Strategic Risk Management – The New Requirement For Business
It is evident to all that the world as we knew it before the pandemic has changed before our eyes. And with it, how leaders need to think about strategic risk management has changed too. No one could have predicted such a shock to the way we conduct our life, and most enterprise risk management frameworks didn’t account for it either. That’s why leaders and enterprises have to completely reshape the way they think about the risk management process.
Whilst the pandemic was the catalyst of this, I believe the signs of this change occurring began as early as the early 2000s with the interconnectedness given to us by the internet and the new digital age.
Outdated enterprise-risk-management (ERM) practices have been traditionally characterized by static evaluation of risks during annual or bi-annual reviews. During these meetings, risks are usually assigned into a bi-dimensional matrix with the probability of the event occurring and the impact on the axis. Whilst this method works in principle, it doesn’t account for the velocity at which crisis might arise in today’s world, and for the time in which responses need to be deployed. Covid-19 was the perfect example of how companies cannot afford to limit themselves to check the governance box when it comes to risk management strategies but have to take a more dynamic approach if they strive to succeed in the long-term in this ever-changing environment.
Organisations need to start thinking about strategic risk management as a continuous activity that runs in harmony and synergy with the business and its operation. An agile process that feeds directly into the strategic planning of the C-Suite and ensures that risks are identified, evaluated and mitigated holistically across the business.
The objective of every risk management process is not to avoid risks, as it is a common belief, but rather to scrutinize risks and opportunities and mitigate potential downsides that could arise from them. Therefore, a proactive and continuous approach is beneficial in addressing strategic risks promptly.
Nevertheless, achieving this state is a challenge in itself, as most firms don’t have the appropriate mechanism in place to allow such a dynamic risk assessment approach. Particularly, when it comes to large organizations, ownership of decision making seems to be a limiting factor in deploying a fast-paced ERM. Empowering the workforce to make decisions is the number one enabler of an agile ERM. Without it, strategic risk management will forever be a yearly conversation unable to cater to the fast-changing opportunities and risks of today’s world.
Eventually, leaders need to realise that they are all firefighters. Their job is to make sure problems are solved and decisions are made, and every leader is a risk manager of their own.
Blog Author: Riccardo Lovo – President & Co-Founder at Impact Consulting London