risk?

It’s something that’s not talked about often, but underpins the reason why some green accounts churn. Back in 1991, there was a popular song called, Things That Make You Go Hmmm…, that’s how you should think about risk. Anytime a customer says something that sounds out of the ordinary or makes you pause, you should ask yourself, is this a risk?

Of course there are the larger risks that are more obvious like a stakeholder changing, M&A, bankruptcy, but there are small risks that build up over time, like a snowball or risks that happen over and over again that seem fine, until they’re not.

Those are the ones we need to track closely and talk about.

CSMs can often be focused in on the moment - looking at the renewal coming up, putting together an overview like an EBR, and in those times, we can lose the aggregate - the customer had an issue three months ago, a director was promoted last month and then new person coming in isn’t friendly.

By logging those risks over time, you can see what’s going on with your customer. You not only get a deeper view of that specific customer, but as you look across your portfolio, you can see who has recent risks, who has significant risks, and spend more time with those customers versus going one customer at a time trying to figure out the current state.

Logging risk can also be more helpful than using your health score because it gives you the ability to analyze the previous risks and then determine what actions need to be taken.

Where can risk come from?

CSM teams should workshop this as a group according to their business/strategy.

• One contact at the customer account
• Customer is in a volatile industry
• Size of the company
• Region where the customer sits
• Transparent relationship
• Delayed or blocked adoption
• High number of support cases
• No support cases
• Lack of engagement in meetings
• Lack of responsiveness in communication
• No sponsor or champion
• Sponsor or champion is leaving company
• No new feature or product add
• Not leveraging expertise of CSM or support
• Poor experience with CSM, support, sales or proserve
• The account is single-threaded
• Low NPS/satisfaction rating

Managing risk

Managing risk can feel overwhelming. To provide clarity, write down risk when you see it. Trying to maintain it all in your head is the quickest way to feel overwhelmed and to potentially have things fall through the cracks.

Discuss the risk during team meetings to brainstorm solutions, and lastly, do retrospectives. Diagnose the churn or contraction to understand what caused it and once resolved, use that as a case study to learn from and share with your team.

A good way to share knowledge is to create a handbook on what the most common avenues of risk are and what the most common solutions are, particularly as new teammates join. A good way to organize this is tying the most common barriers you face in a lifecycle stage, to a set of common steps you can take to overcome them.

With risk, there’s nothing really new that happens. It’s the same type of risk, just with different circumstances. Eg. a customer may be purchased, a stakeholder may change, there may be a bug in the system, someone may not like the color of your product.

Using a handbook connects CSMs facing similar issues, allowing them to collaborate and document solutions that benefits future CSMs and equips the team with prior knowledge to manage risk effectively.

Further, categorizing risk, logging it and then making that information accessible helps to manage. Logging the risk in a consolidated format will help arm others in your organization be proactive in combating the risk. It’s a natural continuation of the customer success philosophy of being proactive and providing a single pane of glass of the customer.

The fear of risk

Another layer that makes risk tricky is that many of us have a fear of bringing up risk, worried that it will reflect poorly on us. For example, if I have multiple problematic accounts and my colleague has fewer, it’s difficult not to compare yourself and feel like you’re falling behind. But customer health depends on many other factors, it could be the industry that the customer is in, it could be that the account was a bad fit in the first place, the territory the customer is based in is struggling, etc.

It’s normal to fear repercussions like job security or added workload from reporting risk, so managers should make it a point to praise employees for raising risk rather than shaming them. Compensation should never be tied to identifying risk, but rather overall customer success. This will help foster a culture of trust within the team and allow more opportunity to collaborate on the best way to combat the risk.

It’s up to managers to make sure their teams feel safe reporting on risk.

Client risk doesn’t reflect personal failure. Whether caused by a mistake or not, the priority should be resolving the issue for the customer. Logging the risk, even if you’re involved, is the first step in combating it so it’s better to acknowledge and address risks than to ignore them, as they may escalate if left unattended.

Is the risk ever really over?

You have to know when it’s time to close out risk and how to gather different perspectives to help. Sometimes there are risks that you can’t resolve, like a product request that only benefits one customer that your product team won’t be taking on. In those instances, here are a few principles to consider:

1. Avoid surprises. It’s better to log risk and not need it than to need a risk and not have logged it.
2. The earlier the better. Risk represents potential revenue loss, so the earlier you can address it, the better.
3. Risk comes in different levels of complexity. Some can be handled independently by the CSM, others may require input from a Director or even C-suite level. Know which risk belongs at what level so you can triage efficiently and address the risk with the right solution.

At the end of the day, it’s the CSMs that own risk.

Regardless of its nature, the CSM is responsible for identifying it, logging it, reporting it and leading it through a resolution process.

Actions to take when it comes to risk

• Create a section in your notes to track risks from meetings. Discuss with your manager why you’re tracking these risks and what they signify. Keep a record of how you resolve these risks and the outcomes achieved. Set up a risk system in your CRM or CSP to track and address risks at a company level.
• Develop a spreadsheet to track key risk metrics that finance cares about, such as account name, type of risk, and reason for the risk. Make sure that CS leadership or CS ops lead the effort to maintain this spreadsheet
• Emphasize the importance of making it acceptable to flag risks.