The Here and Now vs the There and Then

On the inherent temporal skew inside every change-management risk assessment, comparing a future we’re hoping to engineer against a present that won’t survive to meet it.

Two diverging paths into the distance — the future with a change made and the future without it

June 2026. Part of an expanding treatise on aviation risk methodology.

Welcome back to the next instalment in the aviation risk trilogy which has comprehensively repudiated any association with, and disavowed any pretence of actually being one. In the previous instalment I left you with a proposition built from experience that some will find challenging: that compliance and safety are quite different animals, and that the gap between them is where the next systemic failure has quietly assumed residence. The natural follow-up question which a number of you were good enough to ask is why. Why does that gap open at all, and why does nobody seem to notice it widening until something falls into it? This instalment, Part 7 of 3, will attempt an answer. It will, I’m afraid, require us to think carefully about time, which is the one variable that risk assessment routinely overlooks outright or otherwise pretends is a constant.

Every risk assessment of a proposed change — every ‘change management’ assessment, in the language of the safety management system — is, at its heart, a comparison between two states of the world. The world with the change made, and the alternative world without it. We weigh the one against the other, decide whether the difference in risk is acceptable for the forecast outcome, and either proceed or we don’t. Simple enough. The trouble is that it is almost universal that we compare the wrong two worlds.

Comparing the Wrong Two Worlds (when future you hasn’t aged)

It’s axiomatic when measuring change that the comparison we ought to be making is: the future state with the change made against the future state with the change not made. Both in the future, because the future is when the consequences of today’s decision actually land (we’ll look at the universal inadequacy of completely discounting the complexity of transition between states at another time). A change, once made, takes effect over time; the world we are trying to influence is the world as it will be post-change, not the world as it is.

Instead, here is the comparison which is almost always made: the future state with the change made against the current state — the world as it is right now, today, at the moment of assessment. We compare a future against a present. We compare the there-and-then against the here-and-now.

This looks like pedantry. It is not. It is the single most consequential error in the discipline, and almost everyone makes it, because the substitution is so natural as to be invisible. The future-without-the-change is unobservable, it hasn’t happened, and now that we’re contemplating the change it may never happen. The present, by contrast, is the one state of the world we can actually see, measure and document. So we reach for the thing we can see and quietly press it into service as a stand-in for the thing we can’t. We assume that the future-without-the-change will simply be the present, continued. That assumption is the risk-management original sin, and it fails in two distinct and compounding ways.

The Frozen Baseline

The first failure is that the world does not hold still while we deliberate. The do-nothing future is not the present continued ad infinitum. It is the present plus several years of everything else moving.

The baseline, the state against which we measure the change, is assumed to be stationary for the life of the assessment and, implicitly, forever after. But nothing about it is stationary. The fleet ages. The duty cycles intensify. The traffic density climbs. The workforce turns over and takes its corporate memory out the door with it. The materials fatigue, silently. The threat environment mutates. The aircraft, airports and avionics all around you modernise whether you choose to participate or not. New competitors with new capital structures and new technologies emerge. Electing to do nothing does not buy you the comfortable stability of today. It buys you the distinctly less satisfactory experience of standing still while everything else moves, which is not stability at all, but a steady erosion of your relative position.

In that same instalment, we reviewed how stale regulation can lead to compliance assessment entirely appropriate for the metallurgy and operating environment of 50 years ago still being applied into 2026 and beyond. The operator who continued to comply did not hold the risk constant. They held the compliance assessment constant while the risk underneath it varied, because the construction materials, the duty cycles and the operating conditions had all moved on without it. A frozen baseline is a moving target with a fresh coat of paint applied as a trompe-l’œil to make it look like a fixed point. Assess a change against it and you are measuring the change’s effect against a world that will not exist.

The Cost of the Road Not Taken

The second failure is subtler and, if anything, more dangerous. Even if the world did hold still, treating the present as the do-nothing baseline smuggles in a further assumption: that declining to make the change carries no consequences of its own. That ‘no’ is free. That inaction is the neutral, default, costless option against which the reckless business of doing something must justify itself.

It isn’t. Inaction is a decision. Declining to fit the new warning system, declining to update the training syllabus, deferring new operating software, declining to renew the fleet, declining to amend the interval, declining to make a decision; each is a positive choice with its own consequence stream, every bit as real as the consequences of acting. The road not taken still goes somewhere. We simply don’t map it, because the risk register logs the hazards of actions and is conspicuously silent on the hazards of omissions. The null option escapes assessment precisely because we’ve framed it as the absence of a decision rather than as the decision it actually is. No Decision is still very definitively a decision — it just escapes the tedious recording, obligatory sign-off and career-limiting post-event reviews that accompany positive decisions.

The elusive concept that genuinely matters here has a name: differential risk — the difference in risk between the two future states, the change made versus the change declined. Not the absolute risk of the new world measured against the comfortable familiarity of today, but the delta between two futures. And the moment you frame it that way, a subtle but crucial systematic bias in the whole enterprise risk assessment architecture slams into focus.

The Rigged Ledger

Change-management risk assessment is structurally rigged against change. The hazards introduced by a change are listed as known (even if it is only three of the four Rumsfeldian quadrants, see the earlier discussion): you can see them, name them, score them, assign each an owner and plan a mitigation. The hazards avoided by the change — the deterioration of the do-nothing future you’ve quietly assumed away — are counterfactual, diffuse and invisible. So the ubiquitous and widely deified change-management assessment loads every visible cost onto the change and credits it with none of the invisible benefits, while the status quo implicitly banks a stability it does not actually possess. The process makes doing something look more dangerous than it is, and doing nothing look safer than it is. Every single time.

And when it goes wrong — when the change you declined to implement turns out to have been the one that would have saved you — there is no investigation, no retribution, no holding-to-account. The tombstone agency only erects tombstones for changes that were made and then failed. The accident that an un-made change would have prevented leaves no wreckage to sift, no headline, no docket number. Absence of evidence and evidence of absence are remarkably different concepts. Counterfactual accidents don’t get tombstones. So the conservatism bias is never corrected by experience, because the experience that would correct it is, by construction, the one we never get to have. By definition, only those decisions taken are considered, with the decision to make No Decision given a free ride to a well-funded retirement.

So the change-management assessment carries two independent biases, and they push the same way. The baseline it measures against is not frozen but drifting; the do-nothing option it treats as free is a decision with its own uncounted consequences. Compound them and you get a process structurally incapable of doubting its own favourite verdict: that standing still is the safe choice.

The quiet irony identified in this analysis is that the ‘change management process’, as a foundational component of organisational risk control, relies on the present as its one fixed point against which change is assessed, yet the only absolute certainty in any risk assessment is that the present is precisely the world that will not survive to meet the future it is being asked to judge.

You might reasonably suppose that a diligent assessor, alert to both, could simply model the moving baseline and be done with it. You would be right to try, and wrong to relax — because the instant we project that moving world forward, a second and deeper habit takes over: the one that draws a straight line and follows it clean off the edge of the map. That is where the next instalment picks up — the straight line to infinity, and the case it finally makes for setting your minimum somewhere above ‘compliant’.

Assessing a Change Against the Right Baseline?

If your organisation is weighing a decision whose consequences will only be evident years from now, I’d welcome the conversation about how to compare the right two worlds.

Get in Touch