In compliance, risk management is more than a checklist. It is the ongoing discipline of identifying threats, assessing their potential impact, and implementing measures to mitigate or neutralize them before they cause harm.

Few Star Trek episodes illustrate the escalating consequences of underestimated risks as effectively as That Which Survives. In it, the Enterprise crew encounters a seemingly lifeless planet guarded by Losira, an alien projection who can kill with a single touch. Her purpose is to protect the planet’s secrets, but her method is indiscriminate, deadly, and poorly aligned to the situation at hand.

For compliance professionals, this episode offers five important lessons on anticipating, assessing, and responding to risks, both known and unknown, within an organization.

Lesson 1: Identify Risks Before Engaging in New Ventures

Illustrated By: The Enterprise arrives at an uncharted planet. Within moments, a mysterious woman materializes and kills a crew member simply by touching him.

Compliance Lesson. Too often, companies rush into new markets, partnerships, or projects without conducting a thorough risk assessment. This can expose the organization to sanctions violations, corruption risks, cybersecurity vulnerabilities, or operational failures.

Lesson 2: Understand That Some Risks Are Intelligent and Adaptive

Illustrated By: Losira targets specific individuals and adapts her approach to their vulnerabilities.

Compliance Lesson. Not all risks are static. Fraudsters change tactics, cyber threats evolve, and corrupt third parties find new ways to conceal misconduct. A compliance program must anticipate that some risks will actively seek to bypass controls.

Lesson 3: Don’t Dismiss Low-Probability, High-Impact Threats

Illustrated By: At first, the crew assumes Losira’s appearances are isolated incidents, but they quickly realize she poses an existential threat.

Compliance Lesson. Rare events, such as a single high-value bribery transaction, a lone rogue employee, or a targeted cyberattack, can have catastrophic consequences. Organizations sometimes underprepare for these scenarios because they seem unlikely.

Lesson 4: Risk Mitigation Requires Cross-Functional Coordination

Illustrated By: The landing party on the planet and the Enterprise crew in orbit are each facing threats from Losira, but their survival depends on sharing information and coordinating responses. Without clear communication, both groups would be doomed.

Compliance Lesson. Compliance cannot manage risk in isolation. It must work with legal, internal audit, operations, IT, and HR to identify threats and implement controls.

Lesson 5: Address the Root Cause, Not Just the Symptoms

Illustrated By: The crew eventually discovers that Losira is an automated defense mechanism left behind by an extinct race. Once the crew understands her origin and purpose, they can neutralize the threat.

Compliance Lesson. In risk management, addressing surface-level problems without finding the underlying cause only delays future incidents. Compliance should integrate root cause analysis into all investigations.

Final ComplianceLog Reflections

That Which Survives is more than a suspense episode; it is a cautionary tale about the dangers of underestimating risk. Losira was not inherently evil; she was a misunderstood, unexamined part of an environment the crew did not fully assess before engagement.

The compliance officer’s mandate is to ensure the company doesn’t make the same mistake: to scan for threats before beaming in, to adapt to risks that evolve, to prepare for unlikely but devastating events, to coordinate across the enterprise, and to address the root cause when problems arise. Risk management is not just about surviving; it is about ensuring that your organization thrives in any environment, whether it’s an unexplored planet or a rapidly changing market.

Resources:

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Learn more about your ad choices. Visit megaphone.fm/adchoices