Addressing the ugliest risk: internal politics
Maybe it’s a taboo subject, but I can’t say I have seen it discussed very often.
Politics can be the greatest risk to the achievement of objectives, whether at the corporate level, between division heads, among managers, on projects, or from one worker to another.
I have seen it far too often:
- Hiding information
- Spreading false rumors
- Sabotaging projects by withholding people or other resources
- Failing to tell others of dangers ahead
- Duplicating efforts with competing projects
- and more
So what should we do about it?
- Recognize that internal politics, at any and every level, can be a source of risk
- Follow your risk management process (e.g., as explained in ISO 31000) to assess and determine how to treat the risk
- Be aware of the politics of dealing with the politics
- Avoid being accused of playing politics yourself by being open and taking care how you frame the issues (such as talking about availability of resources rather than people withholding resources)
- Stay alert and keep your eyes and ears open to changes in the political environment
- If this is a significant problem, talk to your champions at executive and board level about how to change the culture
I welcome your stories, comments, and opinions.
- The State of the Internal Audit Profession April 21, 2014
- Lessons Learned on the Audit Trail. A Review April 21, 2014
- How to Address the COSO Principles for Sarbanes-Oxley April 15, 2014
- Evaluating New Technology April 7, 2014
- PCAOB Board Member Clears the Air About SOX and the External Auditors March 31, 2014
- An Internal Auditor Recommended Taking More Risk March 25, 2014
- Transforming Internal Audit Through Critical Thinking March 17, 2014
- What Are the Characteristics of a World-class Risk Management Function? March 14, 2014
- Deloitte and the Risk-Intelligent Chief Audit Executive March 3, 2014
- Deloitte Suggests Finance Needs to Consider Risk in Planning, Forecasting, and More February 24, 2014
Recent Posts on this Blog
- A Rant about the GRC Pundit’s Rant
- What is effective risk management?
- The Practitioner Leader
- Missing the boat on IT and technology
- The continuing failure of the risk appetite debate to focus on desired levels of risk
- New Paper on Risk Assessment and the Audit Plan
- Risk Officers on the Front Lines of the Big Data Analytics Revolution
- New book on risk management for government decision makers
- McKinsey talks about a forward-looking board of directors
- COSO Checklists – Is your audit firm using one?
- Interesting new paper on risk culture
- Questions for the Audit Committee to ask the External Auditors in early 2014
- Understanding the COSO Frameworks
- Internal Auditors should be Brave
- ISACA releases white paper on Big Data